If you are setting up multiple certificates to connect to Bitbucket from a single Jenkins instance, the first key will end up as the default private/public key (for example, id_rsa is already associated with “bitbucket.org”), so you need to use an alias (bitbucket-username). The process is well documented – Configure multiple SSH identities for GitBash, Mac OSX, & Linux.
- Create private/public key pair as jenkins using a passphrase.
- Added the public key to bitbucket.
- Added this to /var/lib/jenkins/.ssh/config:
Host bitbucket-username HostName bitbucket.org User git IdentityFile /var/lib/jenkins/.ssh/id_rsa_username
The ssh url
- Original URL
- git@bitbucket.org:accountname/reponame.git
- New URL
- git@alias:accountname/reponame.git
- git@bitbucket-username:accountname/reponame.git
In this scenario, every time I ssh into Bitbucket using the jenkins user, I am prompted to enter the passphrase. The ssh-agent comes into picture to save this passphrase and use ssh without being prompted every time.
- Couple of resources for ssh-agent and all that:
- http://joncairns.com/2013/12/understanding-ssh-agent-and-ssh-add/
- https://github.com/funtoo/keychain
The Jenkins SSH Agent Plugin solves this problem..