jekins创建ssh_如何为jenkins设置ssh密钥以通过ssh发布

Jenkins requires a certificate to use the ssh publication and ssh commands. It can be configured under "manage jenkins" -> "Configure System"-> "publish over ssh".

The question is: How does one create the certificates?

I have two ubuntu servers, one running Jenkins, and one for running the app.

Do I set up a Jenkins cert and put part of it on the deployment box, or set up a cert on the deployment box, and put part of it on Jenkins? Does the cert need to be in the name of a user called Jenkins, or can it be for any user? We don't have a Jenkins user on the development box.

I know there are a number of incompatible ssh types, which does Jenkins require?

Has anyone found a guide on how to set this all up (how to generate keys, where to put them etc.)?

解决方案

You will need to create a public/private key as the Jenkins user on your Jenkins server, then copy the public key to the user you want to do the deployment with on your target server.

Step 1, generate public and private key on build server as user jenkins

build1:~ jenkins$ whoami

jenkins

build1:~ jenkins$ ssh-keygen

Generating public/private rsa key pair.

Enter file in which to save the key (/var/lib/jenkins/.ssh/id_rsa):

Created directory '/var/lib/jenkins/.ssh'.

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /var/lib/jenkins/.ssh/id_rsa.

Your public key has been saved in /var/lib/jenkins/.ssh/id_rsa.pub.

The key fingerprint is:

[...]

The key's randomart image is:

[...]

build1:~ jenkins$ ls -l .ssh

total 2

-rw------- 1 jenkins jenkins 1679 Feb 28 11:55 id_rsa

-rw-r--r-- 1 jenkins jenkins 411 Feb 28 11:55 id_rsa.pub

build1:~ jenkins$ cat .ssh/id_rsa.pub

ssh-rsa AAAlskdjfalskdfjaslkdjf... jenkins@myserver.com

Step 2, paste the pub file contents onto the target server.

target:~ bob$ cd .ssh

target:~ bob$ vi authorized_keys (paste in the stuff which was output above.)

Make sure your .ssh dir has permissoins 700 and your authorized_keys file has permissions 644

Step 3, configure Jenkins

In the jenkins web control panel, nagivate to "Manage Jenkins" -> "Configure System" -> "Publish over SSH"

Either enter the path of the file e.g. "var/lib/jenkins/.ssh/id_rsa", or paste in the same content as on the target server.

Enter your passphrase, server and user details, and you are good to go!