Monthly Archives: January 2016

Securing Jenkins Ubuntu 12.04.5 LTS

Jenkins by default allows everyone to see your jobs.   Securing jenkins is pretty easy:

0) Add two arguments to JENKINS_ARGS in /etc/default/jenkins

# –argumentsRealm.passwd.$ADMIN_USER=[password]
# –argumentsRealm.roles.$ADMIN_USER=admin

This should be near the end of the file.  Once changed, restart, jenkins.

1) Install https://wiki.jenkins-ci.org/display/JENKINS/Role+Strategy+Plugin

2) Enable the plugin by going to the secure area:

a) http://YOURDOMAIN:PORT/configureSecurity/

b) Click:

3) Restart Jenkins.

4) Under configuration settings http://YOURDOMAIN:PORT/manage

Click on Manage Roles (could have changed, basically anything with roles)

Add a new group called “Anonymous” and uncheck everything. Then you want to add another group called “authenticated” and check everything. Jenkins will immediately prompt you for a login this way.

vi /var/lib/jenkins/config.xml Screen Shot 2016-01-08 at 8.46.07 AM