0

I want to connect from Jenkins agent to remote server via SSH and execute the commands. Exactly like said here:

sshagent (credentials: ['deploy-dev']) {
    sh 'ssh -o StrictHostKeyChecking=no -l cloudbees 192.168.1.106 uname -a'
  }

But in example I see that they mention credentials from Jenkins and in the command again uses login: "-l cloudbees".

So my question is the following: what "credentials: ['deploy-dev']" is used for then?

Vadim Kotov
  • 8,084
  • 8
  • 48
  • 62
Michael A.
  • 1,071
  • 12
  • 21

1 Answers1

1

Well, answering my own question :-)

SSH client needs credentials to connect to remote SSH daemon. Usually, they are either user/password or private SSH-key. What if you don't have neither of them at runtime moment?

This is what Jenkins Pipeline does:

  1. It starts ssh-agent on Jenkins slave node. This is daemon that is listening for Unix-socket (this socket is stored in $SSH_AUTH_SOCK variable).
  2. Then it adds (ssh-add) these credentials ('deploy-dev') to the running ssh-agent. Next time, when you run command (in our case this is "ssh -l cloudbees 192.168.1.106" it fetches private SSH-key from ssh-agent

So eventually it will connect as user cloudbees but key will be fetched from ssh-agent. If you use plain credentials - maybe -l cloudbees is not needed at all. Not sure.

Some useful link at your service.

Michael A.
  • 1,071
  • 12
  • 21