[JENKINS-53954] Cannot connect to slave/agent Linux anymore

Giacomo Boccardo created issue - 2018-10-09 08:22

Giacomo Boccardo made changes - 2018-10-09 08:32

Component/s		New: ssh-credentials-plugin [ 17424 ]
Component/s	Original: remoting [ 15489 ]

Giacomo Boccardo made changes - 2018-10-09 08:56

Description

Original: After I installed the latest LTS I cannot connect to the Linux slave/agent anymore. The error is:
{noformat}
SSHLauncher{host='[OMISSIS]', port=22, credentialsId='jenkins-cred', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=210, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.KnownHostsFileKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true}SSHLauncher{host='[OMISSIS]', port=22, credentialsId='jenkins-cred', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=210, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.KnownHostsFileKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true}[10/09/18 10:14:36] [SSH] Opening SSH connection to [OMISSIS]:22.[10/09/18 10:14:36] [SSH] SSH host key matches key in Known Hosts file. Connection will be allowed.ERROR: Server rejected the 1 private key(s) for jenkins (credentialId:jenkins-cred/method:publickey)ERROR: Failed to authenticate as jenkins with credential=jenkins-credjava.io.IOException: Publickey authentication failed. at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:291) at com.trilead.ssh2.Connection.authenticateWithPublicKey(Connection.java:483) at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.doAuthenticate(TrileadSSHPublicKeyAuthenticator.java:109) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:436) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:455) at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1214) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:844) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:831) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:748)Caused by: java.io.IOException: PEM problem: it is of unknown type at com.trilead.ssh2.crypto.PEMDecoder.decodeKeyPair(PEMDecoder.java:500) at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:225) ... 11 more[10/09/18 10:14:36] [SSH] Authentication failed.Authentication failed.[10/09/18 10:14:36] Launch failed - cleaning up connection[10/09/18 10:14:36] [SSH] Connection closed.
{noformat}

New: After I installed the latest LTS I cannot connect to the Linux slave/agent anymore. The error is:
{noformat}
SSHLauncher{host='[OMISSIS]', port=22, credentialsId='jenkins-cred', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=210, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.KnownHostsFileKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true}SSHLauncher{host='[OMISSIS]', port=22, credentialsId='jenkins-cred', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=210, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.KnownHostsFileKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true}[10/09/18 10:14:36] [SSH] Opening SSH connection to [OMISSIS]:22.[10/09/18 10:14:36] [SSH] SSH host key matches key in Known Hosts file. Connection will be allowed.ERROR: Server rejected the 1 private key(s) for jenkins (credentialId:jenkins-cred/method:publickey)ERROR: Failed to authenticate as jenkins with credential=jenkins-credjava.io.IOException: Publickey authentication failed. at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:291) at com.trilead.ssh2.Connection.authenticateWithPublicKey(Connection.java:483) at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.doAuthenticate(TrileadSSHPublicKeyAuthenticator.java:109) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:436) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:455) at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1214) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:844) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:831) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:748)Caused by: java.io.IOException: PEM problem: it is of unknown type at com.trilead.ssh2.crypto.PEMDecoder.decodeKeyPair(PEMDecoder.java:500) at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:225) ... 11 more[10/09/18 10:14:36] [SSH] Authentication failed.Authentication failed.[10/09/18 10:14:36] Launch failed - cleaning up connection[10/09/18 10:14:36] [SSH] Connection closed.
{noformat}
As a workaround, I had to re-enter the private key in [https://jenkins.unimaticaspa.it/credentials/store/system/domain/_/credential/jenkins-cred/update] in the format:

-----BEGIN RSA PRIVATE KEY-----
[…]
-----END RSA PRIVATE KEY-----

instead of the previous (I don't know how I entered it the first time years ago)

