Extract passphrase from Jenkins' credentials.xml

Question

I have added an SSH credential to Jenkins.

Unfortunately, I have forgotten the SSH passphrase and would now like to obtain it from Jenkins\' credential archive, which is

Answer 1

I know this is old, but... With pipelines it's extremely simple. Here's an example pipeline that will print the credentials to the console:

node {
    def creds

    stage('Sandbox') {
        withCredentials([usernamePassword(credentialsId: 'my-creds', passwordVariable: 'C_PASS', usernameVariable: 'C_USER')]) {
            creds = "\nUser: ${C_USER}\nPassword: ${C_PASS}\n"
        }

        println creds
    }
}

Executing this pipeline produces the following in the console:

Started by user First Last (username)
Running in Durability level: MAX_SURVIVABILITY
[Pipeline] node
Running on Jenkins in /jenkins/workspace/sandbox
[Pipeline] {
[Pipeline] stage
[Pipeline] { (Sandbox)
[Pipeline] withCredentials
[Pipeline] {
[Pipeline] }
[Pipeline] // withCredentials
[Pipeline] echo

User: testuser
Password: Ab37%ahc*z

[Pipeline] }
[Pipeline] // stage
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
Finished: SUCCESS

The trick here is that the credentials are only masked inside the withCredentials block. If you assign them to a variable defined outside the block and then print that variable outside the block, no masking is applied. This has been reported as a bug, however nothing is being done on it.