Skip to content

Instantly share code, notes, and snippets.

Forked from rtyler/find-ed25519.groovy
Created October 12, 2018 18:35
Show Gist options
  • Save imranansari/e9179c11a4138782610c5dbdc16c38f7 to your computer and use it in GitHub Desktop.
Save imranansari/e9179c11a4138782610c5dbdc16c38f7 to your computer and use it in GitHub Desktop.
Determine whether there are passphrase-protected ed25519 keys in a Jenkins instance
import com.cloudbees.hudson.plugins.folder.*
import com.cloudbees.plugins.credentials.*
import com.cloudbees.jenkins.plugins.sshcredentials.SSHUserPrivateKey
/* Let's see if the key is ed25518 */
boolean checkKey(def key) {
boolean found = false
if ((key instanceof SSHUserPrivateKey) && (key.passphrase)) {
key.privateKeys.each { privateKey ->
if (privateKey =~ '----BEGIN OPENSSH PRIVATE KEY-----') {
println ""
println "The SSH key (${}) may cause failures with the 2.73.1 upgrade!"
found = true
return found
/* Find all globally defined SSH Keys with a passphrase */ { domain -> { key ->
if (checkKey(key)) {
println "(in the global scope, under the domain ${})"
/* Find all Folder-defined SSH keys with a passphrase */
Jenkins.instance.getAllItems(AbstractFolder).each { folder ->
def p =
p? { domain -> { key ->
if (checkKey(key)) {
println "(in the folder ${folder.displayName}, under the domain ${domain})"
return null
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment