Jenkins: Failed to connect to repository
I had the exact same problem. The way I solved it on Mac is this:
- Switch to jenkins user (sudo -iu jenkins)
- Run: ssh-keygen (Note - You are creating ssh key pairs for jenkins user now. You should see something like this : Enter file in which to save the key (/Users/Shared/Jenkins/.ssh/id_rsa):
- Keep pressing Enter for default value till end
- Run the command showing in the Jenkins error message, on your teminal (eg : "git ls-remote -h [email protected]:adolfosrs/jenkins-test.git HEAD")
- You will be asked if you want to continue. Say yes
- The Github repo will be added to your known_hosts file in : /Users/Shared/Jenkins/.ssh/
- Go back to Jenkins portal and try your Github SSH url
- It should work. Good Luck
I faced a similar issue when I tried to connect jenkins in my Windows server with my private GIT repo. Following is the error returned in the source code management section of Jenkins job
Failed to connect to repository : Command "git.exe ls-remote -h ssh://git@my_server/repo.git HEAD" returned status code 128: stdout: stderr: Load key "C:\Windows\TEMP\ssh4813927591749610777.key": invalid format git@my_server: Permission denied (publickey). fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository exists.
This error is thrown because jenkins is not able to pick the private ssh key from its user directory. I solved this in the following manner
Step 1
In the jenkins job, fill up the following info under Source Code Management
Repositories
Repository URL: ssh://git@my_server/repo.git
Credentials: -none-
Step 2
In my setup jenkins is running under local system account, so the user directory is C:\Windows\System32\config\systemprofile (This is the important thing in this setup that is not very obvious).
Now create ssh private and public keys using ssh-keygen -t rsa -C "key label" via git bash shell. The ssh private and public keys go under .ssh directory of your logged in user directory. Just copy the .ssh folder and paste it under C:\Windows\System32\config\systemprofile
Step 3
Add your public key to your GIT server account. Run the jenkins job and now you should be able to connect to the GIT account via ssh from jenkins.
The problem was that somehow I created the ssh files with the root user. So the files owner was root.
The solution was just change the ownership to the jenkins user.
chown jenkins id_rsa.pub
chown jenkins id_rsa
This is a very tricky issue - even if you're familiar with how things are working in https with certificates (OTOH if you see my workaround, it seems very logical :)
If you want to connect to a GIT repository via http(s) from shell, you would make sure to have the public certificate stored (as file) on your machine. Then you would add that certificate to your GIT configuration
git config [--global] http.sslCAInfo "certificate"
(replace "certificate" with the complete path/name of the PEM file :)
For shell usage you would as well e.g. supply a '.netrc' provding your credentials for the http-server login. Having done that, you shall be able to do a 'git clone https://...' without any interactive provisioning of credentials.
However, for the Jenkins-service it's a bit different ... Here, the jenkins process needs to be aware of the server certificate - and it doesn't use the shell settings (in the meaning of the global git configuration file '.gitconfig') :P
What I needed to do is to add another parameter to the startup options of Jenkins.
... -Djavax.net.ssl.trustStore="keystore" ...
(replace "keystore" with the complete path/name like explained below :)
Now copy the keystore file of your webserver holding the certificate to some path (I know this is a dirty hack and not exactly secure :) and refer to it with the '-Djavax.net.ssl.trustStore=' parameter.
Now the Jenkins service will accept the certificate from the webserver providing the repository via https. Configure the GIT repository URL like
https://yourserver.com/your-repositorypath
Note that you still require the '.netrc' under the jenkins-user home folder for the logon !!! Thus what I describe is to be seen as a workaround ... until a properly working credentials helper plugin is provided. IMHO this plugin (in its current version 1.9.4) is buggy.
I could never get the credentials-helper to work from Jenkins no matter what I tried :( At best I got to see some errors about the not accessible temporary credential helper file, etc. You can see lots of bugs reported about it in the Jenkins JIRA, but no fix.
So if somebody got it to work okay, please share the knowledge ...
P.S.: Using the Jenkins plugins in the following versions:
Credentials plugin 1.9.4, GIT client plugin 1.6.1, Jenkins GIT plugin 2.0.1