• 2.303.1

      Hello,

        We upgraded from 2.280 to 2.285 and now we are getting the following:

      _[root@~]_ _"/usr/lib/jvm/java-1.8.0/bin/java" -jar jenkins-cli.jar -s http://127.0.0.1:8080 -ssh -user "jenkins_automation" -p 53801 -i jenkins-key.pem who-am-i_
      _Mar 31, 2021 12:50:15 PM io.jenkins.cli.shaded.org.apache.sshd.common.util.security.AbstractSecurityProviderRegistrar getOrCreateProvider_
      _INFO: getOrCreateProvider(EdDSA) created instance of io.jenkins.cli.shaded.net.i2p.crypto.eddsa.EdDSASecurityProvider_
      _Mar 31, 2021 12:50:15 PM io.jenkins.cli.shaded.org.apache.sshd.common.io.DefaultIoServiceFactoryFactory getIoServiceProvider_
      _INFO: No detected/configured IoServiceFactoryFactory using Nio2ServiceFactoryFactory_
      _io.jenkins.cli.shaded.org.apache.sshd.common.SshException: No more authentication methods available_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.future.AbstractSshFuture.verifyResult(AbstractSshFuture.java:126)_
       _at io.jenkins.cli.shaded.org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:39)_
       _at io.jenkins.cli.shaded.org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:32)_
       _at hudson.cli.SSHCLI.sshConnection(SSHCLI.java:108)_
       _at hudson.cli.CLI._main(CLI.java:285)_
       _at hudson.cli.CLI.main(CLI.java:96)_
      _Caused by: io.jenkins.cli.shaded.org.apache.sshd.common.SshException: No more authentication methods available_
       _at io.jenkins.cli.shaded.org.apache.sshd.client.session.ClientUserAuthService.tryNext(ClientUserAuthService.java:342)_
       _at io.jenkins.cli.shaded.org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:277)_
       _at io.jenkins.cli.shaded.org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:224)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:502)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:428)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1463)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:388)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:64)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:358)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:335)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:332)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)_
       _at java.security.AccessController.doPrivileged(Native Method)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)_
       _at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)_
       _at sun.nio.ch.Invoker.invokeDirect(Invoker.java:157)_
       _at sun.nio.ch.UnixAsynchronousSocketChannelImpl.implRead(UnixAsynchronousSocketChannelImpl.java:555)_
       _at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:277)_
       _at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:298)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.doReadCycle(Nio2Session.java:429)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:362)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:335)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:332)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)_
       _at java.security.AccessController.doPrivileged(Native Method)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)_
       _at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)_
       _at sun.nio.ch.Invoker.invokeDirect(Invoker.java:157)_
       _at sun.nio.ch.UnixAsynchronousSocketChannelImpl.implRead(UnixAsynchronousSocketChannelImpl.java:555)_
       _at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:277)_
       _at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:298)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.doReadCycle(Nio2Session.java:429)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:362)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:335)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:332)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)_
       _at java.security.AccessController.doPrivileged(Native Method)_
       _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)_
       _at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)_
       _at sun.nio.ch.Invoker$2.run(Invoker.java:218)_
       _at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)_
       _at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)_
       _at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)_
       _at java.lang.Thread.run(Thread.java:748)_
      
        The credential are correct as the following works fine:
      
      _[root@~]# ssh -i jenkins-key.pem -p 53801 jenkins_automation@localhost who-am-i_
      _Authenticated as: jenkins_automation_
      _Authorities:_
       _authenticated_
       _system_users_
       _ROLE_SYSTEM_USERS_
      

        I checked the changelog and I can see the following on 2.284: "Update Jenkins CLI to SSHD Core from 1.7.0 to 2.6.0. (pull 5206)". I am not sure if related.

       

        We are suing SSH Credentials Plugin version 1.18.2, SSH server version 3.0.3.

       

        Any suggestion would be welcome.

