SSH Agent Plugin

Skip to end of metadata
Go to start of metadata

Plugin Information

Plugin ID ssh-agent Changes In Latest Release
Since Latest Release
Latest Release
Latest Release Date
Required Core
Dependencies
1.8 (archives)
Aug 07, 2015
1.609.1
ssh-credentials (version:1.11)
credentials (version:1.22)
workflow-step-api (version:1.9)
Source Code
Issue Tracking
Pull Requests
Maintainer(s)
GitHub
Open Issues
Pull Requests
Stephen Connolly (id: stephenconnolly)
Usage Installations 2014-Aug 15037
2014-Sep 16556
2014-Oct 17998
2014-Nov 18012
2014-Dec 16439
2015-Jan 16635
2015-Feb 16793
2015-Mar 17654
2015-Apr 17579
2015-May 17593
2015-Jun 18249
2015-Jul 18880

SSH Agent Plugin

This plugin allows you to provide SSH credentials to builds via a ssh-agent in Jenkins.

Requirements

Currently all Windows nodes (including the master) on which this plugin will be used must have the Apache Tomcat Native libraries installed. As of 1.0 should be unnecessary for Unix nodes.

Configuring

First you need to add some SSH Credentials to your instance:

Jenkins | Manage Jenkins | Manage Credentials

Note that only Private Key based credentials can be used.

Then configure your build to use the credentials:

And then your build will have those credentials available, e.g.

Installation Example: MacOSX (10.7.5)

Prerequisites:

  • JDK7. The tomcat native libraries target the java 7 version.
  • APR - this seems to be preinstalled in /usr/lib/apr.

Note that tomcat itself is not needed. This works fine with winstone (just running jenkins jar from command line).

Download and extract the tomcat native library: http://tomcat.apache.org/download-native.cgi

tar -zxvf tomcat-native-1.1.XX-src.tar.gz

Build the native library:

cd tomcat-native-1.1.XX/jni/native

./configure --with-apr=/usr/bin/apr-1-config

make && sudo make install

Build the java interface:

cd ..
export JAVA_HOME=/Library/Java/JavaVirtualMachines/jdk1.7.0_17.jdk/Contents/Home

ant build

ant jar

Copy the output jar somewhere suitable for inclusion in your jenkins CLASSPATH.

Set environment variables prior to starting jenkins:

export DYLD_LIBRARY_PATH=/usr/local/apr/lib
export CLASSPATH=/path/to/tomcat-native-1.1.XX.jar
java -jar jenkins.war

Additionally, you might have to add bouncycastle to your JCE providers. If you attempt to use the plugin and get an exception like the following:

java.lang.IllegalStateException: BouncyCastle must be registered as a JCE provider

Then you may need to configure the jce provider. One way is to do this right in the JRE, so if Jenkins is using the same jdk as above, edit

/Library/Java/JavaVirtualMachines/jdk1.7.0_17.jdk/Contents/Home/jre/lib/security/java.security, and add the following line:

security.provider.11=org.bouncycastle.jce.provider.BouncyCastleProvider

Then, restart jenkins.

From there, configure using the instructions above.

Version History

Version 1.8 (2015-08-07)

Version 1.7 (2015-06-02)

Version 1.6 (2015-04-20)

  • SSH agent socket service thread shouldn't keep JVM alive.

Version 1.5 (2014-08-11)

  • Add support for multiple credentials
  • Add support for parameterized credentials

Version 1.4.2 (2014-08-11)

  • Fix for JENKINS-20276
  • WARNING: Due to classpath conflicts, this plugin will not work if 1.518 <= Jenkins Version < 1.533 (i.e. 1.518 broke it, 1.533 fixed it)

Version 1.4.1 (2013-11-08)

  • Switch from f:select to c:select so that in-place addition of credentials is supported when the credentials plugin exposes such support
  • WARNING: Due to classpath conflicts, this plugin will not work if 1.518 <= Jenkins Version < 1.533 (i.e. 1.518 broke it, 1.533 fixed it)

Version 1.4 (2013-10-08)

  • Minor improvement in exception handling
  • Minor improvement in fault reporting
  • Update JNR libraries
  • WARNING: Due to classpath conflicts, this plugin will not work if 1.518 <= Jenkins Version < 1.533 (i.e. 1.518 broke it, 1.533 fixed it)

Version 1.3 (2013-08-09)

Version 1.2 (2013-08-07)

Version 1.1 (2013-07-04)

  • If BouncyCastleProvider is not registered, try to register it ourselves anyway... this should make installation and configuration even easier.

Version 1.0 (2012-11-01)

  • Using jnr-unixsocket have been able to remove the requirement on Apache Tomcat Native for unix nodes. Likely still require the Apache Tomcat Native for Windows nodes.

Version 0.1 (2012-10-26)

  • Initial release 
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.

Add Comment