Sling Academy
Home/DevOps/Solving Jenkins Error: Host key verification failed

Solving Jenkins Error: Host key verification failed

Last updated: February 03, 2024

Table of Contents

  1. The Problem
    1. Common Reasons
  2. Solution 1: Manually Accept Host Key
  3. Solution 2: Disable Strict HostKeyChecking
  4. Solution 3: Automatically Add Host Key
  5. Conclusion

The Problem

Encountering a Host key verification failed error in Jenkins can halt your continuous integration/continuous deployment (CI/CD) pipeline, causing delays and frustration. This error typically appears when Jenkins is trying to SSH into another server but fails to authenticate the server’s SSH key. Understanding why this error occurs and knowing multiple ways to resolve it are crucial for maintaining a smooth CI/CD process.

Common Reasons

  • Jenkins server does not recognize the remote server’s SSH key.
  • The SSH key has changed, due to server re-setup or IP change.
  • Strict HostKeyChecking is enabled.

Solution 1: Manually Accept Host Key

Manually executing an SSH command from the Jenkins server to the remote server allows you to accept the host key, adding it to the known_hosts file.

  1. Log into the Jenkins server terminal.
  2. Run ssh user@hostname, replacing user and hostname with your actual username and remote server address.
  3. Accept the prompt to add the host key to known_hosts.

Notes: This is the most straightforward method but requires manual intervention, making it less suitable for automated environments.

Solution 2: Disable Strict HostKeyChecking

Temporarily disabling Strict HostKeyChecking for SSH connections in Jenkins scripts/tasks allows the connection without verifying the host key.

  1. Identify the location of the Jenkins script or task that initiates the SSH connection.
  2. Include the SSH command with the option -o StrictHostKeyChecking=no.

Here’s the full command:

ssh -o StrictHostKeyChecking=no user@hostname

Output: This command will initiate an SSH connection without host key verification.

Notes: Disabling Strict HostKeyChecking can pose a security risk by exposing to potential man-in-the-middle attacks. Use this for internal, secure networks.

Solution 3: Automatically Add Host Key

Using ssh-keyscan to automatically add the remote server’s host key to known_hosts before the Jenkins job runs can prevent the error.

  1. Add a preliminary step in your Jenkins job to run ssh-keyscan -H hostname >> ~/.ssh/known_hosts, again replacing hostname with your remote server’s address.
  2. Ensure that the Jenkins user has write permissions to ~/.ssh/known_hosts.

The command (for you to copy it more easily):

ssh-keyscan -H hostname >> ~/.ssh/known_hosts

Output: The command fetches the remote server’s host key and appends it to the known_hosts file.

Notes: Automating host key addition is convenient but risks adding unauthorized keys if not used cautiously, especially in dynamic IP environments.

Conclusion

Resolving the Host key verification failed error in Jenkins is crucial for uninterrupted CI/CD pipelines. The solutions provided range from manual approaches to automation-friendly methods, each with its own set of considerations. It’s important to choose the solution that best aligns with your security and automation requirements.

Next Article: How to change the heap size in Jenkins

Previous Article: Jenkins: How to disable SonarQube analysis for a specific branch

Series: Jenkins Tutorials

DevOps

You May Also Like

  • How to reset Ubuntu to factory settings (4 approaches)
  • Making GET requests with cURL: A practical guide (with examples)
  • Git: What is .DS_Store and should you ignore it?
  • NGINX underscores_in_headers: Explained with examples
  • How to use Jenkins CI with private GitHub repositories
  • Terraform: Understanding State and State Files (with Examples)
  • SHA1, SHA256, and SHA512 in Terraform: A Practical Guide
  • CSRF Protection in Jenkins: An In-depth Guide (with examples)
  • Terraform: How to Merge 2 Maps
  • Terraform: How to extract filename/extension from a path
  • JSON encoding/decoding in Terraform: Explained with examples
  • Sorting Lists in Terraform: A Practical Guide
  • Terraform: How to trigger a Lambda function on resource creation
  • How to use Terraform templates
  • Understanding terraform_remote_state data source: Explained with examples
  • Jenkins Authorization: A Practical Guide (with examples)
  • Solving Jenkins Pipeline NotSerializableException: groovy.json.internal.LazyMap
  • Understanding Artifacts in Jenkins: A Practical Guide (with examples)
  • Using Jenkins with AWS EC2 and S3: A Practical Guide