Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-37236

Unable to negotiate: no matching key exchange method found

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major Major
    • core
    • Ubuntu 16.04.1, Jenkins 2.17, Java 8

      Hi,

      I am under the belief that the default setup (plugins) of Jenkins (2.17) listens for SSHD connections. It appears to default to an insecure key exchange algorithm. The by-pass is trivial, but unclear if its documented (in Jenkin's docs, I haven't found it.) Also, I haven't found anything mentioning the server side will be updated (another comment in docs might be good for that.)

      user@ubuntu:~$ ssh -p 34213 admin@localhost version
      Unable to negotiate with ::1 port 34213: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1

      user@ubuntu:~$ ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -p 34213 admin@localhost version
      2.17

      I might be missing information, but haven't found anything on this yet (aside from people doing the aforementioned workaround.)

            oleg_nenashev Oleg Nenashev
            ronald_petty Ronald Petty
            Votes:
            5 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: