Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

how to create a slave node with username and password ?

0

Hai AWS team, my self Jeevan Kalyan. I am learning AWS DevOps. I doubt that i.e., I created two instances in AWS console 1. Jenkins and 2nd is a slave instance and I connected these two servers with SSH-keygen. After that, I opened the Jenkins dashboard with public key and then I created a node in the manage Jenkins option in that node, I gave some information like node name, root directory, Number of executors, Launch method --- In the launch method, I select launch agent with SSH. After that I saved the node Once I created that node it was not connecting due to some errors.

Enter image description here ERROR Message: SSHLauncher{host='172.31.17.124', port=22, credentialsId='ubuntu', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=60, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.NonVerifyingKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true} [07/15/24 14:47:42] [SSH] Opening SSH connection to 172.31.17.124:22. [07/15/24 14:47:42] [SSH] WARNING: SSH Host Keys are not being verified. Man-in-the-middle attacks may be possible against this connection. [07/15/24 14:47:42] [SSH] Authentication failed. Authentication failed. [07/15/24 14:47:42] Launch failed - cleaning up connection [07/15/24 14:47:42] [SSH] Connection closed.

Can u please help me to solve my problem?

Thanks in advance

Topics
Compute
Tags
Amazon EC2
Language
English
asked 2 years ago310 views
3 Answers
0
Accepted Answer

You need to login to the worker node (slave) as the user that Jenkins will connect via SSH. Then cd ~/.ssh and edit or create the authorized_keys file. In this file, place the Public Key for the ssh key that Jenkins will be connecting with.

Once you have done this, you can test the connection for the primary node to the worker.

Background documentation on SSH based auth. https://www.digitalocean.com/community/tutorials/how-to-configure-ssh-key-based-authentication-on-a-linux-server

Hope this helps!

AWS
EXPERT
answered 2 years ago
EXPERT
reviewed 2 years ago
0

Enter image description here Hai AWS team, sorry to say this I know how to login a node with ssh username with private key, but I want to know how to create a node with username and password in launch method. when we add credentials to node it got errors like ERROR MESSAGE: SSHLauncher{host='172.31.35.194', port=22, credentialsId='1428b6e5-99f2-4e2a-ae28-b2fb098d3ac2', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=60, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.ManuallyTrustedKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true} [07/17/24 10:30:03] [SSH] Opening SSH connection to 172.31.35.194:22. [07/17/24 10:30:03] [SSH] SSH host key matches key seen previously for this host. Connection will be allowed. [07/17/24 10:30:03] [SSH] Authentication failed. Authentication failed. [07/17/24 10:30:03] Launch failed - cleaning up connection [07/17/24 10:30:03] [SSH] Connection closed. this is my error message Enter image description here

thanks in advance

answered 2 years ago
  • Behrens, Isaac EXPERT
    2 years ago

    I would not recommend using password based authentication for SSH.

    However, I would start with logging into the worker, and set a password for the user that Jenkins will be connecting with.

    sudo passwd <jenkins user>

    Then edit /etc/ssh/sshd_config and change the line for PasswordAuthentication no to PasswordAuthentication yes.

    Restart SSH sudo systemctl restart sshd.service and then retry the connection from Jenkins.

0

hi

Verify SSH Credentials:

Double-check the username and private key associated with the "ubuntu" credential in Jenkins. Ensure the private key has the correct permissions (usually 600). You can check with ls -l ~/.ssh/id_rsa (replace id_rsa if your key filename is different) on the slave and adjust permissions with chmod 600 ~/.ssh/id_rsa if needed. Consider using a more secure authentication method like key pairs instead of username/password.

Enable SSH Key Verification:

Highly Recommended: Change the sshHostKeyVerificationStrategy to a more secure option like hudson.plugins.sshslaves.verifiers.KnownHostsFileVerificationStrategy. This verifies the slave's SSH fingerprint against a known_hosts file on the master, ensuring you're connecting to the intended server. If you must stick with non-verification for now (not recommended for production): Be very cautious about potential security risks. Manually verify the slave's SSH fingerprint on the master using ssh-keyscan <slave_ip> and add it to the ~jenkins/.ssh/known_hosts file on the master.

Check Firewall Rules:

Ensure both the master's and slave's security groups allow SSH traffic (port 22) between them.

Test SSH Manually:

Try connecting to the slave from the master using a basic SSH command (e.g., ssh -i ~/.ssh/id_rsa ubuntu@172.31.17.124) to isolate the issue. If this works, the problem likely lies in the Jenkins slave configuration.

Review Jenkins Logs:

Check the Jenkins logs for more detailed error messages that might provide further clues.

https://medium.com/@aika.nazhimidinova/configure-jenkins-agents-4d44d9c17a62

EXPERT
answered 2 years ago
EXPERT
reviewed 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content