Jenkins SSH Permission denied (connect failed)












0















When I go to Jenkins - Configure System then configure the Publish Over SSH plugin so that it contains the pertinent host and user information and hit the test configuration button, I receive a message beneath the plugin configuration that states: 



Failed to connect or change directory



jenkins.plugins.publish_over.BapPublisherException: Failed to connect and initialize SSH connection. Message: [Failed to connect session for config [l-02_App]. Message [java.net.SocketException: Permission denied (connect failed)]]


This same message is output when configuring for use with key authentication, username/password authentication or even when specifying bogus values for user, password or hostname.



Jenkins was installed by dropping the .war file into /usr/share/tomcat/webapps.
I have configured private key authentication so that the user running jenkins (tomcat) can connect using a key and passphrase to the remote server as a user named jenkins. For example I can connect successfully using
sudo -s -u tomcat

ssh jenkins@remotehost

then providing my key passphrase.



As another test I compiled some example code that uses jsch and that test was also successful. https://www.journaldev.com/246/jsch-example-java-ssh-unix-server. I ran the compiled code as the tomcat user and it successfully connected to the remote host and performed an ls.



Any help is greatly appreciated!



Full Error message from Jenkins Log:



`



Failed to connect session for config [l-02_App]. Message [java.net.SocketException: Permission denied (connect failed)]

java.net.SocketException: Permission denied (connect failed)

    at java.net.PlainSocketImpl.socketConnect(Native Method)

    at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)

    at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)

    at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)

    at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)

    at java.net.Socket.connect(Socket.java:589)

    at java.net.Socket.connect(Socket.java:538)

    at java.net.Socket.<init>(Socket.java:434)

    at java.net.Socket.<init>(Socket.java:211)

    at com.jcraft.jsch.Util$1.run(Util.java:362)

Caused: com.jcraft.jsch.JSchException

    at com.jcraft.jsch.Util.createSocket(Util.java:394)

    at com.jcraft.jsch.Session.connect(Session.java:215)

    at jenkins.plugins.publish_over_ssh.BapSshHostConfiguration.connect(BapSshHostConfiguration.java:380)

    at jenkins.plugins.publish_over_ssh.BapSshHostConfiguration.createClient(BapSshHostConfiguration.java:245)

    at jenkins.plugins.publish_over_ssh.BapSshHostConfiguration.createClient(BapSshHostConfiguration.java:234)

    at jenkins.plugins.publish_over_ssh.descriptor.BapSshPublisherPluginDescriptor.validateConnection(BapSshPublisherPluginDescriptor.java:181)

    at jenkins.plugins.publish_over_ssh.descriptor.BapSshPublisherPluginDescriptor.doTestConnection(BapSshPublisherPluginDescriptor.java:176)

    at jenkins.plugins.publish_over_ssh.descriptor.BapSshHostConfigurationDescriptor.doTestConnection(BapSshHostConfigurationDescriptor.java:90)

    at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:627)

    at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:343)

    at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:184)

    at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:117)

    at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:129)

    at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)

    at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)

    at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)

    at org.kohsuke.stapler.MetaClass$5.doDispatch(MetaClass.java:248)

    at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)

    at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)

    at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)

    at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649)

    at org.kohsuke.stapler.Stapler.service(Stapler.java:238)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)

    at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:157)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:99)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)

    at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:93)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)

    at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:90)

    at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:82)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)

    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)

    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:615)

    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)

    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)

    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962)

    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)

    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)

    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1087)

    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)

    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318)

    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)

    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)

    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

    at java.lang.Thread.run(Thread.java:748)`





java jenkins ssh







share|improve this question























  • This answer might help you. The error message is the same, just a different port number.

    – Brian
    May 18 '18 at 20:26
















0















When I go to Jenkins - Configure System then configure the Publish Over SSH plugin so that it contains the pertinent host and user information and hit the test configuration button, I receive a message beneath the plugin configuration that states: 



Failed to connect or change directory



jenkins.plugins.publish_over.BapPublisherException: Failed to connect and initialize SSH connection. Message: [Failed to connect session for config [l-02_App]. Message [java.net.SocketException: Permission denied (connect failed)]]


This same message is output when configuring for use with key authentication, username/password authentication or even when specifying bogus values for user, password or hostname.



Jenkins was installed by dropping the .war file into /usr/share/tomcat/webapps.
I have configured private key authentication so that the user running jenkins (tomcat) can connect using a key and passphrase to the remote server as a user named jenkins. For example I can connect successfully using
sudo -s -u tomcat

ssh jenkins@remotehost

then providing my key passphrase.



