Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-31549

sshcredentials via trilead-ssh2 Cannot Connect to Servers Requiring Strong MACs

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved (View Workflow)
    • Minor
    • Resolution: Fixed
    • ssh-slaves-plugin
    • None
    • Jenkins 1.638; SSH Credentials Plugin 1.11; CentOS 7.1.1503; openjdk 1.8

    Description

      master cannot connect to slave

      /var/log/secure on slave reports
      sshd[1978]: fatal: no matching mac found: client hmac-sha1-96,hmac-sha1,hmac-md5-96,hmac-md5 server hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
      

      master reports

      Key exchange was not finished, connection is closed.
      ERROR: Unexpected error in launching a slave. This is probably a bug in Jenkins.
      java.lang.IllegalStateException: Connection is not established!
      	at com.trilead.ssh2.Connection.getRemainingAuthMethods(Connection.java:1030)
      	at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.getRemainingAuthMethods(TrileadSSHPublicKeyAuthenticator.java:88)
      	at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.canAuthenticate(TrileadSSHPublicKeyAuthenticator.java:80)
      	at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.newInstance(SSHAuthenticator.java:207)
      	at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.newInstance(SSHAuthenticator.java:169)
      	at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1212)
      	at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:711)
      	at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:706)
      	at java.util.concurrent.FutureTask.run(FutureTask.java:262)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
      	at java.lang.Thread.run(Thread.java:745)
      

      This is related to JENKINS-26379 but the comments in that ticket only hint at the issue which, to writ, is:
      https://github.com/jenkinsci/trilead-ssh2/blob/master/src/com/trilead/ssh2/crypto/digest/MAC.java

      com.trilead.ssh2.crypto.digest.MAC
      	public final static String[] getMacList()
      	{
      		/* Higher Priority First */
      
      		return new String[] { "hmac-sha1-96", "hmac-sha1", "hmac-md5-96", "hmac-md5" };
      	}
      

      See https://stribika.github.io/2015/01/04/secure-secure-shell.html

      Here are the available MAC choices:

      hmac-md5
      hmac-md5-96
      hmac-ripemd160
      hmac-sha1
      hmac-sha1-96
      hmac-sha2-256
      hmac-sha2-512
      umac-64
      umac-128
      hmac-md5-etm@openssh.com
      hmac-md5-96-etm@openssh.com
      hmac-ripemd160-etm@openssh.com
      hmac-sha1-etm@openssh.com
      hmac-sha1-96-etm@openssh.com
      hmac-sha2-256-etm@openssh.com
      hmac-sha2-512-etm@openssh.com
      umac-64-etm@openssh.com
      umac-128-etm@openssh.com
      The selection considerations:

      Security of the hash algorithm: No MD5 and SHA1. Yes, I know that HMAC-SHA1 does not need collision resistance but why wait? Disable weak crypto today.
      Encrypt-then-MAC: I am not aware of a security proof for CTR-and-HMAC but I also don't think CTR decryption can fail. Since there are no downgrade attacks, you can add them to the end of the list. You can also do this on a host by host basis so you know which ones are less safe.
      Tag size: At least 128 bits. This eliminates umac-64-etm.
      Key size: At least 128 bits. This doesn't eliminate anything at this point.
      Recommended /etc/ssh/sshd_config snippet:

      MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com
      

      Attachments

        Issue Links

          Activity

            sheatomsin Shea Tomsin created issue -
            sheatomsin Shea Tomsin made changes -
            Field Original Value New Value
            Link This issue is related to JENKINS-26379 [ JENKINS-26379 ]
            sheatomsin Shea Tomsin made changes -
            Description master cannot connect to slave
            {code:none|title=/var/log/secure on slave reports}
            sshd[1978]: fatal: no matching mac found: client hmac-sha1-96,hmac-sha1,hmac-md5-96,hmac-md5 server hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
            {code}

            master reports
            {code:none}
            Key exchange was not finished, connection is closed.
            ERROR: Unexpected error in launching a slave. This is probably a bug in Jenkins.
            java.lang.IllegalStateException: Connection is not established!
            at com.trilead.ssh2.Connection.getRemainingAuthMethods(Connection.java:1030)
            at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.getRemainingAuthMethods(TrileadSSHPublicKeyAuthenticator.java:88)
            at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.canAuthenticate(TrileadSSHPublicKeyAuthenticator.java:80)
            at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.newInstance(SSHAuthenticator.java:207)
            at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.newInstance(SSHAuthenticator.java:169)
            at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1212)
            at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:711)
            at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:706)
            at java.util.concurrent.FutureTask.run(FutureTask.java:262)
            at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
            at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
            at java.lang.Thread.run(Thread.java:745)
            {code}

