如何为 jenkins 设置 ssh 密钥以通过 ssh 发布 [英] how to setup ssh keys for jenkins to publish via ssh
问题描述
Jenkins 需要证书才能使用 ssh 发布和 ssh 命令.可以在manage jenkins"下配置->配置系统"->通过 ssh 发布".
Jenkins requires a certificate to use the ssh publication and ssh commands. It can be configured under "manage jenkins" -> "Configure System"-> "publish over ssh".
问题是:如何创建证书?
The question is: How does one create the certificates?
我有两台 ubuntu 服务器,一台运行 Jenkins,另一台用于运行应用程序.
I have two ubuntu servers, one running Jenkins, and one for running the app.
我是设置一个 Jenkins 证书并将其一部分放在部署框上,还是在部署框上设置一个证书,然后将其一部分放在 Jenkins 上?证书是否需要以名为 Jenkins 的用户的名义,还是可以用于任何用户?我们的开发箱上没有 Jenkins 用户.
Do I set up a Jenkins cert and put part of it on the deployment box, or set up a cert on the deployment box, and put part of it on Jenkins? Does the cert need to be in the name of a user called Jenkins, or can it be for any user? We don't have a Jenkins user on the development box.
我知道有许多不兼容的 ssh 类型,Jenkins 需要哪些类型?
I know there are a number of incompatible ssh types, which does Jenkins require?
有没有人找到有关如何设置这一切的指南(如何生成密钥、将它们放在哪里等)?
Has anyone found a guide on how to set this all up (how to generate keys, where to put them etc.)?
推荐答案
您需要在您的 Jenkins 服务器上以 Jenkins 用户的身份创建一个公钥/私钥,然后将公钥复制给您要进行部署的用户在您的目标服务器上.
You will need to create a public/private key as the Jenkins user on your Jenkins server, then copy the public key to the user you want to do the deployment with on your target server.
第一步,以用户jenkins
build1:~ jenkins$ whoami
jenkins
build1:~ jenkins$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/var/lib/jenkins/.ssh/id_rsa):
Created directory '/var/lib/jenkins/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /var/lib/jenkins/.ssh/id_rsa.
Your public key has been saved in /var/lib/jenkins/.ssh/id_rsa.pub.
The key fingerprint is:
[...]
The key's randomart image is:
[...]
build1:~ jenkins$ ls -l .ssh
total 2
-rw------- 1 jenkins jenkins 1679 Feb 28 11:55 id_rsa
-rw-r--r-- 1 jenkins jenkins 411 Feb 28 11:55 id_rsa.pub
build1:~ jenkins$ cat .ssh/id_rsa.pub
ssh-rsa AAAlskdjfalskdfjaslkdjf... jenkins@myserver.com
第 2 步,将 pub 文件内容粘贴到目标服务器上.
Step 2, paste the pub file contents onto the target server.
target:~ bob$ cd .ssh
target:~ bob$ vi authorized_keys (paste in the stuff which was output above.)
确保您的 .ssh 目录具有 700 权限,并且您的 authorized_keys 文件具有 644 权限
Make sure your .ssh dir has permissoins 700 and your authorized_keys file has permissions 644
第三步,配置Jenkins
Step 3, configure Jenkins
- 在 jenkins 网络控制面板中,导航到管理 Jenkins"->配置系统"->通过 SSH 发布"
- 或者输入文件的路径,例如var/lib/jenkins/.ssh/id_rsa",或粘贴与目标服务器上相同的内容.
- 输入您的密码、服务器和用户详细信息,一切顺利!
这篇关于如何为 jenkins 设置 ssh 密钥以通过 ssh 发布的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
