• 2.303.1

      Hello,

        We upgraded from 2.280 to 2.285 and now we are getting the following:

      _[root@~]_ _"/usr/lib/jvm/java-1.8.0/bin/java" -jar jenkins-cli.jar -s http://127.0.0.1:8080 -ssh -user "jenkins_automation" -p 53801 -i jenkins-key.pem who-am-i_
      _Mar 31, 2021 12:50:15 PM io.jenkins.cli.shaded.org.apache.sshd.common.util.security.AbstractSecurityProviderRegistrar getOrCreateProvider_
      _INFO: getOrCreateProvider(EdDSA) created instance of io.jenkins.cli.shaded.net.i2p.crypto.eddsa.EdDSASecurityProvider_
      _Mar 31, 2021 12:50:15 PM io.jenkins.cli.shaded.org.apache.sshd.common.io.DefaultIoServiceFactoryFactory getIoServiceProvider_
      _INFO: No detected/configured IoServiceFactoryFactory using Nio2ServiceFactoryFactory_
      _io.jenkins.cli.shaded.org.apache.sshd.common.SshException: No more authentication methods available_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.future.AbstractSshFuture.verifyResult(AbstractSshFuture.java:126)_
       _at io.jenkins.cli.shaded.org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:39)_
       _at io.jenkins.cli.shaded.org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:32)_
       _at hudson.cli.SSHCLI.sshConnection(SSHCLI.java:108)_
       _at hudson.cli.CLI._main(CLI.java:285)_
       _at hudson.cli.CLI.main(CLI.java:96)_
      _Caused by: io.jenkins.cli.shaded.org.apache.sshd.common.SshException: No more authentication methods available_
       _at io.jenkins.cli.shaded.org.apache.sshd.client.session.ClientUserAuthService.tryNext(ClientUserAuthService.java:342)_
       _at io.jenkins.cli.shaded.org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:277)_
       _at io.jenkins.cli.shaded.org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:224)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:502)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:428)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1463)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:388)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:64)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:358)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:335)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:332)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)_
       _at java.security.AccessController.doPrivileged(Native Method)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)_
       _at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)_
       _at sun.nio.ch.Invoker.invokeDirect(Invoker.java:157)_
       _at sun.nio.ch.UnixAsynchronousSocketChannelImpl.implRead(UnixAsynchronousSocketChannelImpl.java:555)_
       _at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:277)_
       _at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:298)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.doReadCycle(Nio2Session.java:429)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:362)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:335)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:332)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)_
       _at java.security.AccessController.doPrivileged(Native Method)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)_
       _at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)_
       _at sun.nio.ch.Invoker.invokeDirect(Invoker.java:157)_
       _at sun.nio.ch.UnixAsynchronousSocketChannelImpl.implRead(UnixAsynchronousSocketChannelImpl.java:555)_
       _at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:277)_
       _at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:298)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.doReadCycle(Nio2Session.java:429)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:362)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:335)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:332)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)_
       _at java.security.AccessController.doPrivileged(Native Method)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)_
       _at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)_
       _at sun.nio.ch.Invoker$2.run(Invoker.java:218)_
       _at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)_
       _at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)_
       _at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)_
       _at java.lang.Thread.run(Thread.java:748)_
      
        The credential are correct as the following works fine:
      
      _[root@~]# ssh -i jenkins-key.pem -p 53801 jenkins_automation@localhost who-am-i_
      _Authenticated as: jenkins_automation_
      _Authorities:_
       _authenticated_
       _system_users_
       _ROLE_SYSTEM_USERS_
      

        I checked the changelog and I can see the following on 2.284: "Update Jenkins CLI to SSHD Core from 1.7.0 to 2.6.0. (pull 5206)". I am not sure if related.

       

        We are suing SSH Credentials Plugin version 1.18.2, SSH server version 3.0.3.

       

        Any suggestion would be welcome.

       

      Thanks

      Andrea

       

       

        

        

       

         

       

          [JENKINS-65273] Jenkins CLI unable to read SSH

          Andrea Lai added a comment -

          We downgraded to 2.283 and the problem is gone so I presume 2.284 has a fault or a change in settings that we are missing 

          Andrea Lai added a comment - We downgraded to 2.283 and the problem is gone so I presume 2.284 has a fault or a change in settings that we are missing 

          Matt Sicker added a comment - - edited

          Which server key authentication methods do you have enabled on the server? More specifically, can you re-run that ssh command with -vv flags?

          Matt Sicker added a comment - - edited Which server key authentication methods do you have enabled on the server? More specifically, can you re-run that ssh command with -vv flags?

          Andrea Lai added a comment -

          Hello Matt, thanks for looking into this.

          The verbose SSH command returned:

          OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
          debug1: Reading configuration data /etc/ssh/ssh_config
          debug1: /etc/ssh/ssh_config line 61: Applying options for *
          debug2: resolving "localhost" port 53801
          debug2: ssh_connect_direct: needpriv 0
          debug1: Connecting to localhost [::1] port 53801.
          debug1: Connection established.
          debug1: permanently_set_uid: 0/0
          debug1: key_load_public: No such file or directory
          debug1: identity file /tmp/kitchen/cache/jenkins-key type -1
          debug1: key_load_public: No such file or directory
          debug1: identity file /tmp/kitchen/cache/jenkins-key-cert type -1
          debug1: Enabling compatibility mode for protocol 2.0
          debug1: Local version string SSH-2.0-OpenSSH_7.4
          debug1: Remote protocol version 2.0, remote software version SSHD-UNKNOWN
          debug1: no match: SSHD-UNKNOWN
          debug2: fd 3 setting O_NONBLOCK
          debug1: Authenticating to localhost:53801 as 'jenkins_automation'
          debug1: SSH2_MSG_KEXINIT sent
          debug1: SSH2_MSG_KEXINIT received
          debug2: local client KEXINIT proposal
          debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c
          debug2: host key algorithms: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-dss
          debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
          debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
          debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
          debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
          debug2: compression ctos: none,zlib@openssh.com,zlib
          debug2: compression stoc: none,zlib@openssh.com,zlib
          debug2: languages ctos:
          debug2: languages stoc:
          debug2: first_kex_follows 0
          debug2: reserved 0
          debug2: peer server KEXINIT proposal
          debug2: KEX algorithms: ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256
          debug2: host key algorithms: ssh-rsa
          debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr
          debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr
          debug2: MACs ctos: hmac-sha1,hmac-sha2-256,hmac-sha2-512
          debug2: MACs stoc: hmac-sha1,hmac-sha2-256,hmac-sha2-512
          debug2: compression ctos: none,zlib,zlib@openssh.com
          debug2: compression stoc: none,zlib,zlib@openssh.com
          debug2: languages ctos:
          debug2: languages stoc:
          debug2: first_kex_follows 0
          debug2: reserved 0
          debug1: kex: algorithm: ecdh-sha2-nistp256
          debug1: kex: host key algorithm: ssh-rsa
          debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
          debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
          debug1: kex: ecdh-sha2-nistp256 need=32 dh_need=32
          debug1: kex: ecdh-sha2-nistp256 need=32 dh_need=32
          debug1: sending SSH2_MSG_KEX_ECDH_INIT
          debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
          debug1: Server host key: ssh-rsa SHA256:xxxx
          debug1: Host '[localhost]:53801' is known and matches the RSA host key.
          debug1: Found key in /root/.ssh/known_hosts:1
          debug2: set_newkeys: mode 1
          debug1: rekey after 4294967296 blocks
          debug1: SSH2_MSG_NEWKEYS sent
          debug1: expecting SSH2_MSG_NEWKEYS
          debug1: SSH2_MSG_NEWKEYS received
          debug2: set_newkeys: mode 0
          debug1: rekey after 4294967296 blocks
          debug2: key: /tmp/kitchen/cache/jenkins-key ((nil)), explicit
          debug2: service_accept: ssh-userauth
          debug1: SSH2_MSG_SERVICE_ACCEPT received
          debug1: Authentications that can continue: publickey
          debug1: Next authentication method: publickey
          debug1: Trying private key: /tmp/kitchen/cache/jenkins-key
          debug2: we sent a publickey packet, wait for reply
          debug1: Authentication succeeded (publickey).
          Authenticated to localhost ([::1]:53801).
          debug1: channel 0: new [client-session]
          debug2: channel 0: send open
          debug1: Entering interactive session.
          debug1: pledge: network
          debug2: callback start
          debug2: fd 3 setting TCP_NODELAY
          debug2: client_session2_setup: id 0
          debug1: Sending environment.
          debug1: Sending env LANG = en_US.UTF-8
          debug2: channel 0: request env confirm 0
          debug1: Sending command: who-am-i
          debug2: channel 0: request exec confirm 1
          debug2: callback done
          debug2: channel 0: open confirm rwindow 2097152 rmax 32768
          debug2: channel_input_status_confirm: type 99 id 0
          debug2: exec request accepted on channel 0
          Authenticated as: jenkins_automation
          Authorities:
          authenticated
          system_users
          ROLE_SYSTEM_USERS
          debug2: channel 0: rcvd eof
          debug2: channel 0: output open -> drain
          debug2: channel 0: obuf empty
          debug2: channel 0: close_write
          debug2: channel 0: output drain -> closed
          debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
          debug2: channel 0: rcvd close
          debug2: channel 0: close_read
          debug2: channel 0: input open -> closed
          debug2: channel 0: almost dead
          debug2: channel 0: gc: notify user
          debug2: channel 0: gc: user detached
          debug2: channel 0: send close
          debug2: channel 0: is dead
          debug2: channel 0: garbage collecting
          debug1: channel 0: free: client-session, nchannels 1
          Transferred: sent 2536, received 1496 bytes, in 0.5 seconds
          Bytes per second: sent 5582.3, received 3293.0
          debug1: Exit status 0

           

          I tried adding "-vv" to the Java SSH call but it did not make any difference: same error stack.

           

          Andrea Lai added a comment - Hello Matt, thanks for looking into this. The verbose SSH command returned: OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 61: Applying options for * debug2: resolving "localhost" port 53801 debug2: ssh_connect_direct: needpriv 0 debug1: Connecting to localhost [::1] port 53801. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: key_load_public: No such file or directory debug1: identity file /tmp/kitchen/cache/jenkins-key type -1 debug1: key_load_public: No such file or directory debug1: identity file /tmp/kitchen/cache/jenkins-key-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_7.4 debug1: Remote protocol version 2.0, remote software version SSHD-UNKNOWN debug1: no match: SSHD-UNKNOWN debug2: fd 3 setting O_NONBLOCK debug1: Authenticating to localhost:53801 as 'jenkins_automation' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: local client KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c debug2: host key algorithms: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-dss debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,zlib@openssh.com,zlib debug2: compression stoc: none,zlib@openssh.com,zlib debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug2: peer server KEXINIT proposal debug2: KEX algorithms: ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256 debug2: host key algorithms: ssh-rsa debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr debug2: MACs ctos: hmac-sha1,hmac-sha2-256,hmac-sha2-512 debug2: MACs stoc: hmac-sha1,hmac-sha2-256,hmac-sha2-512 debug2: compression ctos: none,zlib,zlib@openssh.com debug2: compression stoc: none,zlib,zlib@openssh.com debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug1: kex: algorithm: ecdh-sha2-nistp256 debug1: kex: host key algorithm: ssh-rsa debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none debug1: kex: ecdh-sha2-nistp256 need=32 dh_need=32 debug1: kex: ecdh-sha2-nistp256 need=32 dh_need=32 debug1: sending SSH2_MSG_KEX_ECDH_INIT debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ssh-rsa SHA256:xxxx debug1: Host ' [localhost] :53801' is known and matches the RSA host key. debug1: Found key in /root/.ssh/known_hosts:1 debug2: set_newkeys: mode 1 debug1: rekey after 4294967296 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug2: set_newkeys: mode 0 debug1: rekey after 4294967296 blocks debug2: key: /tmp/kitchen/cache/jenkins-key ((nil)), explicit debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Trying private key: /tmp/kitchen/cache/jenkins-key debug2: we sent a publickey packet, wait for reply debug1: Authentication succeeded (publickey). Authenticated to localhost ( [::1] :53801). debug1: channel 0: new [client-session] debug2: channel 0: send open debug1: Entering interactive session. debug1: pledge: network debug2: callback start debug2: fd 3 setting TCP_NODELAY debug2: client_session2_setup: id 0 debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 debug2: channel 0: request env confirm 0 debug1: Sending command: who-am-i debug2: channel 0: request exec confirm 1 debug2: callback done debug2: channel 0: open confirm rwindow 2097152 rmax 32768 debug2: channel_input_status_confirm: type 99 id 0 debug2: exec request accepted on channel 0 Authenticated as: jenkins_automation Authorities: authenticated system_users ROLE_SYSTEM_USERS debug2: channel 0: rcvd eof debug2: channel 0: output open -> drain debug2: channel 0: obuf empty debug2: channel 0: close_write debug2: channel 0: output drain -> closed debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 debug2: channel 0: rcvd close debug2: channel 0: close_read debug2: channel 0: input open -> closed debug2: channel 0: almost dead debug2: channel 0: gc: notify user debug2: channel 0: gc: user detached debug2: channel 0: send close debug2: channel 0: is dead debug2: channel 0: garbage collecting debug1: channel 0: free: client-session, nchannels 1 Transferred: sent 2536, received 1496 bytes, in 0.5 seconds Bytes per second: sent 5582.3, received 3293.0 debug1: Exit status 0   I tried adding "-vv" to the Java SSH call but it did not make any difference: same error stack.  

          since Jenkins core 2.283 works is not related to https://github.com/jenkinsci/jenkins/pull/5049 because the change is in that version, I bet is related to https://github.com/jenkinsci/jenkins/commit/4d818c294fb9838902ed9e42e022f93f1cb0c9cc#diff-99bb88401742848e032fd6f51709415fb6be169a72d2e5d7fc44289255160d3c that it is included in 2.284, I think is related to the kex the version 1.7.0 is too old.
          I am working to update the sshd-plugin to 2.6.0 in https://github.com/jenkinsci/sshd-plugin/pull/37 I have to make a bunch of PRs to other plugins to update them to the new changes on the Apache Minda SSH API

          Ivan Fernandez Calvo added a comment - since Jenkins core 2.283 works is not related to https://github.com/jenkinsci/jenkins/pull/5049 because the change is in that version, I bet is related to https://github.com/jenkinsci/jenkins/commit/4d818c294fb9838902ed9e42e022f93f1cb0c9cc#diff-99bb88401742848e032fd6f51709415fb6be169a72d2e5d7fc44289255160d3c that it is included in 2.284, I think is related to the kex the version 1.7.0 is too old. I am working to update the sshd-plugin to 2.6.0 in https://github.com/jenkinsci/sshd-plugin/pull/37 I have to make a bunch of PRs to other plugins to update them to the new changes on the Apache Minda SSH API

          Andrea Lai added a comment -

          You are right. It seems something happen in 2.284 that broke our automation. Do we have any workaround or anything that we can do to make it work? We are Okay with 2.283 for awhile but we would need to upgrade in the next few weeks to stay up-to-date with the latest security patches.

          Thanks

          Andrea

          Andrea Lai added a comment - You are right. It seems something happen in 2.284 that broke our automation. Do we have any workaround or anything that we can do to make it work? We are Okay with 2.283 for awhile but we would need to upgrade in the next few weeks to stay up-to-date with the latest security patches. Thanks Andrea

          The incremental version of the plugin in that PR should resolve the issue https://ci.jenkins.io/blue/organizations/jenkins/Plugins%2Fsshd-plugin/detail/PR-37/8/artifacts, because is not a final release you will have to install it manually and wait for the official release.

          Ivan Fernandez Calvo added a comment - The incremental version of the plugin in that PR should resolve the issue https://ci.jenkins.io/blue/organizations/jenkins/Plugins%2Fsshd-plugin/detail/PR-37/8/artifacts , because is not a final release you will have to install it manually and wait for the official release.

          Jesse Glick added a comment -

          I found that updating the version of SSHD in core to a dev build

          diff --git cli/pom.xml cli/pom.xml
          index af6a574c67..c19b444034 100644
          --- cli/pom.xml
          +++ cli/pom.xml
          @@ -72,7 +72,7 @@
               <dependency>
                 <groupId>org.apache.sshd</groupId>
                 <artifactId>sshd-core</artifactId>
          -      <version>2.6.0</version>
          +      <version>2.7.1-SNAPSHOT</version>
                 <optional>true</optional>
               </dependency>
               <!-- ed25519 algorithm, see JENKINS-45318 -->
          

          corrects the regression as seen in CLITest#strictHostKey with a newer -Djenkins.version=…:

          diff --git src/test/java/org/jenkinsci/main/modules/cli/auth/ssh/CLITest.java src/test/java/org/jenkinsci/main/modules/cli/auth/ssh/CLITest.java
          index 473da96..4041ddf 100644
          --- src/test/java/org/jenkinsci/main/modules/cli/auth/ssh/CLITest.java
          +++ src/test/java/org/jenkinsci/main/modules/cli/auth/ssh/CLITest.java
          @@ -68,6 +68,7 @@ import java.nio.file.Files;
           import java.util.Arrays;
           import java.util.List;
           import java.util.concurrent.TimeUnit;
          +import java.util.logging.Level;
           
           import static org.hamcrest.Matchers.containsString;
           import static org.hamcrest.Matchers.nullValue;
          @@ -77,6 +78,7 @@ import static org.junit.Assert.assertThat;
           import static org.junit.Assume.assumeNoException;
           import static org.junit.Assume.assumeThat;
           import static org.junit.Assume.assumeTrue;
          +import org.jvnet.hudson.test.LoggerRule;
           
           /**
            * Tests CLI operation with the SSH module.
          @@ -90,6 +92,8 @@ public class CLITest {
               @Rule
               public JenkinsRule r = new JenkinsRule();
           
          +    @Rule public LoggerRule logging = new LoggerRule().record("org.jenkinsci.main.modules", Level.ALL).record("org.apache.sshd", Level.ALL);
          +
               @Rule
               public TemporaryFolder tmp = new TemporaryFolder();
           
          

          printed

             5.340 [id=97]	FINEST	o.a.s.s.s.ServerUserAuthService#process: process(ServerSessionImpl[null@/127.0.0.1:40046]) factory authentication=publickey failure details
          java.lang.IllegalArgumentException: No verifier located for algorithm=rsa-sha2-512
          	at org.apache.sshd.common.util.ValidateUtils.createFormattedException(ValidateUtils.java:213)
          	at org.apache.sshd.common.util.ValidateUtils.throwIllegalArgumentException(ValidateUtils.java:179)
          	at org.apache.sshd.common.util.ValidateUtils.checkTrue(ValidateUtils.java:168)
          	at org.apache.sshd.common.util.ValidateUtils.checkNotNull(ValidateUtils.java:40)
          	at org.apache.sshd.server.auth.pubkey.UserAuthPublicKey.doAuth(UserAuthPublicKey.java:94)
          	at org.apache.sshd.server.auth.AbstractUserAuth.auth(AbstractUserAuth.java:70)
          	at org.apache.sshd.server.session.ServerUserAuthService.process(ServerUserAuthService.java:197)
          	at org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:614)
          	at org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:547)
          	at org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1498)
          	at org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:508)
          	at org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:66)
          	at org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:301)
          	at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:281)
          	at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:278)
          	at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)
          	at java.security.AccessController.doPrivileged(Native Method)
          	at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)
          	at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)
          	at sun.nio.ch.Invoker$2.run(Invoker.java:218)
          	at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)
          	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          	at java.lang.Thread.run(Thread.java:748)
          

          and some Googling around led me to https://issues.apache.org/jira/browse/SSHD-1105 which is to be fixed in 2.7.0 (tagged a week ago but apparently not yet on Central).

          Jesse Glick added a comment - I found that updating the version of SSHD in core to a dev build diff --git cli/pom.xml cli/pom.xml index af6a574c67..c19b444034 100644 --- cli/pom.xml +++ cli/pom.xml @@ -72,7 +72,7 @@ <dependency> <groupId> org.apache.sshd </groupId> <artifactId> sshd-core </artifactId> - <version> 2.6.0 </version> + <version> 2.7.1-SNAPSHOT </version> <optional> true </optional> </dependency> <!-- ed25519 algorithm, see JENKINS-45318 --> corrects the regression as seen in CLITest#strictHostKey with a newer -Djenkins.version=… : diff --git src/test/java/org/jenkinsci/main/modules/cli/auth/ssh/CLITest.java src/test/java/org/jenkinsci/main/modules/cli/auth/ssh/CLITest.java index 473da96..4041ddf 100644 --- src/test/java/org/jenkinsci/main/modules/cli/auth/ssh/CLITest.java +++ src/test/java/org/jenkinsci/main/modules/cli/auth/ssh/CLITest.java @@ -68,6 +68,7 @@ import java.nio.file.Files; import java.util.Arrays; import java.util.List; import java.util.concurrent.TimeUnit; + import java.util.logging.Level; import static org.hamcrest.Matchers.containsString; import static org.hamcrest.Matchers.nullValue; @@ -77,6 +78,7 @@ import static org.junit.Assert.assertThat; import static org.junit.Assume.assumeNoException; import static org.junit.Assume.assumeThat; import static org.junit.Assume.assumeTrue; + import org.jvnet.hudson.test.LoggerRule; /** * Tests CLI operation with the SSH module. @@ -90,6 +92,8 @@ public class CLITest { @Rule public JenkinsRule r = new JenkinsRule(); + @Rule public LoggerRule logging = new LoggerRule().record( "org.jenkinsci.main.modules" , Level.ALL).record( "org.apache.sshd" , Level.ALL); + @Rule public TemporaryFolder tmp = new TemporaryFolder(); printed 5.340 [id=97] FINEST o.a.s.s.s.ServerUserAuthService#process: process(ServerSessionImpl[null@/127.0.0.1:40046]) factory authentication=publickey failure details java.lang.IllegalArgumentException: No verifier located for algorithm=rsa-sha2-512 at org.apache.sshd.common.util.ValidateUtils.createFormattedException(ValidateUtils.java:213) at org.apache.sshd.common.util.ValidateUtils.throwIllegalArgumentException(ValidateUtils.java:179) at org.apache.sshd.common.util.ValidateUtils.checkTrue(ValidateUtils.java:168) at org.apache.sshd.common.util.ValidateUtils.checkNotNull(ValidateUtils.java:40) at org.apache.sshd.server.auth.pubkey.UserAuthPublicKey.doAuth(UserAuthPublicKey.java:94) at org.apache.sshd.server.auth.AbstractUserAuth.auth(AbstractUserAuth.java:70) at org.apache.sshd.server.session.ServerUserAuthService.process(ServerUserAuthService.java:197) at org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:614) at org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:547) at org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1498) at org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:508) at org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:66) at org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:301) at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:281) at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:278) at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38) at java.security.AccessController.doPrivileged(Native Method) at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37) at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) at sun.nio.ch.Invoker$2.run(Invoker.java:218) at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) and some Googling around led me to https://issues.apache.org/jira/browse/SSHD-1105 which is to be fixed in 2.7.0 (tagged a week ago but apparently not yet on Central).

          Jesse Glick added a comment -

          If true, based on the Jira description, the likely workaround is to switch to a different key format.

          Jesse Glick added a comment - If true, based on the Jira description, the likely workaround is to switch to a different key format.

          Tim Jacomb added a comment -

          Can anyone see anything wrong I'm doing here?

          This is on 2.289.1 (also tried a few other versions including 2.283 same result)

          Running on Mac Big Sur, can create another issue if you think it's unrelated

          ➜  azure-test-env git:(master) ✗ java -jar jenkins-cli.jar -s http://localhost:6322/jenkins/  -ssh -user me@timja2.onmicrosoft.com -i /Users/timja/.ssh/id_rsa
          Jun 15, 2021 8:58:06 PM io.jenkins.cli.shaded.org.apache.sshd.common.util.security.AbstractSecurityProviderRegistrar getOrCreateProvider
          INFO: getOrCreateProvider(EdDSA) created instance of io.jenkins.cli.shaded.net.i2p.crypto.eddsa.EdDSASecurityProvider
          Jun 15, 2021 8:58:06 PM io.jenkins.cli.shaded.org.apache.sshd.common.io.DefaultIoServiceFactoryFactory getIoServiceProvider
          INFO: No detected/configured IoServiceFactoryFactory using Nio2ServiceFactoryFactory
          Jun 15, 2021 8:58:06 PM io.jenkins.cli.shaded.org.apache.sshd.client.config.hosts.ConfigFileHostEntryResolver reloadHostConfigEntries
          INFO: resolveEffectiveResolver(me@timja2.onmicrosoft.com@localhost:2222) loaded 4 entries from /Users/timja/.ssh/config
          Jun 15, 2021 8:58:06 PM io.jenkins.cli.shaded.org.apache.sshd.client.keyverifier.KnownHostsServerKeyVerifier acceptModifiedServerKey
          WARNING: acceptModifiedServerKey(ClientSessionImpl[me@timja2.onmicrosoft.com@localhost/127.0.0.1:2222]) mismatched keys presented by localhost/127.0.0.1:2222 for entry=[localhost]:2222 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCJvLTG+SYW6qBizYLlkT+SzFpMzqtrF6cy3Wj58E42xJJZcqmf7A1sChee37tMNFdcy68dcIuCP08Y33E2V9es=: expected=ecdsa-sha2-nistp256-SHA256:osZ9YtmDwlrUAXBmE6mVA1gWhrvu9161zccYcDk3tME, actual=ssh-rsa-SHA256:DaHXS237KOgo4lOBUofD3cjZWZ279TGSg6ymOdWnDC0
          Jun 15, 2021 8:58:06 PM io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.SessionHelper disconnect
          INFO: Disconnecting(ClientSessionImpl[me@timja2.onmicrosoft.com@localhost/127.0.0.1:2222]): SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE - Server key did not validate
          io.jenkins.cli.shaded.org.apache.sshd.common.SshException: Server key did not validate
          	at io.jenkins.cli.shaded.org.apache.sshd.common.future.AbstractSshFuture.verifyResult(AbstractSshFuture.java:126)
          	at io.jenkins.cli.shaded.org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:39)
          	at io.jenkins.cli.shaded.org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:32)
          	at hudson.cli.SSHCLI.sshConnection(SSHCLI.java:108)
          	at hudson.cli.CLI._main(CLI.java:285)
          	at hudson.cli.CLI.main(CLI.java:96)
          Caused by: io.jenkins.cli.shaded.org.apache.sshd.common.SshException: Server key did not validate
          	at io.jenkins.cli.shaded.org.apache.sshd.client.session.AbstractClientSession.checkKeys(AbstractClientSession.java:583)
          	at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.handleKexMessage(AbstractSession.java:611)
          	at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:500)
          	at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:428)
          	at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1463)
          	at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:388)
          	at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:64)
          	at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:358)
          	at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:335)
          	at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:332)
          	at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)
          	at java.base/java.security.AccessController.doPrivileged(Native Method)
          	at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)
          	at java.base/sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:127)
          	at java.base/sun.nio.ch.Invoker$2.run(Invoker.java:219)
          	at java.base/sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)
          	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
          	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
          	at java.base/java.lang.Thread.run(Thread.java:834)
          

          ssh itself works fine:

          ➜  azure-test-env git:(master) ✗ ssh me@timja2.onmicrosoft.com@127.0.0.1 -p 2222 list-jobs
          freestyle
          no-restrictions
          

          I'm trying to reproduce https://github.com/jenkinsci/azure-ad-plugin/issues/128 but I can't get the CLI to work at all =/

          Tim Jacomb added a comment - Can anyone see anything wrong I'm doing here? This is on 2.289.1 (also tried a few other versions including 2.283 same result) Running on Mac Big Sur, can create another issue if you think it's unrelated ➜ azure-test-env git:(master) ✗ java -jar jenkins-cli.jar -s http: //localhost:6322/jenkins/ -ssh -user me@timja2.onmicrosoft.com -i /Users/timja/.ssh/id_rsa Jun 15, 2021 8:58:06 PM io.jenkins.cli.shaded.org.apache.sshd.common.util.security.AbstractSecurityProviderRegistrar getOrCreateProvider INFO: getOrCreateProvider(EdDSA) created instance of io.jenkins.cli.shaded.net.i2p.crypto.eddsa.EdDSASecurityProvider Jun 15, 2021 8:58:06 PM io.jenkins.cli.shaded.org.apache.sshd.common.io.DefaultIoServiceFactoryFactory getIoServiceProvider INFO: No detected/configured IoServiceFactoryFactory using Nio2ServiceFactoryFactory Jun 15, 2021 8:58:06 PM io.jenkins.cli.shaded.org.apache.sshd.client.config.hosts.ConfigFileHostEntryResolver reloadHostConfigEntries INFO: resolveEffectiveResolver(me@timja2.onmicrosoft.com@localhost:2222) loaded 4 entries from /Users/timja/.ssh/config Jun 15, 2021 8:58:06 PM io.jenkins.cli.shaded.org.apache.sshd.client.keyverifier.KnownHostsServerKeyVerifier acceptModifiedServerKey WARNING: acceptModifiedServerKey(ClientSessionImpl[me@timja2.onmicrosoft.com@localhost/127.0.0.1:2222]) mismatched keys presented by localhost/127.0.0.1:2222 for entry=[localhost]:2222 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCJvLTG+SYW6qBizYLlkT+SzFpMzqtrF6cy3Wj58E42xJJZcqmf7A1sChee37tMNFdcy68dcIuCP08Y33E2V9es=: expected=ecdsa-sha2-nistp256-SHA256:osZ9YtmDwlrUAXBmE6mVA1gWhrvu9161zccYcDk3tME, actual=ssh-rsa-SHA256:DaHXS237KOgo4lOBUofD3cjZWZ279TGSg6ymOdWnDC0 Jun 15, 2021 8:58:06 PM io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.SessionHelper disconnect INFO: Disconnecting(ClientSessionImpl[me@timja2.onmicrosoft.com@localhost/127.0.0.1:2222]): SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE - Server key did not validate io.jenkins.cli.shaded.org.apache.sshd.common.SshException: Server key did not validate at io.jenkins.cli.shaded.org.apache.sshd.common. future .AbstractSshFuture.verifyResult(AbstractSshFuture.java:126) at io.jenkins.cli.shaded.org.apache.sshd.client. future .DefaultAuthFuture.verify(DefaultAuthFuture.java:39) at io.jenkins.cli.shaded.org.apache.sshd.client. future .DefaultAuthFuture.verify(DefaultAuthFuture.java:32) at hudson.cli.SSHCLI.sshConnection(SSHCLI.java:108) at hudson.cli.CLI._main(CLI.java:285) at hudson.cli.CLI.main(CLI.java:96) Caused by: io.jenkins.cli.shaded.org.apache.sshd.common.SshException: Server key did not validate at io.jenkins.cli.shaded.org.apache.sshd.client.session.AbstractClientSession.checkKeys(AbstractClientSession.java:583) at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.handleKexMessage(AbstractSession.java:611) at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:500) at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:428) at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1463) at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:388) at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:64) at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:358) at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:335) at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:332) at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38) at java.base/java.security.AccessController.doPrivileged(Native Method) at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37) at java.base/sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:127) at java.base/sun.nio.ch.Invoker$2.run(Invoker.java:219) at java.base/sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at java.base/java.lang. Thread .run( Thread .java:834) ssh itself works fine: ➜ azure-test-env git:(master) ✗ ssh me@timja2.onmicrosoft.com@127.0.0.1 -p 2222 list-jobs freestyle no-restrictions I'm trying to reproduce https://github.com/jenkinsci/azure-ad-plugin/issues/128 but I can't get the CLI to work at all =/

          James Nord added a comment -

          Try

          ssh me@timja2.onmicrosoft.com@localhost -p 2222 list-jobs
          freestyle
          no-restrictions
          

          See if that gives you an error.

          James Nord added a comment - Try ssh me@timja2.onmicrosoft.com@localhost -p 2222 list-jobs freestyle no-restrictions See if that gives you an error.

          Tim Jacomb added a comment -

          Isn’t that what I did?

          Tim Jacomb added a comment - Isn’t that what I did?

          Tim Jacomb added a comment -

          Oh local host will check soon

          Tim Jacomb added a comment - Oh local host will check soon

          Tim Jacomb added a comment -

          teilo

          ➜  azure-test-env git:(master) ✗ ssh me@timja2.onmicrosoft.com@localhost -p 2222 list-jobs
          Unable to negotiate with ::1 port 2222: no matching cipher found. Their offer: aes128-ctr,aes192-ctr,aes256-ctr
          

          Tim Jacomb added a comment - teilo ➜ azure-test-env git:(master) ✗ ssh me@timja2.onmicrosoft.com@localhost -p 2222 list-jobs Unable to negotiate with ::1 port 2222: no matching cipher found. Their offer: aes128-ctr,aes192-ctr,aes256-ctr

          Tim Jacomb added a comment -

          Ah it works if I download a new version of the CLI, oops, my bad.

          (side issue bit weird to have log messages coming out of a CLI):

          ➜  azure-test-env git:(master) ✗ java -jar jenkins-cli-lts.jar -s http://localhost:6322/jenkins/  -ssh -user me@timja2.onmicrosoft.com -i /Users/timja/.ssh/id_rsa
          Jun 16, 2021 7:33:49 AM io.jenkins.cli.shaded.org.apache.sshd.common.util.security.AbstractSecurityProviderRegistrar getOrCreateProvider
          INFO: getOrCreateProvider(EdDSA) created instance of io.jenkins.cli.shaded.net.i2p.crypto.eddsa.EdDSASecurityProvider
          Jun 16, 2021 7:33:49 AM io.jenkins.cli.shaded.org.apache.sshd.common.io.DefaultIoServiceFactoryFactory getIoServiceProvider
          INFO: No detected/configured IoServiceFactoryFactory using Nio2ServiceFactoryFactory
          Jun 16, 2021 7:33:49 AM io.jenkins.cli.shaded.org.apache.sshd.client.config.hosts.ConfigFileHostEntryResolver reloadHostConfigEntries
          INFO: resolveEffectiveResolver(me@timja2.onmicrosoft.com@localhost:2222) loaded 4 entries from /Users/timja/.ssh/config
            add-job-to-view
              Adds jobs to view.
            apply-configuration
              Apply YAML configuration to instance
          

          Tim Jacomb added a comment - Ah it works if I download a new version of the CLI, oops, my bad. (side issue bit weird to have log messages coming out of a CLI): ➜ azure-test-env git:(master) ✗ java -jar jenkins-cli-lts.jar -s http: //localhost:6322/jenkins/ -ssh -user me@timja2.onmicrosoft.com -i /Users/timja/.ssh/id_rsa Jun 16, 2021 7:33:49 AM io.jenkins.cli.shaded.org.apache.sshd.common.util.security.AbstractSecurityProviderRegistrar getOrCreateProvider INFO: getOrCreateProvider(EdDSA) created instance of io.jenkins.cli.shaded.net.i2p.crypto.eddsa.EdDSASecurityProvider Jun 16, 2021 7:33:49 AM io.jenkins.cli.shaded.org.apache.sshd.common.io.DefaultIoServiceFactoryFactory getIoServiceProvider INFO: No detected/configured IoServiceFactoryFactory using Nio2ServiceFactoryFactory Jun 16, 2021 7:33:49 AM io.jenkins.cli.shaded.org.apache.sshd.client.config.hosts.ConfigFileHostEntryResolver reloadHostConfigEntries INFO: resolveEffectiveResolver(me@timja2.onmicrosoft.com@localhost:2222) loaded 4 entries from /Users/timja/.ssh/config add-job-to-view Adds jobs to view. apply-configuration Apply YAML configuration to instance

            teilo James Nord
            andrea_lai Andrea Lai
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: