找回凭证密码

打开 Jenkins 的系统管理页面的脚本命令行页面

在输入框输入如下代码点击运行即可查看所有凭证对应的密码

com.cloudbees.plugins.credentials.SystemCredentialsProvider.getInstance().getCredentials().forEach{
  it.properties.each { prop, val ->
    println(prop + ' = "' + val + '"')
  }
  println("-----------------------")
}

按下ctrl + F组合键查找凭证ID就能搜索到该凭证对应的密码

对单个凭据解密

jenkins下找到 credentials.xml 文件中 中对应的字符串,然后将该字符串拿到脚本命令行执行下面的命令解密

println(hudson.util.Secret.fromString("{AQAAABAAAAAQ56sZ/zqxgpZ59iss2x4xiL1l+7uo6Uz6XBVRVJ/07K0=}").getPlainText())

重置管理员密码为123456

admin用户信息默认存放在/root/.jenkins/users/admin/config.xml文件中, 注意对应自己的实际路径, 其中passwordHash标签中间的内容就是admin用户加密后的密码

<?xml version='1.1' encoding='UTF-8'?>
<user>
  <fullName>admin</fullName>
  <properties>
    <jenkins.security.ApiTokenProperty>
      <apiToken>{AQAAABAAAAAwzaSuZnmlQZdTqpGR+OJFsLttgq85/TvpE+HdXnDorJ5CVEyLKBZwWU23KNK1BMbhp5XOOVjn938Z+Xbop3z9Pg==}</apiToken>
    </jenkins.security.ApiTokenProperty>
    <hudson.model.MyViewsProperty>
      <views>
        <hudson.model.AllView>
          <owner class="hudson.model.MyViewsProperty" reference="../../.."/>
          <name>all</name>
          <filterExecutors>false</filterExecutors>
          <filterQueue>false</filterQueue>
          <properties class="hudson.model.View$PropertyList"/>
        </hudson.model.AllView>
      </views>
    </hudson.model.MyViewsProperty>
    <hudson.model.PaneStatusProperties>
      <collapsed/>
    </hudson.model.PaneStatusProperties>
    <hudson.search.UserSearchProperty>
      <insensitiveSearch>true</insensitiveSearch>
    </hudson.search.UserSearchProperty>
    <hudson.security.HudsonPrivateSecurityRealm_-Details>
      <passwordHash>#jbcrypt:$2a$10$MiIVR0rr/UhQBqT.bBq0QehTiQVqgNpUGyWW2nJObaVAM/2xSQdSq</passwordHash>
    </hudson.security.HudsonPrivateSecurityRealm_-Details>
    <jenkins.security.LastGrantedAuthoritiesProperty>
      <roles>
        <string>authenticated</string>
      </roles>
      <timestamp>1528791323260</timestamp>
    </jenkins.security.LastGrantedAuthoritiesProperty>
  </properties>
</user>

把该文件复制备份后修改就能把passwordHash标签中的值修改成

#jbcrypt:2a10$MiIVR0rr/UhQBqT.bBq0QehTiQVqgNpUGyWW2nJObaVAM/2xSQdSq
 <hudson.security.HudsonPrivateSecurityRealm_-Details>
 <passwordHash>#jbcrypt:$2a$10$MiIVR0rr/UhQBqT.bBq0QehTiQVqgNpUGyWW2nJObaVAM/2xSQdSq</passwordHash>
</hudson.security.HudsonPrivateSecurityRealm_-Details>

重启jenkins后用admin账号登录,密码123456

生成自定义密码

通过 https://github.com/jeremyh/jBCrypt 项目生成自定义密码, 只需要在该项目生成的hash值里面加上 #jbcrypt: 之后再去替换 /root/.jenkins/users/admin/config.xml 中的 passwordHash 值就行