Open NITISH-LANJEWAR opened 1 year ago
The same for me. sshd error:
userauth_pubkey: unsupported public key algorithm: rsa-sha2-512 [preauth]
Same issue. I'm running on official (jenkins/jenkins:lts) docker image.
jenkins.plugins.publish_over.BapPublisherException: Failed to connect and initialize SSH connection. Message: [Failed to connect session for config [somehost]. Message [Algorithm negotiation fail: algorithmName="server_host_key" jschProposal="ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256" serverProposal="ssh-rsa,ssh-dss"]]
I'm having the same issue. Is there a solution or a work-around?
jenkins.plugins.publish_over.BapPublisherException: Failed to connect and initialize SSH connection. Message: [Failed to connect session for config [BPM]. Message [Auth fail for methods 'publickey,gssapi-keyex,gssapi-with-mic,password']]
don't upgrade jenkins !!!
Hi, faced the same issue, with simple java program that uses new jsch library i found that order of client protocol for ssh-rsa maters
you can try add it to the beginning of allowed algorithm
System.setProperty("jsch.client_pubkey","ssh-rsa,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256");
but with jenkins remember htat this need to be set via JVM_OPTS.
-Djsch.client_pubkey=ssh-rsa,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256 -Djsch.server_host_key=ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa
to update this option on fly in script console you can run :
com.jcraft.jsch.JSch.setConfig("PubkeyAcceptedAlgorithms","ssh-rsa,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256");
com.jcraft.jsch.JSch.setConfig("server_host_key","ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa");
but with jenkins remember htat this need to be set via JVM_OPTS.
-Djsch.client_pubkey=ssh-rsa,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256 -Djsch.server_host_key=ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa
to update this option on fly in script console you can run :
com.jcraft.jsch.JSch.setConfig("PubkeyAcceptedAlgorithms","ssh-rsa,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256"); com.jcraft.jsch.JSch.setConfig("server_host_key","ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa");
Thank you. I ran the command you provided in the Jenkins Script Console and it worked.
This duplicates #308 although the description isn't as clear there.
Incase anyone else runs into it with the supplied workarounds, trying to set the workaround jvm opts, you must pass these to your agents individually too, or use the built in agent to get the flags on the controller.
@aikar can you please explain what do you mean ? doesnt the controller configuration should have impact on all the agents ?
Incase anyone else runs into it with the supplied workarounds, trying to set the workaround jvm opts, you must pass these to your agents individually too, or use the built in agent to get the flags on the controller.
Can you elaborate in how to do this?
Jenkins and plugins versions report
Environment
```text Paste the output here ```What Operating System are you using (both controller, and any agents involved in the problem)?
AMAZON AMI 2
Reproduction steps
DEPLOYED OVER SSH BUT AFTER SOME TIME IT DOESNT WORK
Expected Results
NOT WORKING
Actual Results
DISSCONNECTED
Anything else?
No response