            This is related to JENKINS-26379 but the comments in that ticket only hint at the issue which, to writ, is:
            https://github.com/jenkinsci/trilead-ssh2/blob/master/src/com/trilead/ssh2/crypto/digest/MAC.java
            {code:none|title=com.trilead.ssh2.crypto.digest/MAC.java}
            public final static String[] getMacList()
            {
            /* Higher Priority First */

            return new String[] { "hmac-sha1-96", "hmac-sha1", "hmac-md5-96", "hmac-md5" };
            }
            {code}

            See https://stribika.github.io/2015/01/04/secure-secure-shell.html
            {quote}
            Here are the available MAC choices:

            hmac-md5
            hmac-md5-96
            hmac-ripemd160
            hmac-sha1
            hmac-sha1-96
            hmac-sha2-256
            hmac-sha2-512
            umac-64
            umac-128
            hmac-md5-etm@openssh.com
            hmac-md5-96-etm@openssh.com
            hmac-ripemd160-etm@openssh.com
            hmac-sha1-etm@openssh.com
            hmac-sha1-96-etm@openssh.com
            hmac-sha2-256-etm@openssh.com
            hmac-sha2-512-etm@openssh.com
            umac-64-etm@openssh.com
            umac-128-etm@openssh.com
            The selection considerations:

            Security of the hash algorithm: No MD5 and SHA1. Yes, I know that HMAC-SHA1 does not need collision resistance but why wait? Disable weak crypto today.
            Encrypt-then-MAC: I am not aware of a security proof for CTR-and-HMAC but I also don't think CTR decryption can fail. Since there are no downgrade attacks, you can add them to the end of the list. You can also do this on a host by host basis so you know which ones are less safe.
            Tag size: At least 128 bits. This eliminates umac-64-etm.
            Key size: At least 128 bits. This doesn't eliminate anything at this point.
            Recommended /etc/ssh/sshd_config snippet:
            {code:none}
            MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com
            {code}
            {quote}
            master cannot connect to slave
            {code:none|title=/var/log/secure on slave reports}
            sshd[1978]: fatal: no matching mac found: client hmac-sha1-96,hmac-sha1,hmac-md5-96,hmac-md5 server hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
            {code}

            master reports
            {code:none}
            Key exchange was not finished, connection is closed.
            ERROR: Unexpected error in launching a slave. This is probably a bug in Jenkins.
            java.lang.IllegalStateException: Connection is not established!
            at com.trilead.ssh2.Connection.getRemainingAuthMethods(Connection.java:1030)
            at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.getRemainingAuthMethods(TrileadSSHPublicKeyAuthenticator.java:88)
            at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.canAuthenticate(TrileadSSHPublicKeyAuthenticator.java:80)
            at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.newInstance(SSHAuthenticator.java:207)
            at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.newInstance(SSHAuthenticator.java:169)
            at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1212)
            at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:711)
            at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:706)
            at java.util.concurrent.FutureTask.run(FutureTask.java:262)
            at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
            at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
            at java.lang.Thread.run(Thread.java:745)
            {code}

            This is related to JENKINS-26379 but the comments in that ticket only hint at the issue which, to writ, is:
            https://github.com/jenkinsci/trilead-ssh2/blob/master/src/com/trilead/ssh2/crypto/digest/MAC.java
            {code:none|title=com.trilead.ssh2.crypto.digest.MAC.java}
            public final static String[] getMacList()
            {
            /* Higher Priority First */

            return new String[] { "hmac-sha1-96", "hmac-sha1", "hmac-md5-96", "hmac-md5" };
            }
            {code}

            See https://stribika.github.io/2015/01/04/secure-secure-shell.html
            {quote}
            Here are the available MAC choices:

            hmac-md5
            hmac-md5-96
            hmac-ripemd160
            hmac-sha1
            hmac-sha1-96
            hmac-sha2-256
            hmac-sha2-512
            umac-64
            umac-128
            hmac-md5-etm@openssh.com
            hmac-md5-96-etm@openssh.com
            hmac-ripemd160-etm@openssh.com
            hmac-sha1-etm@openssh.com
            hmac-sha1-96-etm@openssh.com
            hmac-sha2-256-etm@openssh.com
            hmac-sha2-512-etm@openssh.com
            umac-64-etm@openssh.com
            umac-128-etm@openssh.com
            The selection considerations:

            Security of the hash algorithm: No MD5 and SHA1. Yes, I know that HMAC-SHA1 does not need collision resistance but why wait? Disable weak crypto today.
            Encrypt-then-MAC: I am not aware of a security proof for CTR-and-HMAC but I also don't think CTR decryption can fail. Since there are no downgrade attacks, you can add them to the end of the list. You can also do this on a host by host basis so you know which ones are less safe.
            Tag size: At least 128 bits. This eliminates umac-64-etm.
            Key size: At least 128 bits. This doesn't eliminate anything at this point.
            Recommended /etc/ssh/sshd_config snippet:
            {code:none}
            MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com
            {code}
            {quote}
            sheatomsin Shea Tomsin made changes -
            Description master cannot connect to slave
            {code:none|title=/var/log/secure on slave reports}
            sshd[1978]: fatal: no matching mac found: client hmac-sha1-96,hmac-sha1,hmac-md5-96,hmac-md5 server hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
            {code}

            master reports
            {code:none}
            Key exchange was not finished, connection is closed.
            ERROR: Unexpected error in launching a slave. This is probably a bug in Jenkins.
            java.lang.IllegalStateException: Connection is not established!
            at com.trilead.ssh2.Connection.getRemainingAuthMethods(Connection.java:1030)
            at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.getRemainingAuthMethods(TrileadSSHPublicKeyAuthenticator.java:88)
            at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.canAuthenticate(TrileadSSHPublicKeyAuthenticator.java:80)
            at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.newInstance(SSHAuthenticator.java:207)
            at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.newInstance(SSHAuthenticator.java:169)
            at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1212)
            at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:711)
            at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:706)
            at java.util.concurrent.FutureTask.run(FutureTask.java:262)
            at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
            at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
            at java.lang.Thread.run(Thread.java:745)
            {code}

            This is related to JENKINS-26379 but the comments in that ticket only hint at the issue which, to writ, is:
            https://github.com/jenkinsci/trilead-ssh2/blob/master/src/com/trilead/ssh2/crypto/digest/MAC.java
            {code:none|title=com.trilead.ssh2.crypto.digest.MAC.java}
            public final static String[] getMacList()
            {
            /* Higher Priority First */

            return new String[] { "hmac-sha1-96", "hmac-sha1", "hmac-md5-96", "hmac-md5" };
            }
            {code}

            See https://stribika.github.io/2015/01/04/secure-secure-shell.html
            {quote}
            Here are the available MAC choices:

            hmac-md5
            hmac-md5-96
            hmac-ripemd160
            hmac-sha1
            hmac-sha1-96
            hmac-sha2-256
            hmac-sha2-512
            umac-64
            umac-128
            hmac-md5-etm@openssh.com
            hmac-md5-96-etm@openssh.com
            hmac-ripemd160-etm@openssh.com
            hmac-sha1-etm@openssh.com
            hmac-sha1-96-etm@openssh.com
            hmac-sha2-256-etm@openssh.com
            hmac-sha2-512-etm@openssh.com
            umac-64-etm@openssh.com
            umac-128-etm@openssh.com
            The selection considerations:

            Security of the hash algorithm: No MD5 and SHA1. Yes, I know that HMAC-SHA1 does not need collision resistance but why wait? Disable weak crypto today.
            Encrypt-then-MAC: I am not aware of a security proof for CTR-and-HMAC but I also don't think CTR decryption can fail. Since there are no downgrade attacks, you can add them to the end of the list. You can also do this on a host by host basis so you know which ones are less safe.
            Tag size: At least 128 bits. This eliminates umac-64-etm.
            Key size: At least 128 bits. This doesn't eliminate anything at this point.
            Recommended /etc/ssh/sshd_config snippet:
            {code:none}
            MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com
            {code}
            {quote}
            master cannot connect to slave
            {code:none|title=/var/log/secure on slave reports}
            sshd[1978]: fatal: no matching mac found: client hmac-sha1-96,hmac-sha1,hmac-md5-96,hmac-md5 server hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
            {code}

            master reports
            {code:none}
            Key exchange was not finished, connection is closed.
            ERROR: Unexpected error in launching a slave. This is probably a bug in Jenkins.
            java.lang.IllegalStateException: Connection is not established!
            at com.trilead.ssh2.Connection.getRemainingAuthMethods(Connection.java:1030)
            at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.getRemainingAuthMethods(TrileadSSHPublicKeyAuthenticator.java:88)
            at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.canAuthenticate(TrileadSSHPublicKeyAuthenticator.java:80)
            at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.newInstance(SSHAuthenticator.java:207)
            at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.newInstance(SSHAuthenticator.java:169)
            at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1212)
            at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:711)
            at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:706)
            at java.util.concurrent.FutureTask.run(FutureTask.java:262)
            at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
            at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
            at java.lang.Thread.run(Thread.java:745)
            {code}

            This is related to JENKINS-26379 but the comments in that ticket only hint at the issue which, to writ, is:
            https://github.com/jenkinsci/trilead-ssh2/blob/master/src/com/trilead/ssh2/crypto/digest/MAC.java
            {code:none|title=com.trilead.ssh2.crypto.digest.MAC}
            public final static String[] getMacList()
            {
            /* Higher Priority First */

            return new String[] { "hmac-sha1-96", "hmac-sha1", "hmac-md5-96", "hmac-md5" };
            }
            {code}

            See https://stribika.github.io/2015/01/04/secure-secure-shell.html
            {quote}
            Here are the available MAC choices:

            hmac-md5
            hmac-md5-96
            hmac-ripemd160
            hmac-sha1
            hmac-sha1-96
            hmac-sha2-256
            hmac-sha2-512
            umac-64
            umac-128
            hmac-md5-etm@openssh.com
            hmac-md5-96-etm@openssh.com
            hmac-ripemd160-etm@openssh.com
            hmac-sha1-etm@openssh.com
            hmac-sha1-96-etm@openssh.com
            hmac-sha2-256-etm@openssh.com
            hmac-sha2-512-etm@openssh.com
            umac-64-etm@openssh.com
            umac-128-etm@openssh.com
            The selection considerations:

            Security of the hash algorithm: No MD5 and SHA1. Yes, I know that HMAC-SHA1 does not need collision resistance but why wait? Disable weak crypto today.
            Encrypt-then-MAC: I am not aware of a security proof for CTR-and-HMAC but I also don't think CTR decryption can fail. Since there are no downgrade attacks, you can add them to the end of the list. You can also do this on a host by host basis so you know which ones are less safe.
            Tag size: At least 128 bits. This eliminates umac-64-etm.
            Key size: At least 128 bits. This doesn't eliminate anything at this point.
            Recommended /etc/ssh/sshd_config snippet:
            {code:none}
            MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com
            {code}
            {quote}
            stephenconnolly Stephen Connolly made changes -
            Component/s ssh-slaves-plugin [ 15578 ]
            Component/s ssh-credentials-plugin [ 17424 ]
            stephenconnolly Stephen Connolly made changes -
            Assignee stephenconnolly [ stephenconnolly ] Kohsuke Kawaguchi [ kohsuke ]
            emma Emma Laurijssens made changes -
            Link This issue is duplicated by JENKINS-33021 [ JENKINS-33021 ]
            rtyler R. Tyler Croy made changes -
            Workflow JNJira [ 166971 ] JNJira + In-Review [ 182534 ]
            mc1arke Michael Clarke made changes -
            Assignee Kohsuke Kawaguchi [ kohsuke ] Michael Clarke [ mc1arke ]
            mc1arke Michael Clarke made changes -
            Status Open [ 1 ] In Progress [ 3 ]
            oleg_nenashev Oleg Nenashev made changes -
            Status In Progress [ 3 ] In Review [ 10005 ]
            oleg_nenashev Oleg Nenashev made changes -
            Resolution Fixed [ 1 ]
            Status In Review [ 10005 ] Resolved [ 5 ]

            People

              mc1arke Michael Clarke
              sheatomsin Shea Tomsin
              Votes:
              5 Vote for this issue
              Watchers:
              11 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: