Join Log in
Score:0
Human avatar Server

How to configure jenkins-agent to allow ssh via password?

cn flag
Human

I am trying to add a jenkins agent running Rocky Linux 8.

How do I configure an jenkins-agent to allow ssh connection from the jenkins-controller via password?

I did the following steps on the new agent:

  • install openssh-server
  • create user with the password I want to use
  • create ssh keys
  • password authentications was enabled by default at /etc/sshd/sshd_config

On the jenkins-controller I configured the node to:

  • launch agents via SSH
  • have credentials that match the configured user in the jenkins agent

I get the following error when I launch the agent from jenkins-web-UI:

ERROR: Unexpected error while trying to authenticate as jenkins-slave with credential=some-ID-111d-222e-33c44fg7h556
java.io.IOException: Password authentication failed.
    at com.trilead.ssh2.auth.AuthenticationManager.authenticatePassword(AuthenticationManager.java:404)
    at com.trilead.ssh2.Connection.authenticateWithPassword(Connection.java:340)
    at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPasswordAuthenticator.doAuthenticate(TrileadSSHPasswordAuthenticator.java:115)
    at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:431)
    at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:468)
    at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:886)
    at hudson.plugins.sshslaves.SSHLauncher$1.call(SSHLauncher.java:434)
    at hudson.plugins.sshslaves.SSHLauncher$1.call(SSHLauncher.java:421)
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at java.lang.Thread.run(Thread.java:748)
Caused by: java.io.IOException: The connection is closed.
    at com.trilead.ssh2.auth.AuthenticationManager.deQueue(AuthenticationManager.java:72)
    at com.trilead.ssh2.auth.AuthenticationManager.getNextMessage(AuthenticationManager.java:100)
    at com.trilead.ssh2.auth.AuthenticationManager.authenticatePassword(AuthenticationManager.java:379)
    ... 11 more
Caused by: java.io.IOException: Cannot read full block, EOF reached.
    at com.trilead.ssh2.crypto.cipher.CipherInputStream.getBlock(CipherInputStream.java:81)
    at com.trilead.ssh2.crypto.cipher.CipherInputStream.read(CipherInputStream.java:108)
    at com.trilead.ssh2.transport.TransportConnection.receiveMessage(TransportConnection.java:232)
    at com.trilead.ssh2.transport.TransportManager.receiveLoop(TransportManager.java:706)
    at com.trilead.ssh2.transport.TransportManager$1.run(TransportManager.java:502)
    ... 1 more

Any Idea why it fails?

EDIT I found that under /etc/pam.d/sshd there is the line session required pam_nologin.so. When I change that to optional I can login via ssh with a non-root user.

354
0 + 0
ssh
pam
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.