       

      Thanks

      Andrea

       

       

        

        

       

         

       

          [JENKINS-65273] Jenkins CLI unable to read SSH

          Andrea Lai created issue -
          Mark Waite made changes -
          Labels New: regression

          Andrea Lai added a comment -

          We downgraded to 2.283 and the problem is gone so I presume 2.284 has a fault or a change in settings that we are missing 

          Andrea Lai added a comment - We downgraded to 2.283 and the problem is gone so I presume 2.284 has a fault or a change in settings that we are missing 

          Matt Sicker added a comment - - edited

          Which server key authentication methods do you have enabled on the server? More specifically, can you re-run that ssh command with -vv flags?

          Matt Sicker added a comment - - edited Which server key authentication methods do you have enabled on the server? More specifically, can you re-run that ssh command with -vv flags?

          Andrea Lai added a comment -

          Hello Matt, thanks for looking into this.

          The verbose SSH command returned:

          OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
          debug1: Reading configuration data /etc/ssh/ssh_config
          debug1: /etc/ssh/ssh_config line 61: Applying options for *
          debug2: resolving "localhost" port 53801
          debug2: ssh_connect_direct: needpriv 0
          debug1: Connecting to localhost [::1] port 53801.
          debug1: Connection established.
          debug1: permanently_set_uid: 0/0
          debug1: key_load_public: No such file or directory
          debug1: identity file /tmp/kitchen/cache/jenkins-key type -1
          debug1: key_load_public: No such file or directory
          debug1: identity file /tmp/kitchen/cache/jenkins-key-cert type -1
          debug1: Enabling compatibility mode for protocol 2.0
          debug1: Local version string SSH-2.0-OpenSSH_7.4
          debug1: Remote protocol version 2.0, remote software version SSHD-UNKNOWN
          debug1: no match: SSHD-UNKNOWN
          debug2: fd 3 setting O_NONBLOCK
          debug1: Authenticating to localhost:53801 as 'jenkins_automation'
          debug1: SSH2_MSG_KEXINIT sent
          debug1: SSH2_MSG_KEXINIT received
          debug2: local client KEXINIT proposal
          debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c
          debug2: host key algorithms: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-dss
          debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
          debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
          debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
          debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
          debug2: compression ctos: none,zlib@openssh.com,zlib
          debug2: compression stoc: none,zlib@openssh.com,zlib
          debug2: languages ctos:
          debug2: languages stoc:
          debug2: first_kex_follows 0
          debug2: reserved 0
          debug2: peer server KEXINIT proposal
          debug2: KEX algorithms: ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256
          debug2: host key algorithms: ssh-rsa
          debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr
          debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr
          debug2: MACs ctos: hmac-sha1,hmac-sha2-256,hmac-sha2-512
          debug2: MACs stoc: hmac-sha1,hmac-sha2-256,hmac-sha2-512
          debug2: compression ctos: none,zlib,zlib@openssh.com
          debug2: compression stoc: none,zlib,zlib@openssh.com
          debug2: languages ctos:
          debug2: languages stoc:
          debug2: first_kex_follows 0
          debug2: reserved 0
          debug1: kex: algorithm: ecdh-sha2-nistp256
          debug1: kex: host key algorithm: ssh-rsa
          debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
          debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
          debug1: kex: ecdh-sha2-nistp256 need=32 dh_need=32
          debug1: kex: ecdh-sha2-nistp256 need=32 dh_need=32
          debug1: sending SSH2_MSG_KEX_ECDH_INIT
          debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
          debug1: Server host key: ssh-rsa SHA256:xxxx
          debug1: Host '[localhost]:53801' is known and matches the RSA host key.
          debug1: Found key in /root/.ssh/known_hosts:1
          debug2: set_newkeys: mode 1
          debug1: rekey after 4294967296 blocks
          debug1: SSH2_MSG_NEWKEYS sent
          debug1: expecting SSH2_MSG_NEWKEYS
          debug1: SSH2_MSG_NEWKEYS received
          debug2: set_newkeys: mode 0
          debug1: rekey after 4294967296 blocks
          debug2: key: /tmp/kitchen/cache/jenkins-key ((nil)), explicit
          debug2: service_accept: ssh-userauth
          debug1: SSH2_MSG_SERVICE_ACCEPT received
          debug1: Authentications that can continue: publickey
          debug1: Next authentication method: publickey
          debug1: Trying private key: /tmp/kitchen/cache/jenkins-key
          debug2: we sent a publickey packet, wait for reply
          debug1: Authentication succeeded (publickey).
          Authenticated to localhost ([::1]:53801).
          debug1: channel 0: new [client-session]
          debug2: channel 0: send open
          debug1: Entering interactive session.
          debug1: pledge: network
          debug2: callback start
          debug2: fd 3 setting TCP_NODELAY
          debug2: client_session2_setup: id 0
          debug1: Sending environment.
          debug1: Sending env LANG = en_US.UTF-8
          debug2: channel 0: request env confirm 0
          debug1: Sending command: who-am-i
          debug2: channel 0: request exec confirm 1
          debug2: callback done
          debug2: channel 0: open confirm rwindow 2097152 rmax 32768
          debug2: channel_input_status_confirm: type 99 id 0
          debug2: exec request accepted on channel 0
          Authenticated as: jenkins_automation
          Authorities:
          authenticated
          system_users
          ROLE_SYSTEM_USERS
          debug2: channel 0: rcvd eof
          debug2: channel 0: output open -> drain
          debug2: channel 0: obuf empty
          debug2: channel 0: close_write
          debug2: channel 0: output drain -> closed
          debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
          debug2: channel 0: rcvd close
          debug2: channel 0: close_read
          debug2: channel 0: input open -> closed
          debug2: channel 0: almost dead
          debug2: channel 0: gc: notify user
          debug2: channel 0: gc: user detached
          debug2: channel 0: send close
          debug2: channel 0: is dead
          debug2: channel 0: garbage collecting
          debug1: channel 0: free: client-session, nchannels 1
          Transferred: sent 2536, received 1496 bytes, in 0.5 seconds
          Bytes per second: sent 5582.3, received 3293.0
          debug1: Exit status 0

           

          I tried adding "-vv" to the Java SSH call but it did not make any difference: same error stack.

           

          Andrea Lai added a comment - Hello Matt, thanks for looking into this. The verbose SSH command returned: OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 61: Applying options for * debug2: resolving "localhost" port 53801 debug2: ssh_connect_direct: needpriv 0 debug1: Connecting to localhost [::1] port 53801. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: key_load_public: No such file or directory debug1: identity file /tmp/kitchen/cache/jenkins-key type -1 debug1: key_load_public: No such file or directory debug1: identity file /tmp/kitchen/cache/jenkins-key-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_7.4 debug1: Remote protocol version 2.0, remote software version SSHD-UNKNOWN debug1: no match: SSHD-UNKNOWN debug2: fd 3 setting O_NONBLOCK debug1: Authenticating to localhost:53801 as 'jenkins_automation' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: local client KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c debug2: host key algorithms: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-dss debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,zlib@openssh.com,zlib debug2: compression stoc: none,zlib@openssh.com,zlib debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug2: peer server KEXINIT proposal debug2: KEX algorithms: ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256 debug2: host key algorithms: ssh-rsa debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr debug2: MACs ctos: hmac-sha1,hmac-sha2-256,hmac-sha2-512 debug2: MACs stoc: hmac-sha1,hmac-sha2-256,hmac-sha2-512 debug2: compression ctos: none,zlib,zlib@openssh.com debug2: compression stoc: none,zlib,zlib@openssh.com debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug1: kex: algorithm: ecdh-sha2-nistp256 debug1: kex: host key algorithm: ssh-rsa debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none debug1: kex: ecdh-sha2-nistp256 need=32 dh_need=32 debug1: kex: ecdh-sha2-nistp256 need=32 dh_need=32 debug1: sending SSH2_MSG_KEX_ECDH_INIT debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ssh-rsa SHA256:xxxx debug1: Host ' [localhost] :53801' is known and matches the RSA host key. debug1: Found key in /root/.ssh/known_hosts:1 debug2: set_newkeys: mode 1 debug1: rekey after 4294967296 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug2: set_newkeys: mode 0 debug1: rekey after 4294967296 blocks debug2: key: /tmp/kitchen/cache/jenkins-key ((nil)), explicit debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Trying private key: /tmp/kitchen/cache/jenkins-key debug2: we sent a publickey packet, wait for reply debug1: Authentication succeeded (publickey). Authenticated to localhost ( [::1] :53801). debug1: channel 0: new [client-session] debug2: channel 0: send open debug1: Entering interactive session. debug1: pledge: network debug2: callback start debug2: fd 3 setting TCP_NODELAY debug2: client_session2_setup: id 0 debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 debug2: channel 0: request env confirm 0 debug1: Sending command: who-am-i debug2: channel 0: request exec confirm 1 debug2: callback done debug2: channel 0: open confirm rwindow 2097152 rmax 32768 debug2: channel_input_status_confirm: type 99 id 0 debug2: exec request accepted on channel 0 Authenticated as: jenkins_automation Authorities: authenticated system_users ROLE_SYSTEM_USERS debug2: channel 0: rcvd eof debug2: channel 0: output open -> drain debug2: channel 0: obuf empty debug2: channel 0: close_write debug2: channel 0: output drain -> closed debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 debug2: channel 0: rcvd close debug2: channel 0: close_read debug2: channel 0: input open -> closed debug2: channel 0: almost dead debug2: channel 0: gc: notify user debug2: channel 0: gc: user detached debug2: channel 0: send close debug2: channel 0: is dead debug2: channel 0: garbage collecting debug1: channel 0: free: client-session, nchannels 1 Transferred: sent 2536, received 1496 bytes, in 0.5 seconds Bytes per second: sent 5582.3, received 3293.0 debug1: Exit status 0   I tried adding "-vv" to the Java SSH call but it did not make any difference: same error stack.  
          Matt Sicker made changes -
          Assignee New: Ivan Fernandez Calvo [ ifernandezcalvo ]

          since Jenkins core 2.283 works is not related to https://github.com/jenkinsci/jenkins/pull/5049 because the change is in that version, I bet is related to https://github.com/jenkinsci/jenkins/commit/4d818c294fb9838902ed9e42e022f93f1cb0c9cc#diff-99bb88401742848e032fd6f51709415fb6be169a72d2e5d7fc44289255160d3c that it is included in 2.284, I think is related to the kex the version 1.7.0 is too old.
          I am working to update the sshd-plugin to 2.6.0 in https://github.com/jenkinsci/sshd-plugin/pull/37 I have to make a bunch of PRs to other plugins to update them to the new changes on the Apache Minda SSH API

          Ivan Fernandez Calvo added a comment - since Jenkins core 2.283 works is not related to https://github.com/jenkinsci/jenkins/pull/5049 because the change is in that version, I bet is related to https://github.com/jenkinsci/jenkins/commit/4d818c294fb9838902ed9e42e022f93f1cb0c9cc#diff-99bb88401742848e032fd6f51709415fb6be169a72d2e5d7fc44289255160d3c that it is included in 2.284, I think is related to the kex the version 1.7.0 is too old. I am working to update the sshd-plugin to 2.6.0 in https://github.com/jenkinsci/sshd-plugin/pull/37 I have to make a bunch of PRs to other plugins to update them to the new changes on the Apache Minda SSH API
          Ivan Fernandez Calvo made changes -
          Description Original: Hello,

            We upgraded from 2.280 to 2.285 and now we are getting the following:

