Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-43062

SSH Host Key Verifiers are not configured for all SSH slaves

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      Since the last update of SSH Slaves plugin, the following warning is shown:

      SSH Host Key Verifiers are not configured for all SSH slaves on this Jenkins instance. This could leave these slaves open to man-in-the-middle attacks. Update your slave configuration to resolve this.

      I have three slaves, whose "Launch method" is "Launch agent via Java Web Start" for two of them and "Launch slave agents via SSH" for the third one.
      Does the warning refer only to the last one?

      The "Host Key Verification Strategy" I set is "Known hosts file Verification Strategy". What should I do to avoid that warning?

       

        Attachments

          Issue Links

            Activity

            Hide
            smohan08 Mohan added a comment -

            Dear Team,

            Resolved by changing the below settings in each of the slave machine.

            Host Key Verification Strategy - Non Verifying Verification Strategy

            -Mohan

            Show
            smohan08 Mohan added a comment - Dear Team, Resolved by changing the below settings in each of the slave machine. Host Key Verification Strategy - Non Verifying Verification Strategy -Mohan
            Hide
            ryang Ryan Garchinsky added a comment -

            What Mohan said worked for me as well. I found this snippet in this article: 

            https://support.cloudbees.com/hc/en-us/articles/115000073552-Host-Key-Verification-for-SSH-Agents

             

            Simply re-saving your agents with the strategy Non verifying Verification Strategy fixes this, this is explained in JENKINS-43062.

            We recommend however that you select an Host Verification Strategy to prevent man-in-the-middle attack. Please read the following section/s.

            Show
            ryang Ryan Garchinsky added a comment - What Mohan said worked for me as well. I found this snippet in this article:  https://support.cloudbees.com/hc/en-us/articles/115000073552-Host-Key-Verification-for-SSH-Agents   Simply re-saving your agents with the strategy Non verifying Verification Strategy fixes this, this is explained in JENKINS-43062 . We recommend however that you select an Host Verification Strategy to prevent man-in-the-middle attack . Please read the following section/s.
            Hide
            hisantoshverma Santosh verma added a comment -

             Thanks Alex Radinsky .. it's work for me .. Just open all node configurations and save without any changes.

            Show
            hisantoshverma Santosh verma added a comment -  Thanks Alex Radinsky .. it's work for me .. Just open all node configurations and save without any changes.
            Hide
            moswal Mehul Oswal added a comment -

            Thanks Alex Radinsky, It worked for me too.

            Show
            moswal Mehul Oswal added a comment - Thanks Alex Radinsky, It worked for me too.
            Hide
            ifernandezcalvo Ivan Fernandez Calvo added a comment -

            seems resolved

            Show
            ifernandezcalvo Ivan Fernandez Calvo added a comment - seems resolved

              People

              Assignee:
              mc1arke Michael Clarke
              Reporter:
              jhack Giacomo Boccardo
              Votes:
              7 Vote for this issue
              Watchers:
              13 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: