• Type: Bug
• Resolution: Fixed
• Priority: Critical
• Component/s: trilead-api-plugin
• Labels:

  • plugin
  • regression
  • slave
• Environment:

  Jenkins LTS 2.222.4
  All latest plugins including Script Security update to 1.73
  

[JENKINS-62567] ERROR: Server rejected the 1 private key(s) for ...

Steve Graham created issue - 2020-06-04 14:21

Collapse comment: Steve Graham added a comment - 2020-06-04 14:24

Steve Graham added a comment - 2020-06-04 14:24

revert to Trilead 1.0.6 and the connection to slaves works again.

Expand comment: Steve Graham added a comment - 2020-06-04 14:24

Steve Graham added a comment - 2020-06-04 14:24 revert to Trilead 1.0.6 and the connection to slaves works again.

Steve Graham made changes - 2020-06-04 14:33

Labels

Original: plugin slave

New: plugin regression slave

Steve Graham made changes - 2020-06-04 14:34

Description

Original: Nodes do not start after latest pluginn updates. Narrowed down to Trilead version 1.0.7 Causes error : SSHLauncher{host='xxx', port=22, credentialsId='myCredentials', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=60, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.KnownHostsFileKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true} [06/04/20 14:30:19] [SSH] Opening SSH connection to xxx:22. Searching for xxx in /home/blabla/.ssh/known_hosts Searching for xxx:22 in /home/blabla/.ssh/known_hosts [06/04/20 14:30:19] [SSH] SSH host key matches key in Known Hosts file. Connection will be allowed. *ERROR: Server rejected the 1 private key(s) for blabla(credentialId:myCredentials/method:publickey)* [06/04/20 14:30:19] [SSH] Authentication failed. Authentication failed. [06/04/20 14:30:19] Launch failed - cleaning up connection [06/04/20 14:30:19] [SSH] Connection closed.

New: Slaves/Nodes do not start after latest plugin updates. Narrowed down to Trilead version 1.0.7 Causes error : SSHLauncher{host='xxx', port=22, credentialsId='myCredentials', jvmOptions='', javaPath='', prefixStartSlaveCmd='', suffixStartSlaveCmd='', launchTimeoutSeconds=60, maxNumRetries=10, retryWaitTime=15, sshHostKeyVerificationStrategy=hudson.plugins.sshslaves.verifiers.KnownHostsFileKeyVerificationStrategy, tcpNoDelay=true, trackCredentials=true} [06/04/20 14:30:19] [SSH] Opening SSH connection to xxx:22. Searching for xxx in /home/blabla/.ssh/known_hosts Searching for xxx:22 in /home/blabla/.ssh/known_hosts [06/04/20 14:30:19] [SSH] SSH host key matches key in Known Hosts file. Connection will be allowed. *ERROR: Server rejected the 1 private key(s) for blabla(credentialId:myCredentials/method:publickey)* [06/04/20 14:30:19] [SSH] Authentication failed. Authentication failed. [06/04/20 14:30:19] Launch failed - cleaning up connection [06/04/20 14:30:19] [SSH] Connection closed.

Collapse comment: Matt Sicker added a comment - 2020-06-04 16:05

Matt Sicker added a comment - 2020-06-04 16:05

sgjenkins Is this an RSA key?

Expand comment: Matt Sicker added a comment - 2020-06-04 16:05

Matt Sicker added a comment - 2020-06-04 16:05 sgjenkins Is this an RSA key?

Collapse comment: ethorsa added a comment - 2020-06-04 16:10

ethorsa added a comment - 2020-06-04 16:10

I can confirm the problem with username / password connections (trilead-api v1.0.7). Downgrade to 1.0.6 solved it for me too.

Expand comment: ethorsa added a comment - 2020-06-04 16:10

ethorsa added a comment - 2020-06-04 16:10 I can confirm the problem with username / password connections (trilead-api v1.0.7). Downgrade to 1.0.6 solved it for me too.

Collapse comment: Ivan Fernandez Calvo added a comment - 2020-06-04 16:28

Ivan Fernandez Calvo added a comment - 2020-06-04 16:28

jvz Do you have time to work on it? if not I will revert the trilead-ssh2 upgrade

Expand comment: Ivan Fernandez Calvo added a comment - 2020-06-04 16:28

Ivan Fernandez Calvo added a comment - 2020-06-04 16:28 jvz Do you have time to work on it? if not I will revert the trilead-ssh2 upgrade

Collapse comment: Ivan Fernandez Calvo added a comment - 2020-06-04 16:30

Ivan Fernandez Calvo added a comment - 2020-06-04 16:30

ethorsa sgjenkins could you post the header of those keys? should be something like these

----BEGIN OPENSSH PRIVATE KEY----
----BEGIN RSA PRIVATE KEY----
----BEGIN EC PRIVATE KEY----
----BEGIN DSA PRIVATE KEY----

Expand comment: Ivan Fernandez Calvo added a comment - 2020-06-04 16:30

Ivan Fernandez Calvo added a comment - 2020-06-04 16:30 ethorsa sgjenkins could you post the header of those keys? should be something like these ---- BEGIN OPENSSH PRIVATE KEY ---- ---- BEGIN RSA PRIVATE KEY ---- ---- BEGIN EC PRIVATE KEY ---- ---- BEGIN DSA PRIVATE KEY ----

Collapse comment: Matt Sicker added a comment - 2020-06-04 16:31

Matt Sicker added a comment - 2020-06-04 16:31

Yeah, I'll be looking into this today. I'll let you know if the fix doesn't seem trivial enough to implement today so you can revert until I have a full fix.

Expand comment: Matt Sicker added a comment - 2020-06-04 16:31

Matt Sicker added a comment - 2020-06-04 16:31 Yeah, I'll be looking into this today. I'll let you know if the fix doesn't seem trivial enough to implement today so you can revert until I have a full fix.

Collapse comment: ethorsa added a comment - 2020-06-04 16:42

ethorsa added a comment - 2020-06-04 16:42

Username / password connections shouldn't send these headers?

Expand comment: ethorsa added a comment - 2020-06-04 16:42

ethorsa added a comment - 2020-06-04 16:42 Username / password connections shouldn't send these headers?

Load more newer events