I am using the SSH Pipeline Steps plugin within a Jenkins pipeline. Here is an example of my code:
def appServer1 = [name: “DEV”, host:“xxxxxx”, allowAnyHosts: true]
pipeline {
agent any
stages {
stage (“Which OS release?”) {
steps {
script {
withCredentials(credentialsId:“CRED”, keyFileVariable:“sshKey”, usernameVariable:“sshUser”) {
appServer1.user = sshUser
sh "cp " + sshKey + “${WORKSPACE}/private_key”
appServer1.identityFile = “${WORKSPACE}/private_key”
}
}
sshCommand(remote: appServer1, command: “cat /etc/os-release”)
}
}
}
}
where CRED is a set of credentials created in the Dashboard containing the private part of the SSH key
This setup works perfectly when the ‘appServer’ OS is RHEL 8 but recently I updated the OS to RHEL 9 and it only works when I invoke SSH directly from the command line, i.e. not through Jenkins. Now the sshCommand line results in an error of:
com.jcraft.jsch.JSchException: Auth Fail
at com.jcraft.jsch.Session.connect(Session.java:519)
…
I think the RSA encryption is the issue as the /var/log/secure log on ‘appServer1’ reports
key type ssh-rsa not in PubkeyAcceptedAlgorithms
I have therefore tried using public-private SSH key pairs generated using all the other forms of encryption (DSA, ECDSA, ED25519, etc) but they result in an error message of:
com.jcraft.jsch.JSchException: invalid privatekey: [B@Sffa0e74
at com.jcraft.jsch.KeyPair.load(KeyPair.java:664)
…
Any ideas how to change the encryption method that the SSH Pipeline Steps plugin uses?? Or if there is some other reason why this solution does not work on RHEL 9 when it was fine on RHEL 8???