It's all about the answers!

Ask a question

Unable to passwordless ssh via RTC build definition


Ananya Joisa (4552024) | asked Sep 10 '13, 3:43 p.m.
retagged Sep 16 '13, 8:24 a.m. by Ralph Earle (25738)
Hi All,

I have defined build definition say BD1, in my repository workspace. Via BD1 I am trying to execute the command "ssh -t -t someMachine hello.pl". That is passwordless ssh to the machine and run hello.pl. Passwordless ssh is already setup for the id. When I run the xml associated with BD1 manually, the script runs successfully giving the output
RequestBuild:
     [exec] Hello!
     [exec] Connection to someMachine closed.

But when I run this xml via BD1, I see the following error. Not sure why it is not running via the RTC
     [exec] Permission denied, please try again.
     [exec] Permission denied, please try again.
     [exec] Permission denied (publickey,password,keyboard-interactive).
     [exec] Result: 255

Please guide. Thanks.
Ananya

3 answers



permanent link
Nick Edgar (6.5k611) | answered Sep 10 '13, 4:54 p.m.
JAZZ DEVELOPER
edited Sep 10 '13, 4:56 p.m.
Hi Ananya, when you run a build using JBE, it runs on the machine running the JBE process, which may be different than the developer's machine or the RTC server machine.  Can you please clarify which machine you're using when you test it manually?

Another difference is that when running is that we close the target process's stdin, to avoid it blocking on JBE if it asks for input.  Maybe ssh doesn't like this.

permanent link
Ananya Joisa (4552024) | answered Sep 11 '13, 12:59 a.m.
Thanks Nick. The source machine is an ISL machine which we have reserved for testing. I have the btv home directory and user id setup in this machine, so that it acts like any other btv machine. My RTC server is installed and running in the same machine. The destination is also a btv machine.  Very strangely, the passwordless ssh had run successfully via the build definition just once among all the many tries I did. Not sure how!

2013-08-26 16:33:27 [Jazz build engine] running on host: islrpbeipl76.in.ibm.com
2013-08-26 16:33:27 [Jazz build engine] Should build occur?
2013-08-26 16:33:27 [Jazz build engine] Yes: Always build a user initiated request.
2013-08-26 16:33:27 [Jazz build engine] Invoking build participant "com.ibm.team.build.ant"
Buildfile: /TKPV/buildPDS.xml

RequestBuild:
     [exec] Hello!
     [exec] Connection to btvedacron01.btv.ibm.com closed.

     BUILD SUCCESSFUL
     Total time: 12 seconds

About the second difference that you have mentioned, in that case manually running the xml manually should also fail right? Just guessing, not sure.

Thank you!

Comments
Ananya Joisa commented Sep 11 '13, 1:02 a.m. | edited Sep 11 '13, 7:55 a.m.

FYI,

This is the code in the xml which is failing to run via the build definition in RTC. But runs successfully when invoked manually.

<project name="project" default="RequestBuild">
        <target name="RequestBuild">
                <exec executable="ssh">
                        <arg value="-t"/>
                        <arg value="-t"/>
                        <arg value="btvedacron01.btv.ibm.com"/>
                        <arg value="hello.pl"/>
                </exec>
               </target>
</project>


Nick Edgar commented Sep 11 '13, 7:53 a.m.
JAZZ DEVELOPER

Can you try adding -n ? " Redirects stdin from /dev/null (actually, prevents reading from stdin)."  Maybe -v too (or multiple -v's) to get more details. 


permanent link
Ananya Joisa (4552024) | answered Sep 12 '13, 7:39 a.m.
Hi Nick, I tried adding the -n option but I got the same error. I also, added the -v option for verbose and in the debug statements that I see, the main difference is :

running xml manually :
     [exec] debug1: Reading configuration data /afs/btv.ibm.com/u/edatkpv/.ssh/config
     [exec] debug1: Reading configuration data /etc/ssh/ssh_config
     [exec] debug1: identity file /afs/btv.ibm.com/u/edatkpv/.ssh/id_rsa type 1
     [exec] debug1: identity file /afs/btv.ibm.com/u/edatkpv/.ssh/id_rsa-cert type -1
     [exec] debug1: identity file /afs/btv.ibm.com/u/edatkpv/.ssh/id_dsa type 2
     [exec] debug1: Host 'btvedacron01.btv.ibm.com' is known and matches the ECDSA host key.
bug1: Offering RSA public key: /afs/btv.ibm.com/u/edatkpv/.ssh/id_rsa
     [exec] debug1: Server accepts key: pkalg ssh-rsa blen 151
     [exec] debug1: read PEM private key done: type RSA
     [exec] debug1: Sending AFS tokens
     [exec] debug1: Authentication succeeded (publickey).
running xml via RTC build definition :
[exec] debug1: Reading configuration data /etc/ssh/ssh_config
[exec] debug1: identity file /.ssh/id_rsa type 1
     [exec] debug1: identity file /.ssh/id_rsa-cert type -1
     [exec] debug1: identity file /.ssh/id_dsa type -1
     [exec] debug1: Host 'btvedacron01.btv.ibm.com' is known and matches the RSA host key.
bug1: Offering RSA public key: /.ssh/id_rsa
     [exec] debug1: Authentications that can continue: publickey,password,keyboard-interactive
     [exec] debug1: Trying private key: /.ssh/id_dsa
     [exec] debug1: Trying private key: /.ssh/id_ecdsa
     [exec] debug1: Next authentication method: keyboard-interactive
These are the major differences I see before the error
For some reason, RTC is not reading /afs/btv.ibm.com/u/edatkpv/.ssh/config. Do you happen to know if can make RTC point to the right place?

There are more similar differences but I am not able to attach files here.

Your answer


Register or to post your answer.