{[…]}

Giacomo Boccardo made changes - 2018-10-09 08:57

Description

Original: After I installed the latest LTS I cannot connect to the Linux slave/agent anymore. The error is:
{noformat}
SSHLauncher{host='[OMISSIS]', port=22, credentialsId='jenkins-cred', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=210, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.KnownHostsFileKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true}SSHLauncher{host='[OMISSIS]', port=22, credentialsId='jenkins-cred', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=210, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.KnownHostsFileKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true}[10/09/18 10:14:36] [SSH] Opening SSH connection to [OMISSIS]:22.[10/09/18 10:14:36] [SSH] SSH host key matches key in Known Hosts file. Connection will be allowed.ERROR: Server rejected the 1 private key(s) for jenkins (credentialId:jenkins-cred/method:publickey)ERROR: Failed to authenticate as jenkins with credential=jenkins-credjava.io.IOException: Publickey authentication failed. at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:291) at com.trilead.ssh2.Connection.authenticateWithPublicKey(Connection.java:483) at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.doAuthenticate(TrileadSSHPublicKeyAuthenticator.java:109) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:436) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:455) at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1214) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:844) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:831) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:748)Caused by: java.io.IOException: PEM problem: it is of unknown type at com.trilead.ssh2.crypto.PEMDecoder.decodeKeyPair(PEMDecoder.java:500) at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:225) ... 11 more[10/09/18 10:14:36] [SSH] Authentication failed.Authentication failed.[10/09/18 10:14:36] Launch failed - cleaning up connection[10/09/18 10:14:36] [SSH] Connection closed.
{noformat}
As a workaround, I had to re-enter the private key in [https://jenkins.unimaticaspa.it/credentials/store/system/domain/_/credential/jenkins-cred/update] in the format:

-----BEGIN RSA PRIVATE KEY-----
[…]
-----END RSA PRIVATE KEY-----

instead of the previous (I don't know how I entered it the first time years ago)

{[…]}

New: After I installed the latest LTS I cannot connect to the Linux slave/agent anymore. The error is:
{noformat}
SSHLauncher{host='[OMISSIS]', port=22, credentialsId='jenkins-cred', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=210, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.KnownHostsFileKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true}SSHLauncher{host='[OMISSIS]', port=22, credentialsId='jenkins-cred', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=210, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.KnownHostsFileKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true}[10/09/18 10:14:36] [SSH] Opening SSH connection to [OMISSIS]:22.[10/09/18 10:14:36] [SSH] SSH host key matches key in Known Hosts file. Connection will be allowed.ERROR: Server rejected the 1 private key(s) for jenkins (credentialId:jenkins-cred/method:publickey)ERROR: Failed to authenticate as jenkins with credential=jenkins-credjava.io.IOException: Publickey authentication failed. at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:291) at com.trilead.ssh2.Connection.authenticateWithPublicKey(Connection.java:483) at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.doAuthenticate(TrileadSSHPublicKeyAuthenticator.java:109) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:436) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:455) at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1214) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:844) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:831) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:748)Caused by: java.io.IOException: PEM problem: it is of unknown type at com.trilead.ssh2.crypto.PEMDecoder.decodeKeyPair(PEMDecoder.java:500) at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:225) ... 11 more[10/09/18 10:14:36] [SSH] Authentication failed.Authentication failed.[10/09/18 10:14:36] Launch failed - cleaning up connection[10/09/18 10:14:36] [SSH] Connection closed.
{noformat}
As a workaround, I had to re-enter the private key in [https://jenkins.unimaticaspa.it/credentials/store/system/domain/_/credential/jenkins-cred/update] in the format:
{noformat}
-----BEGIN RSA PRIVATE KEY-----
[…]
-----END RSA PRIVATE KEY-----{noformat}
instead of the previous (I don't know how I entered it the first time years ago)
{noformat}
{[…]}{noformat}

Giacomo Boccardo made changes - 2018-10-09 08:57

Priority

Original: Blocker [ 1 ]

New: Major [ 3 ]

Giacomo Boccardo made changes - 2018-10-09 08:58

Description

Original: After I installed the latest LTS I cannot connect to the Linux slave/agent anymore. The error is:
{noformat}
SSHLauncher{host='[OMISSIS]', port=22, credentialsId='jenkins-cred', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=210, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.KnownHostsFileKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true}SSHLauncher{host='[OMISSIS]', port=22, credentialsId='jenkins-cred', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=210, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.KnownHostsFileKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true}[10/09/18 10:14:36] [SSH] Opening SSH connection to [OMISSIS]:22.[10/09/18 10:14:36] [SSH] SSH host key matches key in Known Hosts file. Connection will be allowed.ERROR: Server rejected the 1 private key(s) for jenkins (credentialId:jenkins-cred/method:publickey)ERROR: Failed to authenticate as jenkins with credential=jenkins-credjava.io.IOException: Publickey authentication failed. at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:291) at com.trilead.ssh2.Connection.authenticateWithPublicKey(Connection.java:483) at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.doAuthenticate(TrileadSSHPublicKeyAuthenticator.java:109) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:436) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:455) at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1214) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:844) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:831) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:748)Caused by: java.io.IOException: PEM problem: it is of unknown type at com.trilead.ssh2.crypto.PEMDecoder.decodeKeyPair(PEMDecoder.java:500) at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:225) ... 11 more[10/09/18 10:14:36] [SSH] Authentication failed.Authentication failed.[10/09/18 10:14:36] Launch failed - cleaning up connection[10/09/18 10:14:36] [SSH] Connection closed.
{noformat}
As a workaround, I had to re-enter the private key in [https://jenkins.unimaticaspa.it/credentials/store/system/domain/_/credential/jenkins-cred/update] in the format:
{noformat}
-----BEGIN RSA PRIVATE KEY-----
[…]
-----END RSA PRIVATE KEY-----{noformat}
instead of the previous (I don't know how I entered it the first time years ago)
{noformat}
{[…]}{noformat}

New: After I installed the latest LTS I cannot connect to the Linux slave/agent anymore. The error is:
{noformat}
SSHLauncher{host='[OMISSIS]', port=22, credentialsId='jenkins-cred', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=210, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.KnownHostsFileKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true}SSHLauncher{host='[OMISSIS]', port=22, credentialsId='jenkins-cred', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=210, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.KnownHostsFileKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true}[10/09/18 10:14:36] [SSH] Opening SSH connection to [OMISSIS]:22.[10/09/18 10:14:36] [SSH] SSH host key matches key in Known Hosts file. Connection will be allowed.ERROR: Server rejected the 1 private key(s) for jenkins (credentialId:jenkins-cred/method:publickey)ERROR: Failed to authenticate as jenkins with credential=jenkins-credjava.io.IOException: Publickey authentication failed. at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:291) at com.trilead.ssh2.Connection.authenticateWithPublicKey(Connection.java:483) at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.doAuthenticate(TrileadSSHPublicKeyAuthenticator.java:109) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:436) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:455) at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1214) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:844) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:831) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:748)Caused by: java.io.IOException: PEM problem: it is of unknown type at com.trilead.ssh2.crypto.PEMDecoder.decodeKeyPair(PEMDecoder.java:500) at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:225) ... 11 more[10/09/18 10:14:36] [SSH] Authentication failed.Authentication failed.[10/09/18 10:14:36] Launch failed - cleaning up connection[10/09/18 10:14:36] [SSH] Connection closed.
{noformat}
As a workaround, I had to re-enter the private key in [https://jenkins.unimaticaspa.it/credentials/store/system/domain/_/credential/jenkins-cred/update] using the format:
{noformat}
-----BEGIN RSA PRIVATE KEY-----
[…]
-----END RSA PRIVATE KEY-----{noformat}
instead of the previous one (I don't know how I entered it the first time years ago):
{noformat}
{[…]}{noformat}

Jeff Thompson made changes - 2018-10-09 14:35

Assignee

Original: Jeff Thompson [ jthompson ]

Giacomo Boccardo made changes - 2019-02-18 09:24

Description

Original: After I installed the latest LTS I cannot connect to the Linux slave/agent anymore. The error is:
{noformat}
SSHLauncher{host='[OMISSIS]', port=22, credentialsId='jenkins-cred', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=210, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.KnownHostsFileKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true}SSHLauncher{host='[OMISSIS]', port=22, credentialsId='jenkins-cred', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=210, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.KnownHostsFileKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true}[10/09/18 10:14:36] [SSH] Opening SSH connection to [OMISSIS]:22.[10/09/18 10:14:36] [SSH] SSH host key matches key in Known Hosts file. Connection will be allowed.ERROR: Server rejected the 1 private key(s) for jenkins (credentialId:jenkins-cred/method:publickey)ERROR: Failed to authenticate as jenkins with credential=jenkins-credjava.io.IOException: Publickey authentication failed. at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:291) at com.trilead.ssh2.Connection.authenticateWithPublicKey(Connection.java:483) at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.doAuthenticate(TrileadSSHPublicKeyAuthenticator.java:109) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:436) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:455) at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1214) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:844) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:831) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:748)Caused by: java.io.IOException: PEM problem: it is of unknown type at com.trilead.ssh2.crypto.PEMDecoder.decodeKeyPair(PEMDecoder.java:500) at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:225) ... 11 more[10/09/18 10:14:36] [SSH] Authentication failed.Authentication failed.[10/09/18 10:14:36] Launch failed - cleaning up connection[10/09/18 10:14:36] [SSH] Connection closed.
{noformat}
As a workaround, I had to re-enter the private key in [https://jenkins.unimaticaspa.it/credentials/store/system/domain/_/credential/jenkins-cred/update] using the format:
{noformat}
-----BEGIN RSA PRIVATE KEY-----
[…]
-----END RSA PRIVATE KEY-----{noformat}
instead of the previous one (I don't know how I entered it the first time years ago):
{noformat}
{[…]}{noformat}

New: After I installed the latest LTS I cannot connect to the Linux slave/agent anymore. The error is:
{noformat}
SSHLauncher{host='[OMISSIS]', port=22, credentialsId='jenkins-cred', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=210, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.KnownHostsFileKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true}SSHLauncher{host='[OMISSIS]', port=22, credentialsId='jenkins-cred', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=210, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.KnownHostsFileKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true}[10/09/18 10:14:36] [SSH] Opening SSH connection to [OMISSIS]:22.[10/09/18 10:14:36] [SSH] SSH host key matches key in Known Hosts file. Connection will be allowed.ERROR: Server rejected the 1 private key(s) for jenkins (credentialId:jenkins-cred/method:publickey)ERROR: Failed to authenticate as jenkins with credential=jenkins-credjava.io.IOException: Publickey authentication failed. at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:291) at com.trilead.ssh2.Connection.authenticateWithPublicKey(Connection.java:483) at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.doAuthenticate(TrileadSSHPublicKeyAuthenticator.java:109) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:436) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:455) at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1214) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:844) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:831) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:748)Caused by: java.io.IOException: PEM problem: it is of unknown type at com.trilead.ssh2.crypto.PEMDecoder.decodeKeyPair(PEMDecoder.java:500) at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:225) ... 11 more[10/09/18 10:14:36] [SSH] Authentication failed.Authentication failed.[10/09/18 10:14:36] Launch failed - cleaning up connection[10/09/18 10:14:36] [SSH] Connection closed.
{noformat}
As a workaround, I had to re-enter the private key in [https://$HOST/credentials/store/system/domain/_/credential/jenkins-cred/update|https://jenkins.unimaticaspa.it/credentials/store/system/domain/_/credential/jenkins-cred/update] using the format:
{noformat}
-----BEGIN RSA PRIVATE KEY-----
[…]
-----END RSA PRIVATE KEY-----{noformat}
instead of the previous one (I don't know how I entered it the first time years ago):
{noformat}
{[…]}{noformat}

MICHAEL LUPO added a comment - 2019-02-28 23:14

This is plaguing a large jenkins install in my company. This needs to be fixed PRONTO!

MICHAEL LUPO added a comment - 2019-02-28 23:14 This is plaguing a large jenkins install in my company. This needs to be fixed PRONTO!

Mark Waite added a comment - 2019-02-28 23:36 - edited

mikelupo the bug report describes a work around which can be applied immediately and requires no change to any software anywhere. Have you tried that work around?

My interpretation of this report is that it is reporting that previously the private key credential field would accept an invalid format and then would assume that the invalid format was an RSA private key. The private key credential field no longer accepts that invalid format. It now requires a valid format for the private key.

My understanding of the standard definition of a private key definition is that it must include the prologue

-----BEGIN RSA PRIVATE KEY-----

and the epilogue

-----END RSA PRIVATE KEY-----

That information defines the format of the private key. When I use an ed25519 private key, the prologue is different. When I use a dsa private key, the prologue is different as well.

Mark Waite added a comment - 2019-02-28 23:36 - edited mikelupo the bug report describes a work around which can be applied immediately and requires no change to any software anywhere. Have you tried that work around? My interpretation of this report is that it is reporting that previously the private key credential field would accept an invalid format and then would assume that the invalid format was an RSA private key. The private key credential field no longer accepts that invalid format. It now requires a valid format for the private key. My understanding of the standard definition of a private key definition is that it must include the prologue -----BEGIN RSA PRIVATE KEY----- and the epilogue -----END RSA PRIVATE KEY----- That information defines the format of the private key. When I use an ed25519 private key, the prologue is different. When I use a dsa private key, the prologue is different as well.

Jenkins

Details

Description

Attachments

Activity

Collapse comment: MICHAEL LUPO added a comment - 2019-02-28 23:14

Expand comment: MICHAEL LUPO added a comment - 2019-02-28 23:14

Collapse comment: Mark Waite added a comment - 2019-02-28 23:36, Edited by Mark Waite - 2019-02-28 23:37

Expand comment: Mark Waite added a comment - 2019-02-28 23:36, Edited by Mark Waite - 2019-02-28 23:37

People

Dates