jenkins.plugins.publish_over.BapPublisherException: Failed to connect and initialize SSH connection. Message: [Failed to connect session for config [ansible]. Message [Auth fail for methods 'publickey,gssapi-keyex,gssapi-with-mic,password']]

[NITISH-LANJEWAR]

Jenkins and plugins versions report

Environment

```text Paste the output here ```

What Operating System are you using (both controller, and any agents involved in the problem)?

AMAZON AMI 2

Reproduction steps

DEPLOYED OVER SSH BUT AFTER SOME TIME IT DOESNT WORK

Expected Results

NOT WORKING

Actual Results

DISSCONNECTED

Anything else?

No response

[suppabuster]

The same for me. sshd error: userauth_pubkey: unsupported public key algorithm: rsa-sha2-512 [preauth]

[QcFe]

Same issue. I'm running on official (jenkins/jenkins:lts) docker image.

jenkins.plugins.publish_over.BapPublisherException: Failed to connect and initialize SSH connection. Message: [Failed to connect session for config [somehost]. Message [Algorithm negotiation fail: algorithmName="server_host_key" jschProposal="ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256" serverProposal="ssh-rsa,ssh-dss"]]

[speakmph]

I'm having the same issue. Is there a solution or a work-around?

[notevery]

jenkins.plugins.publish_over.BapPublisherException: Failed to connect and initialize SSH connection. Message: [Failed to connect session for config [BPM]. Message [Auth fail for methods 'publickey,gssapi-keyex,gssapi-with-mic,password']]

don't upgrade jenkins !!!

[dshvedchenko]

Hi, faced the same issue, with simple java program that uses new jsch library i found that order of client protocol for ssh-rsa maters

you can try add it to the beginning of allowed algorithm

System.setProperty("jsch.client_pubkey","ssh-rsa,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256");

[dshvedchenko]

but with jenkins remember htat this need to be set via JVM_OPTS.

 -Djsch.client_pubkey=ssh-rsa,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256 -Djsch.server_host_key=ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa

to update this option on fly in script console you can run :

com.jcraft.jsch.JSch.setConfig("PubkeyAcceptedAlgorithms","ssh-rsa,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256");
com.jcraft.jsch.JSch.setConfig("server_host_key","ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa");

[OneTop4458]

but with jenkins remember htat this need to be set via JVM_OPTS.

 -Djsch.client_pubkey=ssh-rsa,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256 -Djsch.server_host_key=ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa

to update this option on fly in script console you can run :

com.jcraft.jsch.JSch.setConfig("PubkeyAcceptedAlgorithms","ssh-rsa,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256");
com.jcraft.jsch.JSch.setConfig("server_host_key","ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa");

Thank you. I ran the command you provided in the Jenkins Script Console and it worked.

[jaapspiering]

This duplicates #308 although the description isn't as clear there.

[aikar]

Incase anyone else runs into it with the supplied workarounds, trying to set the workaround jvm opts, you must pass these to your agents individually too, or use the built in agent to get the flags on the controller.

[ofiry-tm]

@aikar can you please explain what do you mean ? doesnt the controller configuration should have impact on all the agents ?

[marianobenes]

Incase anyone else runs into it with the supplied workarounds, trying to set the workaround jvm opts, you must pass these to your agents individually too, or use the built in agent to get the flags on the controller.

Can you elaborate in how to do this?