Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-37236

Unable to negotiate: no matching key exchange method found

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major Major
    • core
    • Ubuntu 16.04.1, Jenkins 2.17, Java 8

      Hi,

      I am under the belief that the default setup (plugins) of Jenkins (2.17) listens for SSHD connections. It appears to default to an insecure key exchange algorithm. The by-pass is trivial, but unclear if its documented (in Jenkin's docs, I haven't found it.) Also, I haven't found anything mentioning the server side will be updated (another comment in docs might be good for that.)

      user@ubuntu:~$ ssh -p 34213 admin@localhost version
      Unable to negotiate with ::1 port 34213: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1

      user@ubuntu:~$ ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -p 34213 admin@localhost version
      2.17

      I might be missing information, but haven't found anything on this yet (aside from people doing the aforementioned workaround.)

          [JENKINS-37236] Unable to negotiate: no matching key exchange method found

          Ronald Petty created issue -
          Daniel Beck made changes -
          Component/s New: cli [ 15624 ]
          Daniel Beck made changes -
          Labels Original: CORE SSH
          Daniel Beck made changes -
          Priority Original: Minor [ 4 ] New: Major [ 3 ]
          Daniel Beck made changes -
          Labels New: security
          Oleg Nenashev made changes -
          Labels Original: security New: security sshd
          Oleg Nenashev made changes -
          Assignee New: Oleg Nenashev [ oleg_nenashev ]
          Oleg Nenashev made changes -
          Component/s Original: cli [ 15624 ]
          Oleg Nenashev made changes -
          Summary Original: Unable to negotiate New: Unable to negotiate: no matching key exchange method found
          Oleg Nenashev made changes -
          Status Original: Open [ 1 ] New: In Progress [ 3 ]
          Oleg Nenashev made changes -
          Status Original: In Progress [ 3 ] New: In Review [ 10005 ]

            oleg_nenashev Oleg Nenashev
            ronald_petty Ronald Petty
            Votes:
            5 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: