I realize this may be more of a GitHub question, but I’m confused about how to set up Jenkins to be able to pull from GitHub. I see older instructions for using SSH keys (add deploy key in GitHub for project, add private key in Credentials Manager in Jenkins, use that credential with SSH link to project). However, that doesn’t work. I get an error about “No ECDSA host key”. I saw another post explaining that GitHub no longer allows “git” url connections and that I must use HTTPS, but if I switch the Repository URL in the Jenkins project to the https link, that also doesn’t work, “stderr: remote: Support for password authentication was removed”. The GitHub page that explains the policy change isn’t clear to me in terms of how to get things working with the new restrictions.
“it doesn’t work” is always hard to remote debug. Try to always include these 3 things.
- what did you try? (Code samples, command lines, screenshots, videos, etc)
- what did happen? (Error messages, description, outputs, stuff)
- what did you expect to happen?
Otherwise, it’s hard for us to get into your context and you’ll have to have someone who is exactly knowledgeable come along.
I think you want to use a personal access token (Sign in to GitHub · GitHub) instead of your password.
yes, git://github.com no longer works, you need to use ssh (git@github.com:repo) or https
Sorry, maybe I misunderstood what is no longer supported in GitHub. If I go to a code repository in GitHub, click on the button for “code”, click on the tab for SSH, should that link work for pulling from Jenkins? If yes, that is what I originally tried, but I get an error about No ECDSA host key. That is, I’m using a link like git@github.com:company/repo.git
I did reference the high-level steps, but in more detail…
- ran ssh-keygen to create public/private key
- went to github, to the rpo I want to be able to pull from, went to settings and deployment keys.
- added a deploy key with value of the public key
- went into Jenkins, manage, credentials.
- for Jenkins credential, global, added new ssh credential and pasted in the private key
- went to jenkins project, configuration
- for source code management, added the github ssh link and selected the jenkins credentials
At this point, see an error about ECDSA.
Network guy provided the answer. I had to run the following command on the Jenkins server, as the Jenkins user, to get a proper known_hosts file.
ssh -T git@github.com
After this, restarted Jenkins and it worked fine.
yea, for future people, thats either GitHub's SSH key fingerprints - GitHub Docs or ssh-keyscan -t rsa github.com in your known_hosts file (typically system wide in /etc/ssh)
I’m sorry I should have spotted it easier, but I saw all the comments about depreciated things and got lost.
Two host keys for github.com are included in the host key verification section of the git client plugin documentation.