如何设置ssh密钥以供jenkins通过ssh发布 [英] how to setup ssh keys for jenkins to publish via ssh

问题描述

Jenkins需要使用证书才能使用 ssh 发布和 ssh 命令.可以在"manage jenkins" -> "Configure System"-> "publish over ssh"下对其进行配置.

Jenkins requires a certificate to use the ssh publication and ssh commands. It can be configured under "manage jenkins" -> "Configure System"-> "publish over ssh".

问题是:如何创建证书?

The question is: How does one create the certificates?

我有两台ubuntu服务器，一台运行Jenkins，一台用于运行应用程序.

I have two ubuntu servers, one running Jenkins, and one for running the app.

我是否设置了Jenkins证书并将其一部分放置在部署箱中，还是将证书设置在部署箱中并将其一部分放置在Jenkins上?证书是否需要使用名为Jenkins的用户名，还是可以用于任何用户?我们的开发箱上没有Jenkins用户.

Do I set up a Jenkins cert and put part of it on the deployment box, or set up a cert on the deployment box, and put part of it on Jenkins? Does the cert need to be in the name of a user called Jenkins, or can it be for any user? We don't have a Jenkins user on the development box.

我知道有很多不兼容的ssh类型，詹金斯需要这些吗?

I know there are a number of incompatible ssh types, which does Jenkins require?

有没有人找到有关如何进行全部设置的指南(如何生成密钥，将密钥放置在何处等)?

Has anyone found a guide on how to set this all up (how to generate keys, where to put them etc.)?

推荐答案

您将需要在Jenkins服务器上以Jenkins用户身份创建公钥/私钥，然后将公钥复制到您要进行部署的用户在您的目标服务器上.

You will need to create a public/private key as the Jenkins user on your Jenkins server, then copy the public key to the user you want to do the deployment with on your target server.

步骤1，以用户jenkins

build1:~ jenkins$ whoami
jenkins
build1:~ jenkins$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/var/lib/jenkins/.ssh/id_rsa): 
Created directory '/var/lib/jenkins/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /var/lib/jenkins/.ssh/id_rsa.
Your public key has been saved in /var/lib/jenkins/.ssh/id_rsa.pub.
The key fingerprint is:
[...] 
The key's randomart image is:
[...]
build1:~ jenkins$ ls -l .ssh
total 2
-rw-------  1 jenkins  jenkins  1679 Feb 28 11:55 id_rsa
-rw-r--r--  1 jenkins  jenkins   411 Feb 28 11:55 id_rsa.pub 
build1:~ jenkins$ cat .ssh/id_rsa.pub
ssh-rsa AAAlskdjfalskdfjaslkdjf... jenkins@myserver.com

第2步，将发布文件的内容粘贴到目标服务器上.

Step 2, paste the pub file contents onto the target server.

target:~ bob$ cd .ssh
target:~ bob$ vi authorized_keys (paste in the stuff which was output above.)

确保您的.ssh目录具有权限700，并且您的authorized_keys文件具有权限644

Make sure your .ssh dir has permissoins 700 and your authorized_keys file has permissions 644

第3步，配置Jenkins

Step 3, configure Jenkins

1. 在jenkins Web控制面板中，导航到管理Jenkins"->配置系统"->通过SSH发布"
2. 输入文件的路径，例如"var/lib/jenkins/.ssh/id_rsa"，或粘贴与目标服务器上相同的内容.
3. 输入您的密码，服务器和用户详细信息，就可以了！

这篇关于如何设置ssh密钥以供jenkins通过ssh发布的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！