As another test I compiled some example code that uses jsch and that test was also successful. https://www.journaldev.com/246/jsch-example-java-ssh-unix-server. I ran the compiled code as the tomcat user and it successfully connected to the remote host and performed an ls.



Any help is greatly appreciated!



Full Error message from Jenkins Log:



`



Failed to connect session for config [l-02_App]. Message [java.net.SocketException: Permission denied (connect failed)]

java.net.SocketException: Permission denied (connect failed)

    at java.net.PlainSocketImpl.socketConnect(Native Method)

    at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)

    at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)

    at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)

    at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)

    at java.net.Socket.connect(Socket.java:589)

    at java.net.Socket.connect(Socket.java:538)

    at java.net.Socket.<init>(Socket.java:434)

    at java.net.Socket.<init>(Socket.java:211)

    at com.jcraft.jsch.Util$1.run(Util.java:362)

Caused: com.jcraft.jsch.JSchException

    at com.jcraft.jsch.Util.createSocket(Util.java:394)

    at com.jcraft.jsch.Session.connect(Session.java:215)

    at jenkins.plugins.publish_over_ssh.BapSshHostConfiguration.connect(BapSshHostConfiguration.java:380)

    at jenkins.plugins.publish_over_ssh.BapSshHostConfiguration.createClient(BapSshHostConfiguration.java:245)

    at jenkins.plugins.publish_over_ssh.BapSshHostConfiguration.createClient(BapSshHostConfiguration.java:234)

    at jenkins.plugins.publish_over_ssh.descriptor.BapSshPublisherPluginDescriptor.validateConnection(BapSshPublisherPluginDescriptor.java:181)

    at jenkins.plugins.publish_over_ssh.descriptor.BapSshPublisherPluginDescriptor.doTestConnection(BapSshPublisherPluginDescriptor.java:176)

    at jenkins.plugins.publish_over_ssh.descriptor.BapSshHostConfigurationDescriptor.doTestConnection(BapSshHostConfigurationDescriptor.java:90)

    at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:627)

    at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:343)

    at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:184)

    at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:117)

    at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:129)

    at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)

    at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)

    at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)

    at org.kohsuke.stapler.MetaClass$5.doDispatch(MetaClass.java:248)

    at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)

    at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)

    at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)

    at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649)

    at org.kohsuke.stapler.Stapler.service(Stapler.java:238)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)

    at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:157)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:99)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)

    at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:93)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)

    at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:90)

    at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:82)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)

    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)

    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:615)

    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)

    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)

    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962)

    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)

    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)

    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1087)

    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)

    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318)

    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)

    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)

    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

    at java.lang.Thread.run(Thread.java:748)`





java jenkins ssh







share|improve this question























  • This answer might help you. The error message is the same, just a different port number.

    – Brian
    May 18 '18 at 20:26














0












0








0








When I go to Jenkins - Configure System then configure the Publish Over SSH plugin so that it contains the pertinent host and user information and hit the test configuration button, I receive a message beneath the plugin configuration that states: 



Failed to connect or change directory



jenkins.plugins.publish_over.BapPublisherException: Failed to connect and initialize SSH connection. Message: [Failed to connect session for config [l-02_App]. Message [java.net.SocketException: Permission denied (connect failed)]]


This same message is output when configuring for use with key authentication, username/password authentication or even when specifying bogus values for user, password or hostname.



Jenkins was installed by dropping the .war file into /usr/share/tomcat/webapps.
I have configured private key authentication so that the user running jenkins (tomcat) can connect using a key and passphrase to the remote server as a user named jenkins. For example I can connect successfully using
sudo -s -u tomcat

ssh jenkins@remotehost

then providing my key passphrase.



As another test I compiled some example code that uses jsch and that test was also successful. https://www.journaldev.com/246/jsch-example-java-ssh-unix-server. I ran the compiled code as the tomcat user and it successfully connected to the remote host and performed an ls.



Any help is greatly appreciated!



Full Error message from Jenkins Log:



`



Failed to connect session for config [l-02_App]. Message [java.net.SocketException: Permission denied (connect failed)]

java.net.SocketException: Permission denied (connect failed)

    at java.net.PlainSocketImpl.socketConnect(Native Method)

    at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)

    at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)

    at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)

    at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)

    at java.net.Socket.connect(Socket.java:589)

    at java.net.Socket.connect(Socket.java:538)

    at java.net.Socket.<init>(Socket.java:434)

    at java.net.Socket.<init>(Socket.java:211)

    at com.jcraft.jsch.Util$1.run(Util.java:362)

Caused: com.jcraft.jsch.JSchException

    at com.jcraft.jsch.Util.createSocket(Util.java:394)

    at com.jcraft.jsch.Session.connect(Session.java:215)

    at jenkins.plugins.publish_over_ssh.BapSshHostConfiguration.connect(BapSshHostConfiguration.java:380)

    at jenkins.plugins.publish_over_ssh.BapSshHostConfiguration.createClient(BapSshHostConfiguration.java:245)

    at jenkins.plugins.publish_over_ssh.BapSshHostConfiguration.createClient(BapSshHostConfiguration.java:234)

    at jenkins.plugins.publish_over_ssh.descriptor.BapSshPublisherPluginDescriptor.validateConnection(BapSshPublisherPluginDescriptor.java:181)

    at jenkins.plugins.publish_over_ssh.descriptor.BapSshPublisherPluginDescriptor.doTestConnection(BapSshPublisherPluginDescriptor.java:176)

    at jenkins.plugins.publish_over_ssh.descriptor.BapSshHostConfigurationDescriptor.doTestConnection(BapSshHostConfigurationDescriptor.java:90)

    at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:627)

    at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:343)

    at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:184)

    at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:117)

    at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:129)

    at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)

    at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)

    at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)

    at org.kohsuke.stapler.MetaClass$5.doDispatch(MetaClass.java:248)

    at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)

    at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)

    at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)

    at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649)

    at org.kohsuke.stapler.Stapler.service(Stapler.java:238)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)

    at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:157)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:99)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)

    at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:93)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)

    at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:90)

    at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:82)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)

    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)

    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:615)

    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)

    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)

    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962)

    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)

    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)

    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1087)

    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)

    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318)

    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)

    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)

    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

    at java.lang.Thread.run(Thread.java:748)`





java jenkins ssh







share|improve this question














When I go to Jenkins - Configure System then configure the Publish Over SSH plugin so that it contains the pertinent host and user information and hit the test configuration button, I receive a message beneath the plugin configuration that states: 



Failed to connect or change directory



jenkins.plugins.publish_over.BapPublisherException: Failed to connect and initialize SSH connection. Message: [Failed to connect session for config [l-02_App]. Message [java.net.SocketException: Permission denied (connect failed)]]


This same message is output when configuring for use with key authentication, username/password authentication or even when specifying bogus values for user, password or hostname.



Jenkins was installed by dropping the .war file into /usr/share/tomcat/webapps.
I have configured private key authentication so that the user running jenkins (tomcat) can connect using a key and passphrase to the remote server as a user named jenkins. For example I can connect successfully using
sudo -s -u tomcat

ssh jenkins@remotehost

then providing my key passphrase.



As another test I compiled some example code that uses jsch and that test was also successful. https://www.journaldev.com/246/jsch-example-java-ssh-unix-server. I ran the compiled code as the tomcat user and it successfully connected to the remote host and performed an ls.



Any help is greatly appreciated!



Full Error message from Jenkins Log:



`



Failed to connect session for config [l-02_App]. Message [java.net.SocketException: Permission denied (connect failed)]

java.net.SocketException: Permission denied (connect failed)

    at java.net.PlainSocketImpl.socketConnect(Native Method)

    at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)

    at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)

    at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)

    at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)

    at java.net.Socket.connect(Socket.java:589)

    at java.net.Socket.connect(Socket.java:538)

    at java.net.Socket.<init>(Socket.java:434)

    at java.net.Socket.<init>(Socket.java:211)

    at com.jcraft.jsch.Util$1.run(Util.java:362)

Caused: com.jcraft.jsch.JSchException

    at com.jcraft.jsch.Util.createSocket(Util.java:394)

    at com.jcraft.jsch.Session.connect(Session.java:215)

    at jenkins.plugins.publish_over_ssh.BapSshHostConfiguration.connect(BapSshHostConfiguration.java:380)

    at jenkins.plugins.publish_over_ssh.BapSshHostConfiguration.createClient(BapSshHostConfiguration.java:245)

    at jenkins.plugins.publish_over_ssh.BapSshHostConfiguration.createClient(BapSshHostConfiguration.java:234)

    at jenkins.plugins.publish_over_ssh.descriptor.BapSshPublisherPluginDescriptor.validateConnection(BapSshPublisherPluginDescriptor.java:181)

    at jenkins.plugins.publish_over_ssh.descriptor.BapSshPublisherPluginDescriptor.doTestConnection(BapSshPublisherPluginDescriptor.java:176)

    at jenkins.plugins.publish_over_ssh.descriptor.BapSshHostConfigurationDescriptor.doTestConnection(BapSshHostConfigurationDescriptor.java:90)

    at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:627)

    at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:343)

    at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:184)

    at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:117)

    at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:129)

    at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)

    at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)

    at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)

    at org.kohsuke.stapler.MetaClass$5.doDispatch(MetaClass.java:248)

    at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)

    at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)

    at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)

    at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649)

    at org.kohsuke.stapler.Stapler.service(Stapler.java:238)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)

    at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:157)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:99)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)

    at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:93)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)

    at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)

    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)

    at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:90)

    at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:82)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)

    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)

    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:615)

    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)

    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)

    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962)

    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)

    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)

    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1087)

    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)

    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318)

    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)

    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)

    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

    at java.lang.Thread.run(Thread.java:748)`





java jenkins ssh




java jenkins ssh






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked May 18 '18 at 19:41









pbmmppbmmp

11




11













  • This answer might help you. The error message is the same, just a different port number.

    – Brian
    May 18 '18 at 20:26



















  • This answer might help you. The error message is the same, just a different port number.

    – Brian
    May 18 '18 at 20:26

















This answer might help you. The error message is the same, just a different port number.

– Brian
May 18 '18 at 20:26





This answer might help you. The error message is the same, just a different port number.

– Brian
May 18 '18 at 20:26












2 Answers
2






active

oldest

votes


















0














SELinux (enabled by default in RHEL 7.5) was denying tomcat from connecting over ssh. I set selinux to permissive mode to allow the communication.



running tail -f /var/log/audit/audit.log
showed the following after trying to test the SSH connection from within Jenkins.


type=AVC msg=audit(1526906414.031:103): avc: denied { name_connect } for pid=1052 comm="java" dest=22 scontext=system_u:system_r:tomcat_t:s0 tcontext=system_u:object_r:ssh_port_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1526906414.031:103): arch=c000003e syscall=42 success=no exit=-13 a0=35 a1=7f96e6af54a0 a2=10 a3=220 items=0 ppid=1 pid=1052 auid=4294967295 uid=53 gid=53 euid=53 suid=53 fsuid=53 egid=53 sgid=53 fsgid=53 tty=(none) ses=4294967295 comm="java" exe="/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.171-7.b10.el7.x86_64/jre/bin/java" subj=system_u:system_r:tomcat_t:s0 key=(null)
type=PROCTITLE msg=audit(1526906414.031:103):

After running setenforce Permissive I was able to test the connection successfully. I then modified the selinux config so it would maintain permissive mode after a restart. nano /etc/selinux/config and set SELINUX=permissive




share|improve this answer































    0














    another option is install semodule that denied sshd with below command



    audit2allow -a
    
audit2allow -a -M sshd_t
    
semodule -i sshd_t.pp





    share|improve this answer























      Your Answer






      StackExchange.ifUsing("editor", function () {
      StackExchange.using("externalEditor", function () {
      StackExchange.using("snippets", function () {
      StackExchange.snippets.init();
      });
      });
      }, "code-snippets");

      StackExchange.ready(function() {
      var channelOptions = {
      tags: "".split(" "),
      id: "1"
      };
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function() {
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled) {
      StackExchange.using("snippets", function() {
      createEditor();
      });
      }
      else {
      createEditor();
      }
      });

      function createEditor() {
      StackExchange.prepareEditor({
      heartbeatType: 'answer',
      autoActivateHeartbeat: false,
      convertImagesToLinks: true,
      noModals: true,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: 10,
      bindNavPrevention: true,
      postfix: "",
      imageUploader: {
      brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
      contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
      allowUrls: true
      },
      onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      });


      }
      });














      draft saved

      draft discarded


















      StackExchange.ready(
      function () {
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f50418245%2fjenkins-ssh-permission-denied-connect-failed%23new-answer', 'question_page');
      }
      );

      Post as a guest















      Required, but never shown

























      2 Answers
      2






      active

      oldest

      votes








      2 Answers
      2






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes









      0














      SELinux (enabled by default in RHEL 7.5) was denying tomcat from connecting over ssh. I set selinux to permissive mode to allow the communication.



      running tail -f /var/log/audit/audit.log
      showed the following after trying to test the SSH connection from within Jenkins.


      type=AVC msg=audit(1526906414.031:103): avc: denied { name_connect } for pid=1052 comm="java" dest=22 scontext=system_u:system_r:tomcat_t:s0 tcontext=system_u:object_r:ssh_port_t:s0 tclass=tcp_socket
      type=SYSCALL msg=audit(1526906414.031:103): arch=c000003e syscall=42 success=no exit=-13 a0=35 a1=7f96e6af54a0 a2=10 a3=220 items=0 ppid=1 pid=1052 auid=4294967295 uid=53 gid=53 euid=53 suid=53 fsuid=53 egid=53 sgid=53 fsgid=53 tty=(none) ses=4294967295 comm="java" exe="/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.171-7.b10.el7.x86_64/jre/bin/java" subj=system_u:system_r:tomcat_t:s0 key=(null)
      type=PROCTITLE msg=audit(1526906414.031:103):

      After running setenforce Permissive I was able to test the connection successfully. I then modified the selinux config so it would maintain permissive mode after a restart. nano /etc/selinux/config and set SELINUX=permissive




      share|improve this answer




























        0














        SELinux (enabled by default in RHEL 7.5) was denying tomcat from connecting over ssh. I set selinux to permissive mode to allow the communication.



        running tail -f /var/log/audit/audit.log
        showed the following after trying to test the SSH connection from within Jenkins.


        type=AVC msg=audit(1526906414.031:103): avc: denied { name_connect } for pid=1052 comm="java" dest=22 scontext=system_u:system_r:tomcat_t:s0 tcontext=system_u:object_r:ssh_port_t:s0 tclass=tcp_socket
        type=SYSCALL msg=audit(1526906414.031:103): arch=c000003e syscall=42 success=no exit=-13 a0=35 a1=7f96e6af54a0 a2=10 a3=220 items=0 ppid=1 pid=1052 auid=4294967295 uid=53 gid=53 euid=53 suid=53 fsuid=53 egid=53 sgid=53 fsgid=53 tty=(none) ses=4294967295 comm="java" exe="/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.171-7.b10.el7.x86_64/jre/bin/java" subj=system_u:system_r:tomcat_t:s0 key=(null)
        type=PROCTITLE msg=audit(1526906414.031:103):

        After running setenforce Permissive I was able to test the connection successfully. I then modified the selinux config so it would maintain permissive mode after a restart. nano /etc/selinux/config and set SELINUX=permissive




        share|improve this answer


























          0












          0








          0







          SELinux (enabled by default in RHEL 7.5) was denying tomcat from connecting over ssh. I set selinux to permissive mode to allow the communication.



          running tail -f /var/log/audit/audit.log
          showed the following after trying to test the SSH connection from within Jenkins.


          type=AVC msg=audit(1526906414.031:103): avc: denied { name_connect } for pid=1052 comm="java" dest=22 scontext=system_u:system_r:tomcat_t:s0 tcontext=system_u:object_r:ssh_port_t:s0 tclass=tcp_socket
          type=SYSCALL msg=audit(1526906414.031:103): arch=c000003e syscall=42 success=no exit=-13 a0=35 a1=7f96e6af54a0 a2=10 a3=220 items=0 ppid=1 pid=1052 auid=4294967295 uid=53 gid=53 euid=53 suid=53 fsuid=53 egid=53 sgid=53 fsgid=53 tty=(none) ses=4294967295 comm="java" exe="/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.171-7.b10.el7.x86_64/jre/bin/java" subj=system_u:system_r:tomcat_t:s0 key=(null)
          type=PROCTITLE msg=audit(1526906414.031:103):

          After running setenforce Permissive I was able to test the connection successfully. I then modified the selinux config so it would maintain permissive mode after a restart. nano /etc/selinux/config and set SELINUX=permissive




          share|improve this answer













          SELinux (enabled by default in RHEL 7.5) was denying tomcat from connecting over ssh. I set selinux to permissive mode to allow the communication.



          running tail -f /var/log/audit/audit.log
          showed the following after trying to test the SSH connection from within Jenkins.


          type=AVC msg=audit(1526906414.031:103): avc: denied { name_connect } for pid=1052 comm="java" dest=22 scontext=system_u:system_r:tomcat_t:s0 tcontext=system_u:object_r:ssh_port_t:s0 tclass=tcp_socket
          type=SYSCALL msg=audit(1526906414.031:103): arch=c000003e syscall=42 success=no exit=-13 a0=35 a1=7f96e6af54a0 a2=10 a3=220 items=0 ppid=1 pid=1052 auid=4294967295 uid=53 gid=53 euid=53 suid=53 fsuid=53 egid=53 sgid=53 fsgid=53 tty=(none) ses=4294967295 comm="java" exe="/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.171-7.b10.el7.x86_64/jre/bin/java" subj=system_u:system_r:tomcat_t:s0 key=(null)
          type=PROCTITLE msg=audit(1526906414.031:103):

          After running setenforce Permissive I was able to test the connection successfully. I then modified the selinux config so it would maintain permissive mode after a restart. nano /etc/selinux/config and set SELINUX=permissive





          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered May 21 '18 at 14:07









          pbmmppbmmp

          11




          11

























              0














              another option is install semodule that denied sshd with below command



              audit2allow -a
              
audit2allow -a -M sshd_t
              
semodule -i sshd_t.pp





              share|improve this answer




























                0














                another option is install semodule that denied sshd with below command



                audit2allow -a
                
audit2allow -a -M sshd_t
                
semodule -i sshd_t.pp





                share|improve this answer


























                  0












                  0








                  0







                  another option is install semodule that denied sshd with below command



                  audit2allow -a
                  
audit2allow -a -M sshd_t
                  
semodule -i sshd_t.pp





                  share|improve this answer













                  another option is install semodule that denied sshd with below command



                  audit2allow -a
                  
audit2allow -a -M sshd_t
                  
semodule -i sshd_t.pp






                  share|improve this answer












                  share|improve this answer



                  share|improve this answer










                  answered Jan 2 at 9:55









                  Tei TeisTei Teis

                  1




                  1






























                      draft saved

                      draft discarded




















































                      Thanks for contributing an answer to Stack Overflow!


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid



                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.


                      To learn more, see our tips on writing great answers.




                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function () {
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f50418245%2fjenkins-ssh-permission-denied-connect-failed%23new-answer', 'question_page');
                      }
                      );

                      Post as a guest















                      Required, but never shown





















































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown

































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown







                      Popular posts from this blog

                      MongoDB - Not Authorized To Execute Command

                      Image
                      .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box; } 0 I have successfully enabled authorization on MongoDB and I have created an account on the admin database and then I created an account for my database called test. The following connection string to connect to my test database works successfully: mongo --host 192.168.17.52 --port 27017 -u user1 -p password --authenticationDatabase test Only problem I have now is, I cannot execute commands such as: show dbs. I get the following error when I try to do so: "errmsg" : "not authorized on admin to execute command { listDatabases: 1.0, lsid: { id: UUID("a1d5bc0d-bc58-485e-b232-270758a89455") }, $db: "admin...
                      Read more

                      in spring boot 2.1 many test slices are not allowed anymore due to multiple @BootstrapWith

                      Image
                      1 I tried to upgrade a yummy sandwich made of two test slices (@JsonTest and @JdbcTest in my case, crunchy test code in between) adding spring boot 2.1 flavour to it. But it seems it was not much of a success. I cannot annotate my tests with many @...Test since they are now each bringing their own XxxTestContextBootstrapper. It used to work when they all used same SpringBootTestContextBootstrapper. @RunWith(SpringRunner.class) @JdbcTest @JsonTest public class Test { @Test public void test() { System.out.printn("Hello, World !"); } } The error I get from BootstrapUtils is illegalStateException : Configuration error: found multiple declarations of @BootstrapWith for test class I understand I might be doing something wrong here but is there an easy way I could load both Json and Jdbc contex...
                      Read more

                      Npm cannot find a required file even through it is in the searched directory

                      Image
                      up vote 0 down vote favorite I got that error: users-Air:pdfuploader user$ npm run start client@0.1.0 start /Users/user/Documents/pdfuploader react-scripts start Could not find a required file. Name: index.html Searched in: /Users/user/Documents/pdfuploader/public npm ERR! code ELIFECYCLE npm ERR! errno 1 npm ERR! client@0.1.0 start: `react-scripts start` npm ERR! Exit status 1 npm ERR! npm ERR! Failed at the client@0.1.0 start script. npm ERR! This is probably not a problem with npm. There is likely additional logging output above. npm ERR! A complete log of this run can be found in: npm ERR! /Users/user/.npm/_logs/2018-11-19T10_19_14_555Z-debug.log users-Air:pdfuploader user$ And the file is in /Users/user/Documents/pdfuploader/public as you can see in my github repository: https://github.c...
                      Read more