Good afternoon.
I am testing in a freestyle job, connecting to a Linux machine which I manage, I have problems with the connection.
I have tried everything in my script, could you please tell me what is the correct way to connect against Linux and Windows from Jenkins?
The main idea, which I am first testing in development, is to copy .war files from a previous build of another pipeline to the Linux machine, previously stopping Tomcat, deleting the old files, and starting Tomcat again.
Thanks !!!
script
#!/bin/bash
# Variables
BUILD_NUMBER="8" # Reemplazar con el nĂşmero de versiĂłn de la Pipeline 1
ZIP_DIR="/opt/20240111/"
REMOTE_SERVER="xxxxxxx"
REMOTE_USER="xxxxxxxx"
REMOTE_PASS="xxxxxxxx"
REMOTE_TOMCAT_DIR="/opt/tomcat9"
WEBAPPS_DIR="$REMOTE_TOMCAT_DIR/webapps"
APP_NAME="xxxxxx"
# Copy ZIP files to remote server
scp "$ZIP_DIR/WAR1-$BUILD_NUMBER*.zip" "$ZIP_DIR/WAR2-$BUILD_NUMBER*.zip" "$REMOTE_USER@$REMOTE_SERVER:/opt/tomcat9/webapps"
# Wait for the copy to finish before continuing
wait
# Connect to remote server and run commands
sshpass -p "$REMOTE_PASS" ssh -o StrictHostKeyChecking=no -t -t "$REMOTE_USER@$REMOTE_SERVER" << EOF
# Stop Tomcat
$REMOTE_TOMCAT_DIR/bin/shutdown.sh
# Delete old WARs and associated directories
find "$WEBAPPS_DIR" -maxdepth 1 -type d -name "$APP_NAME*" ! -name "ROOT" ! -name "host-manager" ! -name "manager" -exec rm -rf {} \;
# Unzip new ZIP files
unzip -q "$WEBAPPS_DIR/WAR1-$BUILD_NUMBER*.zip" -d "$WEBAPPS_DIR/"
unzip -q "$WEBAPPS_DIR/WAR2-$BUILD_NUMBER*.zip" -d "$WEBAPPS_DIR/"
# Start Tomcat
$REMOTE_TOMCAT_DIR/bin/startup.sh
EOF
I see you are trying to copy out to $REMOTE_USER:$REMOTE_SERVER; but the password isn’t passed thru, which would suggest to me that you are going to get the Perm Denied. Reference to .ssh/id_rsa would suggest that the box is trying to run the script unattended.
Can you confirm if the .zip files are copied to the destination? If you were to run the commands at Command Line, the user should be prompted for the password, but that doesn’t happen in the Jenkins Scripts. You can look up how to set up unattended access: .ssh/id_rsa as your research point.
Thanks for your answer.
No, it does not copy anything or do any action on the tomcat, authentication fails.
I have been having this problem for a long time, I don’t know what is the correct way to log in from Jenkins against a Linux…
Thanks for the help.
scp is basically copying files over ssh. So you will need to provide either an ssh key or username/password to the command. Either way you should provide this via credentials in Jenkins and not store these things directly in the script
Probably using the ssh-agent-plugin is the best approach here
Hi Markus.
Indeed, I have added the ssh-agent plugin and add the credentials from there.
I have also modified my script and removed the credentials part since it now does it from the plugin.
I am encountering the following error.
the ssh-agent-plugin will not open ssh connections for you. It will just allow you to inject passwords and ssh keys to an ssh based command.
Afaik $REMOTE_TOMCAT_DIR/bin/shutdown.sh should run on the remote machine so this can’t be before the scp command and needs to stay in the sshpass command as it was before.
Thanks Markus.
with the script as at the beginning plus the credentials in ssh-agent plugin it gives me this error…
(The credentials are correct, I also attach a screenshot of the log of the machine I am trying to connect to, I don’t understand anything…)
Once again thanks for the response Markus.
If they are correct, I log in directly to the target machine via SSH with those credentials… hence my confusion with this issue.
Thank you.
I’m returning to this thread, since I don’t understand how it can be so complicated to connect Jenkins against any server I manage. A task as simple as telling Jenkins to connect via SSH becomes enormously complicated.
