• Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Blocker Blocker
    • core
    • Jenkins 2.185, Ubuntu 16.04, OpenJDK 1.8.0, latest plugins (ssh-slaves 1.30)
    • Jenkins 2.186

      ERROR: Unexpected error in launching a agent. This is probably a bug in Jenkins.ERROR: Unexpected error in launching a agent. This is probably a bug in Jenkins.
      
      java.lang.IllegalArgumentException: Unknown server host key algorithm 'ssh-ed25519'
       at com.trilead.ssh2.transport.KexManager.checkServerHostkeyAlgorithmsList(KexManager.java:316)
       at com.trilead.ssh2.Connection.setServerHostKeyAlgorithms(Connection.java:1289)
       at hudson.plugins.sshslaves.SSHLauncher$1.call(SSHLauncher.java:412)
       at hudson.plugins.sshslaves.SSHLauncher$1.call(SSHLauncher.java:406)
       at java.util.concurrent.FutureTask.run(FutureTask.java:266)
       at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
       at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
       at java.lang.Thread.run(Thread.java:748)[07/14/19 22:07:00] Launch failed - cleaning up connection[07/14/19 22:07:00] [SSH] Connection closed.
      

      Plugins were updated three days ago and a restart of 2.184 went fine.

      Now I just updated to 2.185 and got the quoted "Unknown server host key algorithm 'ssh-ed25519'" messages with all agents (Linux and MacOS) offline.

      Probably something related to the recent 'trilead' changes?

       

      Workaround: Downgrade to previous version ('apt install jenkins=2.184').

          [JENKINS-58483] Jenkins 2.185 won't connect to SSH agents

          Oleg Nenashev added a comment -

          I confirm the issue happens in my local build. Looks like it comes from the CLI dependency

           

          [INFO] org.jenkins-ci.main:jenkins-core:jar:2.186-SNAPSHOT [INFO] 
          +- org.jenkins-ci.plugins.icon-shim:icon-set:jar:1.0.5:compile [INFO] 
          +- org.jenkins-ci.main:remoting:jar:3.33:compile [INFO] | \- org.jenkins-ci:constant-pool-scanner:jar:1.2:compile [INFO] +- org.jenkins-ci.main:cli:jar:2.186-SNAPSHOT:compile [INFO] | +- net.i2p.crypto:eddsa:jar:0.3.0:compile [INFO] | \- org.jenkins-ci:trilead-ssh2:jar:build214-jenkins-1:compile
          

          Oleg Nenashev added a comment - I confirm the issue happens in my local build. Looks like it comes from the CLI dependency   [INFO] org.jenkins-ci.main:jenkins-core:jar:2.186-SNAPSHOT [INFO] +- org.jenkins-ci.plugins.icon-shim:icon-set:jar:1.0.5:compile [INFO] +- org.jenkins-ci.main:remoting:jar:3.33:compile [INFO] | \- org.jenkins-ci:constant-pool-scanner:jar:1.2:compile [INFO] +- org.jenkins-ci.main:cli:jar:2.186-SNAPSHOT:compile [INFO] | +- net.i2p.crypto:eddsa:jar:0.3.0:compile [INFO] | \- org.jenkins-ci:trilead-ssh2:jar:build214-jenkins-1:compile

          Oleg Nenashev added a comment -

          Oh well, Jenkins core includes CLI https://github.com/jenkinsci/jenkins/blob/jenkins-2.185/core/pom.xml#L58-L62 . Right now I do not have any idea except removing the dependency or excluding the JAR from the dependencies. Both options will unlikely fly well, but I am trying them locally

           

          Oleg Nenashev added a comment - Oh well, Jenkins core includes CLI  https://github.com/jenkinsci/jenkins/blob/jenkins-2.185/core/pom.xml#L58-L62  . Right now I do not have any idea except removing the dependency or excluding the JAR from the dependencies. Both options will unlikely fly well, but I am trying them locally  

          Oleg Nenashev added a comment -

          Created JENKINS-58494 for the CLI dependency removal

          Oleg Nenashev added a comment - Created  JENKINS-58494 for the CLI dependency removal

          Rafael Camargo added a comment - - edited

           

          Same issue here Jenkins 2.185
           
           
           
          SSHLauncher{host='dhp-dev-app-01.sq-cloud.local', port=22, credentialsId='ssh_jenkins', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=210, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.NonVerifyingKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true}[07/15/19 09:53:34] [SSH] Opening SSH connection to dhp-dev-app-01.sq-cloud.local:22.[07/15/19 09:53:35] [SSH] WARNING: SSH Host Keys are not being verified. Man-in-the-middle attacks may be possible against this connection.ERROR: SSH authentication failedjava.lang.ClassNotFoundException: com.trilead.ssh2.crypto.cipher.BlockCipher at java.net.URLClassLoader.findClass(URLClassLoader.java:382) at java.lang.ClassLoader.loadClass(ClassLoader.java:424) at java.lang.ClassLoader.loadClass(ClassLoader.java:357) at org.eclipse.jetty.webapp.WebAppClassLoader.loadClass(WebAppClassLoader.java:555) at java.lang.ClassLoader.loadClass(ClassLoader.java:357)Caused: java.lang.NoClassDefFoundError: com/trilead/ssh2/crypto/cipher/BlockCipher at com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey.getPrivateKeys(BasicSSHUserPrivateKey.java:174) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.getPrivateKeys(SSHAuthenticator.java:484) at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.doAuthenticate(TrileadSSHPublicKeyAuthenticator.java:107) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:436) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:473) at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1213) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:846) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:833) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748)[07/15/19 09:53:35] [SSH] Authentication failed.Authentication failed.[07/15/19 09:53:35] Launch failed - cleaning up connection[07/15/19 09:53:35] [SSH] Connection closed.
          

           

          Rafael Camargo added a comment - - edited   Same issue here Jenkins 2.185       SSHLauncher{host= 'dhp-dev-app-01.sq-cloud.local' , port=22, credentialsId= 'ssh_jenkins' , jvmOptions= '', javaPath=' ', prefixStartSlaveCmd=' ', suffixStartSlaveCmd=' ', launchTimeoutSeconds=210, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.NonVerifyingKeyVerificationStrategy, tcpNoDelay= true , trackCredentials= true }[07/15/19 09:53:34] [SSH] Opening SSH connection to dhp-dev-app-01.sq-cloud.local:22.[07/15/19 09:53:35] [SSH] WARNING: SSH Host Keys are not being verified. Man-in-the-middle attacks may be possible against this connection.ERROR: SSH authentication failedjava.lang.ClassNotFoundException: com.trilead.ssh2.crypto.cipher.BlockCipher at java.net.URLClassLoader.findClass(URLClassLoader.java:382) at java.lang. ClassLoader .loadClass( ClassLoader .java:424) at java.lang. ClassLoader .loadClass( ClassLoader .java:357) at org.eclipse.jetty.webapp.WebAppClassLoader.loadClass(WebAppClassLoader.java:555) at java.lang. ClassLoader .loadClass( ClassLoader .java:357)Caused: java.lang.NoClassDefFoundError: com/trilead/ssh2/crypto/cipher/BlockCipher at com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey.getPrivateKeys(BasicSSHUserPrivateKey.java:174) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.getPrivateKeys(SSHAuthenticator.java:484) at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.doAuthenticate(TrileadSSHPublicKeyAuthenticator.java:107) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:436) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:473) at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1213) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:846) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:833) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang. Thread .run( Thread .java:748)[07/15/19 09:53:35] [SSH] Authentication failed.Authentication failed.[07/15/19 09:53:35] Launch failed - cleaning up connection[07/15/19 09:53:35] [SSH] Connection closed.  

          Same issue with Jenkins 2.185
           
          SSHLauncher

          {host='dhp-dev-app-01.sq-cloud.local', port=22, credentialsId='ssh_jenkins', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=210, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.NonVerifyingKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true}

          [07/15/19 09:53:34] [SSH] Opening SSH connection to dhp-dev-app-01.sq-cloud.local:22.[07/15/19 09:53:35] [SSH] WARNING: SSH Host Keys are not being verified. Man-in-the-middle attacks may be possible against this connection.ERROR: SSH authentication failedjava.lang.ClassNotFoundException: com.trilead.ssh2.crypto.cipher.BlockCipher at java.net.URLClassLoader.findClass(URLClassLoader.java:382) at java.lang.ClassLoader.loadClass(ClassLoader.java:424) at java.lang.ClassLoader.loadClass(ClassLoader.java:357) at org.eclipse.jetty.webapp.WebAppClassLoader.loadClass(WebAppClassLoader.java:555) at java.lang.ClassLoader.loadClass(ClassLoader.java:357)Caused: java.lang.NoClassDefFoundError: com/trilead/ssh2/crypto/cipher/BlockCipher at com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey.getPrivateKeys(BasicSSHUserPrivateKey.java:174) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.getPrivateKeys(SSHAuthenticator.java:484) at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.doAuthenticate(TrileadSSHPublicKeyAuthenticator.java:107) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:436) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:473) at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1213) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:846) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:833) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748)[07/15/19 09:53:35] [SSH] Authentication failed.Authentication failed.[07/15/19 09:53:35] Launch failed - cleaning up connection[07/15/19 09:53:35] [SSH] Connection closed.

          Leonardo Santos added a comment - Same issue with Jenkins 2.185   SSHLauncher {host='dhp-dev-app-01.sq-cloud.local', port=22, credentialsId='ssh_jenkins', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=210, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.NonVerifyingKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true} [07/15/19 09:53:34] [SSH] Opening SSH connection to dhp-dev-app-01.sq-cloud.local:22. [07/15/19 09:53:35] [SSH] WARNING: SSH Host Keys are not being verified. Man-in-the-middle attacks may be possible against this connection.ERROR: SSH authentication failedjava.lang.ClassNotFoundException: com.trilead.ssh2.crypto.cipher.BlockCipher at java.net.URLClassLoader.findClass(URLClassLoader.java:382) at java.lang.ClassLoader.loadClass(ClassLoader.java:424) at java.lang.ClassLoader.loadClass(ClassLoader.java:357) at org.eclipse.jetty.webapp.WebAppClassLoader.loadClass(WebAppClassLoader.java:555) at java.lang.ClassLoader.loadClass(ClassLoader.java:357)Caused: java.lang.NoClassDefFoundError: com/trilead/ssh2/crypto/cipher/BlockCipher at com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey.getPrivateKeys(BasicSSHUserPrivateKey.java:174) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.getPrivateKeys(SSHAuthenticator.java:484) at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.doAuthenticate(TrileadSSHPublicKeyAuthenticator.java:107) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:436) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:473) at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1213) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:846) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:833) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) [07/15/19 09:53:35] [SSH] Authentication failed.Authentication failed. [07/15/19 09:53:35] Launch failed - cleaning up connection [07/15/19 09:53:35] [SSH] Connection closed.

          Oleg Nenashev added a comment -

          Oleg Nenashev added a comment - https://github.com/jenkinsci/jenkins/pull/4111  and  https://github.com/jenkinsci/ssh-cli-auth-module/pull/10  are needed to address the issue AFAICT

          Oleg Nenashev added a comment -

          Apparently there was a regression in SSH CLI Auth Module which was not discovered in reviews. https://github.com/jenkinsci/ssh-cli-auth-module/pull/14 should fix it

          Oleg Nenashev added a comment - Apparently there was a regression in SSH CLI Auth Module which was not discovered in reviews.  https://github.com/jenkinsci/ssh-cli-auth-module/pull/14  should fix it

          Oleg Nenashev added a comment -

          Whomever needs a test build of the fix, it is here: https://repo.jenkins-ci.org/incrementals/org/jenkins-ci/main/jenkins-war/2.186-rc28479.a2d1d0c725fe/ . Downgrade is still recommended for production use. I hope we will rollout an out-of-order weekly release by EoD tomorrow, see https://groups.google.com/forum/#!topic/jenkinsci-advisories/lWw746kv4Kg 

          Oleg Nenashev added a comment - Whomever needs a test build of the fix, it is here:  https://repo.jenkins-ci.org/incrementals/org/jenkins-ci/main/jenkins-war/2.186-rc28479.a2d1d0c725fe/  . Downgrade is still recommended for production use. I hope we will rollout an out-of-order weekly release by EoD tomorrow, see  https://groups.google.com/forum/#!topic/jenkinsci-advisories/lWw746kv4Kg  

          Oleg Nenashev added a comment -

          To be released in 2.186 today, unless something goes really wrong

          Oleg Nenashev added a comment - To be released in 2.186 today, unless something goes really wrong

          Bharat Bhatia added a comment -

          2.186 fixed this issue

          Bharat Bhatia added a comment - 2.186 fixed this issue

            oleg_nenashev Oleg Nenashev
            j_adam Jens Adam
            Votes:
            22 Vote for this issue
            Watchers:
            37 Start watching this issue

              Created:
              Updated:
              Resolved: