Authentication problems with SSH Upload runner
I have a build step in my project which uses the SSH Upload runner. My goal is to upload an artifact (a zip file in this case) to a host at a specific path. I am running on TeamCity Enterprise 10.0.5 installed on a Linux machine.
I have tried the username/password authentication method and that is failing. I have also uploaded a key and tried to use private/public key to authenticate and that is failing too. The error message is a very generic
[Step 1/1] com.jcraft.jsch.JSchException: Auth fail
I can't figure out why it is failing. I have ssh-ed successfully into the target host from the TeamCity server machine and the fingerprint of the host machine was added successfully to the known hosts during that session. I also made sure the uploaded key I am using in the project is of the format that OpenSSH understands. I also found a forum post describing someone having similar auth issues and the explanation was that there might be a bug in the plugin which prevents the username/pass from working properly. The suggestion being to use the public/private key method but that is not working for me. I can't really find any other info explaining what might be wrong.
Is there way to enable more verbose logging that would expose the output of the underlying commands the runner is running? Something that would give me output similar to "ssh -v"? Is there anything else I can try to debug this?
Thanks,
peter
Please sign in to leave a comment.
Hi Peter,
could you check whether the remote SSH server has any logs indicating an error? Are you using ssh or ftp over ssh? (this is also handled via the ssh upload runner).
Hi Denis,
I managed to get this to work. It was never clear to me what the problem was but after trying a ton of stuff it started working. I would still like to know how to better diagnose this in the future... A simple option to enable more verbose output than that one line in the project output will help a lot.
Also there were no errors in the remote/target server logs that I could find. That server is locked down and I could not make any changes to the ssh deamon to enable more logging.
I am using ssh with SCP selected as the transfer protocol. One other thing I couldn't make sense out of is the use of the SSH Agent as a Build Feature. I think I read somewhere in the documentation that you have to use that for what I was trying to do but I found out that the SSH transfer works regardless of whether I enable or disable that feature. Any thoughts on that?
peter
Hi Peter,
while this other topic was for FTP in particular, the runners are pretty similar, so it might help: https://teamcity-support.jetbrains.com/hc/en-us/community/posts/115000617330/comments/115000515390
Sometimes the errors reported by the remote server are pretty shallow and we can't really do much better to figure out what the root of the issue is.
The SSH Agent build feature basically allows you to run scripts that connect to SSH servers. That is, not an SSH runner, but, for example, a command line runner that runs some ssh command. The ssh agent will take over when your scripts are required to authenticate from the ssh server, as you cannot interact with the script when being run on teamcity.