Connecting Jenkins master with Build agents using Known host verification strategy.

Connecting Jenkins master with Build agents using Known host verification strategy.

You can refer to my previous article regarding configuration for connecting build agents with Jenkins master here https://virajthorat776.hashnode.dev/configuring-jenkins-build-agents . In the link, I had configured the build agent connection using the host key verification strategy of "Non verifying verification strategy".

In This article, we are going to use the host key verification strategy of "Known host verification strategy".

all the configurations will remain the same as in the previous article. we are going to change the host key verification strategy as shown below screenshot in our agent configuration:

Furthermore, we will follow below steps:

Step 1: Check for the know_hosts file in the .ssh directory on Jenkins master.

As we can see in the above screenshot currently inside ~/.ssh there is no know_hosts file present

step 2: Create a Known_hosts file in the .ssh directory on Jenkins master.

We will do ssh to Jenkins agent hosts as shown below.

As shown above, once we ssh that node agent, it will present its key fingerprint which upon confirming that we want to connect that host, then that host keys will be permanently added to the newly created known hosts_file as shown below.

step 3: Copying .ssh file to Jenkins user home directory

As shown above, we have copied the .ssh directory from cloud_user's home directory to /var/lib/jenkins. This is because when we keep the host key verification strategy to the "known host" then jenkins user needs to have access to the known_hosts file. As we can see /var/lib/jenkins/.ssh has the owner and group owner as root. so we need to change it to jenkins.

step 4: changing ownership of /var/lib/jenkins/.ssh

Above command is used to change ownership and group ownership of /var/lib/jenkins/.ssh directory to jenkins user and group.

After following all the above steps finally we will verify if the connection is working or not by relaunching the agent.

From the above screenshots we can confirm that as per the known host verification strategy, Jenkins master checks the agent node key against the key in known_hosts file in /var/lib/jenkins/.ssh directory. since this key is successfully matched, our agent is successfully launched and online.