I set up Jenkins CI to deploy my PHP app to our QA Apache server and I ran into an issuse. I successfully set up the pubkey authentication from the local jenkins account to the remote apache account, but when I use rsync
, I get the following error:
[jenkins@build ~]# rsync -avz -e ssh test.txt apache@site.example.com:/path/to/site
protocol version mismatch -- is your shell clean?
(see the rsync man page for an explanation)
rsync error: protocol incompatibility (code 2) at compat.c(64) [sender=2.6.8]
[jenkins@build ~]#
One potential problem is that the remote apache
account doesn't have a valid shell account, should I create a remote account with shell access and part of the "apache"
group? It is not an SSH key problem, since ssh apache@site.example.com
connects successfully, but quickly kicks me out since apache
doesn't have a shell.
Best Answer
That would probably be the easiest thing to do. You will probably want to only set it up with a limited shell like rssh or scponly to only allow file transfers. You may also want to set up a chroot jail so that it can't see your whole filesystem.