I attach screenshots of how the credentials are correct, since I connect directly from the console via SSH to the remote server.
But then in the second image, with the same credentials, it gives me an authentication error.
Thank you so much.
Hi Marc
Already on the verge of “despair” I have gone back to review the thread… (I am very surprised how in such a large forum about Jenkins, no one can shed light on something, I understand, everyday in Jenkins, like connecting to a linux machine or windows, but well that’s another topic…) and what you said “You can look up how to set up unattended access: .ssh/id_rsa as your research point”… I think it’s the solution.
Searching the internet, I found this: "After Jenkins upgrade to 2.412 the rsa keys are not working and the plugin file transfer over ssh is not working. To get that working generate the ecdsa ssh keys
ssh-keygen -t ecdsa -m PEM -f key_name"
What I have done is generate a key pair on the Jenkins server, and copy the public key to the remote server.
Using the SSH_Agent plugin, I add the credentials of the remote server, plus the private key of the Jenkins server.
I no longer get the PERMISSION DENIED error…even looking at the logs of the remote server, I am not able to establish the connection either…
Thank you very much Marc for your quick response as always, but it is not what I need. The example deals with the connection with Git-hub, and although it may be useful as well, it is not the case.
I am trying to connect to a Linux machine, which I have a tomcat and I need to deploy an application on it.
What I don’t understand, and I say it with a good tone, is how no one is able to tell me in a simple and clear way, how to connect Jenkins with Linux or Windows machines… it is assumed that all of us here use Jenkins more or less For the same thing, which is, deploying code or applications, how do they connect here with a remote Linux or Windows machine to deliver the code that is compiled?..
In your case, how do you do it?
I say again, thank you very much for your response and your desire to help.
Greetings.
I assume you use a freestyle job
Maybe you can post the shell script you’re currently using here again.
But from the last output you posted it might be that some executable is missing which makes ssh-agent fail to add the ssh key.
I assume your ssh key has a password and when the ssh-agent tries to retrieve the password something is failing.
Can you post a screenshot of the job config for the ssh-agent part
Also the link that @mwp565733 mentioned fits very well to your problem it is exactly the same error message that you see. So you should check your credential in Jenkins that it contains the private key you created and not the public key.
Thank you very much Markus, your help is greatly appreciated.
Right, I’m in a Job freestyle, and my current script is this…
You will see that now the sshpass is commented since I use the credentials from the SSH-Agent plugin
#!/bin/bash
# Variables
BUILD_NUMBER="8" # Reemplazar con el nĂşmero de versiĂłn de la Pipeline 1
ZIP_DIR="/opt/20240111/"
REMOTE_SERVER="xxx.xxx.xxx.232"
REMOTE_USER="xxx"
REMOTE_PASS="xxxxxxx"
REMOTE_TOMCAT_DIR="/opt/tomcat9"
WEBAPPS_DIR="$REMOTE_TOMCAT_DIR/webapps"
APP_NAME="click"
# Copy ZIP files to remote server
scp -o StrictHostKeyChecking=no "$ZIP_DIR/WAR1-$BUILD_NUMBER*.zip" "$ZIP_DIR/WAR2-$BUILD_NUMBER*.zip" "$REMOTE_USER@$REMOTE_SERVER:/opt/tomcat9/webapps/"
# Connect to remote server and run commands
#sshpass -p "$REMOTE_PASS" ssh -o StrictHostKeyChecking=no "$USERNAME@$REMOTE_SERVER" << EOF
# Stop Tomcat
$REMOTE_TOMCAT_DIR/bin/shutdown.sh
# Delete old WARs and associated directories
rm -rf "$WEBAPPS_DIR/$APP_NAME"*
# Unzip new ZIP files
unzip -q "$WEBAPPS_DIR/WAR1-$BUILD_NUMBER*.zip" -d "$WEBAPPS_DIR/"
unzip -q "$WEBAPPS_DIR/WAR2-$BUILD_NUMBER*.zip" -d "$WEBAPPS_DIR/"
# Start Tomcat
$REMOTE_TOMCAT_DIR/bin/startup.sh
EOF
Thank you.
I have not considered this option, I honestly don’t know how to create a Jenkins agent… but of course it is possible if this makes things easier, all the application servers are managed by me.
