Bad owner or permissions on /var/lib/jenkins/.ssh/config

The errors "Bad owner or permissions on /var/lib/jenkins/.ssh/config" and "fatal: Could not read from remote repository" indicate an issue with the permissions for the SSH configuration file or the SSH key used by the Jenkins user, preventing access to the remote repository. 

 

Cause

The SSH client is strict about the permissions for configuration files and private keys. If these files are accessible by users other than the owner, the SSH client will refuse to use them for security reasons [3, 4]. 

 

Solution Steps

To fix this, adjust the permissions of the relevant files and directories to be private to the jenkins user: 

1. Access the server: Log into the machine running Jenkins with sufficient privileges (e.g., using sudo).
2. Ensure correct ownership: Verify the jenkins user owns the files and the .ssh directory.
   bash

   sudo chown -R jenkins:jenkins /var/lib/jenkins/.ssh
   

3. Set directory permissions: The .ssh directory should have permissions that only allow the owner to read, write, and execute (enter) it.
   bash

   sudo chmod 700 /var/lib/jenkins/.ssh
   

4. Set config file and private key permissions: The config file and any private key files (commonly id_rsa or similar names) must be readable and writable only by the owner.
   bash

   sudo chmod 600 /var/lib/jenkins/.ssh/config
   # Repeat for your private key file, e.g.:
   sudo chmod 600 /var/lib/jenkins/.ssh/id_rsa
   

5. Test connection (optional but recommended): Switch to the jenkins user and attempt to connect to your repository host to confirm the fix.
   bash

   sudo su - jenkins
   ssh -T git@your_repository_host # Replace with your actual host
   exit # to return to your previous user session

    

After applying these permission changes, the Jenkins job should be able to connect to the remote repository and the error messages should no longer appear.