• Icon: Bug Bug
    • Resolution: Not A Defect
    • Icon: Major Major

      • My Jenkins exists on Amazon EC2 engine.
      •  I'm trying to add ubuntu slave via ssh.
      • While creating an instance, a <filename>.pem file is generated for storing .ssh keys which is a private key. No separate pub ssh key is there. 
      • I can ssh directly using terminal from my master to slave and vice versa using that key file
        ssh -i "/home/ubuntu/.ssh/scarlet.pem" ec2-user@ec2-52-66-241-52.ap-south-1.compute.amazonaws.com
        ssh i "/home/ec2user/.ssh/scarlet.pem" ubuntu@ec2-52-66-103-201.ap-south-1.compute.amazonaws.com

        But when I try to configure my slave via any of the ssh method, it gives me error.

      • How I've configured (one of the method)?
        • I've saved slave machine credentials as "ssh key username with private key"
        • Launch method: Launch agents via SSH
        • Hostname: slave machine private ip address, as it is the hostname.
        • Host Key Verification Strategy: Manually trusted key Verification Strategy
      • If I try "Manually provided key verification strategy", it gives me bug. see (bug-screenshot attached).

      Note:

      • I cannot regenerate ssh keys as I'll not be able to access my machines again. 
      • I cannot use credentials as username/password as either there is no password or I'm not that much linux expert. They only method offered in amazon.aws seems to be the ssh key (.pem ssh key file)
      • I've tried everything whatever mentioned in other jenkins tickets for same issue or on internet, but my issue is not getting resolved.

      Please see attachment for log details.

      I'm literally blocked right now, need assistance asap.

        1. bug-screenshot.JPG
          bug-screenshot.JPG
          118 kB
        2. slave.log
          2 kB
        3. slave.log.1
          2 kB
        4. slave.log.10
          1 kB
        5. slave.log.2
          2 kB
        6. slave.log.3
          2 kB
        7. slave.log.4
          2 kB
        8. slave.log.5
          2 kB
        9. slave.log.6
          2 kB
        10. slave.log.7
          2 kB
        11. slave.log.8
          2 kB
        12. slave.log.9
          1 kB
        13. slave-screenshot.JPG
          slave-screenshot.JPG
          89 kB

          [JENKINS-56969] Unable to connect to slave via ssh

          Matt Sicker added a comment -

          What key type is your private key? I do recall seeing some Trilead classes removed from Jenkins not that long ago, so it's possible you found a regression. There was also an upgrade for JSch which disabled some insecure key types and parameters, though I don't believe that's used in any of the plugins you listed.

          Matt Sicker added a comment - What key type is your private key? I do recall seeing some Trilead classes removed from Jenkins not that long ago, so it's possible you found a regression. There was also an upgrade for JSch which disabled some insecure key types and parameters, though I don't believe that's used in any of the plugins you listed.

          Nicketa Kumar added a comment -

          It is .PEM. This is the type of key being generated by aws.

          Also as you can see in log, the error is "Caused by: java.io.IOException: PEM problem: it is of unknown type" which means jenkins is unable to read it as per my understanding.

          The second issue is, if I try Host Key Verification Strategy as Manually trusted key Verification Strategy, then there is a bug in jenkins. you can see here bug-screenshot.JPG

          Nicketa Kumar added a comment - It is .PEM. This is the type of key being generated by aws. Also as you can see in log, the error is "Caused by: java.io.IOException: PEM problem: it is of unknown type" which means jenkins is unable to read it as per my understanding. The second issue is, if I try Host Key Verification Strategy as Manually trusted key Verification Strategy, then there is a bug in jenkins. you can see here  bug-screenshot.JPG

          about the screenshot, the key you've pasted there is the private key, that it is not correct, on verification strategies you have to use the public key, because of that you can not connect to your EC2 instance, it is not possible to verify the key.

          Ivan Fernandez Calvo added a comment - about the screenshot, the key you've pasted there is the private key, that it is not correct, on verification strategies you have to use the public key, because of that you can not connect to your EC2 instance, it is not possible to verify the key.

          when https://issues.jenkins-ci.org/browse/JENKINS-56187 is merger this kind of errors will be detected on the UI

          Ivan Fernandez Calvo added a comment - when https://issues.jenkins-ci.org/browse/JENKINS-56187 is merger this kind of errors will be detected on the UI

          Nicketa Kumar added a comment -

          Thanks. I've found a workaround. I converted the keys using putty again and used that. that is working well. You can close the ticket. Thanks for help.

          Nicketa Kumar added a comment - Thanks. I've found a workaround. I converted the keys using putty again and used that. that is working well. You can close the ticket. Thanks for help.

            jvz Matt Sicker
            nicks9188 Nicketa Kumar
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: