Amash Ansari
A Comprehensive Guide to Master-Agent Setup with Known Host File Verification Strategy

A Comprehensive Guide to Master-Agent Setup with Known Host File Verification Strategy

Amash Ansari's photo
Amash Ansari
ยท

3 min read

Table of contents

Prerequisites

  1. You need to know how to create credentials on Jenkins.

  2. You should know how to set up the master(Jenkins) and agent via SSH.

If you want to learn more about the configuration of master and agent using the "Non verifying Verification Strategy" thenClick here. Because this configuration and the previous configuration are almost the same and have a very small difference.

Check for the known_hosts File on Jenkins Master

The known_hosts file**stores the public keys of the hosts accessed by a user. This is a very important file that assures that the user is connecting to a legitimate server by saving its identity to your local system. It also helps in avoiding the man-in-the-middle attacks.

This file is located under the.ssh/known_hostson the master's machine. As can be very clearly seen in the below image, there is noknown_hostsfile present in.ssh/the directory.

To create theknown_hostsfile in the master's machine doSSHto the agent's host.

Now check again for theknown_hostsfile in the.ssh/directory on the master's machine.

Copy the.ssh/directory in the Jenkins user home directory.

As shown above, the.sshdirectory is copied from/home/ubuntu/to/var/lib/jenkins/. This is because when we keep the host key verification strategy to the "Known Host" then the Jenkins user needs to have access to theknown_hostsfile. As we can see/var/lib/jenkins/.sshhas the owner and group owner as root, so we need to change it to Jenkins.

Host Key Verification Strategy

Ready to connect? Here's how: Navigate to the nodes section, select your agent, and configure it. Look for "Known hosts file Verification Strategy" under Host Key Verification Strategy, click select, and save the agent details.

Relaunch the agent and check whether the connection has been established or not. And if still the connection is not established then use the following command on the master's host.

ssh-keyscan -H ${IP-OF-AGENT} > ~/.ssh/known_hosts

And then copy the content of the.ssh/known_hoststo the/var/lib/jenkins/.ssh/known_hostsas shown below.

sudo vim /var/lib/jenkins/.ssh/known_hosts

Important Note: When copying data from .ssh/known_hosts to /var/lib/jenkins/.ssh/known_hosts, make sure to clear the existing file content first to avoid conflicts. We're essentially overriding the data here. For a smooth process, manually copy the data using a user-friendly editor like Vim or any other suitable text editor.

Final Step, restart the agent! This ensures a seamless connection with the agent using the Known Host File Verification Strategy. With this quick action, you'll be all set to leverage Jenkins' full power for effortless CI/CD.

Great News! ๐ŸŽ‰ Our agent is perfectly in sync, all set to collaborate flawlessly with the Jenkins master. Now, we can confidently embark on our CI/CD journey, knowing that our development process is in capable hands.

Discover the Configuration of Master and Agent Using the "Non-Verifying Verification Strategy" -Click hereto Learn More!

JenkinsTrainWithShubhamDevops#90daysofdevopsAWS
ย