Jenkins git clone via SSH on Windows 7 x64

Download and install Git for Windows from http://code.google.com/p/msysgit/downloads/list?can=3

Download and install Jenkins for Windows from http://mirrors.jenkins-ci.org/windows/latest

Install the Git plugin:

  • Go to “Manage Jenkins” –> “Manage Plugins” –> “Available”

  • Check the box next to “Git Plugin”

  • Click “Download now and install after restart”

  • After the message “Downloaded Successfully…” check the box “Restart Jenkins…”

  • Click the link “ENABLE AUTO REFRESH” in the top right of the page

Now we need to configure Jenkins to know where the git cmd is located.

Go to “Manage Jenkins” –> “Configure System”

Under “git” change “Path to Git executable” to C:\Git\cmd\git.cmd (NOT C:\Git\bin\git.exe)

Click the “Save” button

By default, the Jenkins installer sets up Jenkins to run as a service, which runs as the “Local System account”, NOT your user account. Since the “Local System account” does not have SSH keys or known_hosts set up, “git clone” will fail.

We need to add your Jenkins build SSH keys (id_rsa and id_rsa.pub) to the “Local System account” and we need to populate the known_hosts file with the remote server info.

IMPORTANT: make sure your ssh keys do NOT have a password! Jenkins will appear to hang when cloning the repository, but really it’s ssh blocking in the background waiting for you to input your password.

First, copy your Jenkins build SSH keys into C:\Git\.ssh so that ssh.exe can find them.

Open a normal cmd.exe shell and type the following:

c:\>"C:\Git\bin\ssh.exe" -T git@your.git.server

You should get a response that looks like:

The authenticity of host 'your.git.server (xxx.xxx.xxx.xxx)' can't be established.
RSA key fingerprint is xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx.
Are you sure you want to continue connecting (yes/no)?

Type yes and you should see something like:

Warning: Permanently added 'git.sfo.archrock.com,172.27.164.249' (RSA) to the list of known hosts.
...

This has added the remote server to C:\Git\.ssh\known_hosts

Next, copy C:\Git\.ssh to C:\Windows\SysWOW64\config\systemprofile\.ssh (the “Local System account” home).

Now set up a new Jenkins job and you should be able to clone via SSH!

If you want to actually test running git commands AS the “Local System account”, you need to run cmd.exe as the “Local System account”, which requires PsTools.

Download and extract PsTools from http://technet.microsoft.com/en-us/sysinternals/bb896649

Open a normal cmd shell and run:

c:\>PsTools/PsExec.exe -i -s cmd.exe

This should open a new cmd prompt running as the “Local System account” and any SSH commands you run in this account will use the keys in C:\Windows\SysWOW64\config\systemprofile\.ssh

You can now test Git commands running as the same user as Jenkins.