          _[root@~]_ _"/usr/lib/jvm/java-1.8.0/bin/java" -jar jenkins-cli.jar -s http://127.0.0.1:8080 -ssh -user "jenkins_automation" -p 53801 -i jenkins-key.pem who-am-i_
          _Mar 31, 2021 12:50:15 PM io.jenkins.cli.shaded.org.apache.sshd.common.util.security.AbstractSecurityProviderRegistrar getOrCreateProvider_
          _INFO: getOrCreateProvider(EdDSA) created instance of io.jenkins.cli.shaded.net.i2p.crypto.eddsa.EdDSASecurityProvider_
          _Mar 31, 2021 12:50:15 PM io.jenkins.cli.shaded.org.apache.sshd.common.io.DefaultIoServiceFactoryFactory getIoServiceProvider_
          _INFO: No detected/configured IoServiceFactoryFactory using Nio2ServiceFactoryFactory_
          _io.jenkins.cli.shaded.org.apache.sshd.common.SshException: No more authentication methods available_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.future.AbstractSshFuture.verifyResult(AbstractSshFuture.java:126)_
           _at io.jenkins.cli.shaded.org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:39)_
           _at io.jenkins.cli.shaded.org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:32)_
           _at hudson.cli.SSHCLI.sshConnection(SSHCLI.java:108)_
           _at hudson.cli.CLI._main(CLI.java:285)_
           _at hudson.cli.CLI.main(CLI.java:96)_
          _Caused by: io.jenkins.cli.shaded.org.apache.sshd.common.SshException: No more authentication methods available_
           _at io.jenkins.cli.shaded.org.apache.sshd.client.session.ClientUserAuthService.tryNext(ClientUserAuthService.java:342)_
           _at io.jenkins.cli.shaded.org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:277)_
           _at io.jenkins.cli.shaded.org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:224)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:502)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:428)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1463)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:388)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:64)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:358)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:335)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:332)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)_
           _at java.security.AccessController.doPrivileged(Native Method)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)_
           _at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)_
           _at sun.nio.ch.Invoker.invokeDirect(Invoker.java:157)_
           _at sun.nio.ch.UnixAsynchronousSocketChannelImpl.implRead(UnixAsynchronousSocketChannelImpl.java:555)_
           _at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:277)_
           _at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:298)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.doReadCycle(Nio2Session.java:429)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:362)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:335)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:332)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)_
           _at java.security.AccessController.doPrivileged(Native Method)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)_
           _at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)_
           _at sun.nio.ch.Invoker.invokeDirect(Invoker.java:157)_
           _at sun.nio.ch.UnixAsynchronousSocketChannelImpl.implRead(UnixAsynchronousSocketChannelImpl.java:555)_
           _at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:277)_
           _at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:298)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.doReadCycle(Nio2Session.java:429)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:362)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:335)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:332)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)_
           _at java.security.AccessController.doPrivileged(Native Method)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)_
           _at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)_
           _at sun.nio.ch.Invoker$2.run(Invoker.java:218)_
           _at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)_
           _at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)_
           _at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)_
           _at java.lang.Thread.run(Thread.java:748)_

            The credential are correct as the following works fine:

          _[root@~]# ssh -i jenkins-key.pem -p 53801 jenkins_automation@localhost who-am-i_
          _Authenticated as: jenkins_automation_
          _Authorities:_
           _authenticated_
           _system_users_
           _ROLE_SYSTEM_USERS_



            I checked the changelog and I can see the following on 2.284: "Update Jenkins CLI to SSHD Core from 1.7.0 to 2.6.0. ([pull 5206|https://github.com/jenkinsci/jenkins/pull/5206])". I am not sure if related.

           

            We are suing SSH Credentials Plugin version 1.18.2, SSH server version 3.0.3.

           

            Any suggestion would be welcome.

           

          Thanks

          Andrea

           

           

            

            

           

             

           
          New: Hello,

            We upgraded from 2.280 to 2.285 and now we are getting the following:

          {code}
          _[root@~]_ _"/usr/lib/jvm/java-1.8.0/bin/java" -jar jenkins-cli.jar -s http://127.0.0.1:8080 -ssh -user "jenkins_automation" -p 53801 -i jenkins-key.pem who-am-i_
          _Mar 31, 2021 12:50:15 PM io.jenkins.cli.shaded.org.apache.sshd.common.util.security.AbstractSecurityProviderRegistrar getOrCreateProvider_
          _INFO: getOrCreateProvider(EdDSA) created instance of io.jenkins.cli.shaded.net.i2p.crypto.eddsa.EdDSASecurityProvider_
          _Mar 31, 2021 12:50:15 PM io.jenkins.cli.shaded.org.apache.sshd.common.io.DefaultIoServiceFactoryFactory getIoServiceProvider_
          _INFO: No detected/configured IoServiceFactoryFactory using Nio2ServiceFactoryFactory_
          _io.jenkins.cli.shaded.org.apache.sshd.common.SshException: No more authentication methods available_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.future.AbstractSshFuture.verifyResult(AbstractSshFuture.java:126)_
           _at io.jenkins.cli.shaded.org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:39)_
           _at io.jenkins.cli.shaded.org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:32)_
           _at hudson.cli.SSHCLI.sshConnection(SSHCLI.java:108)_
           _at hudson.cli.CLI._main(CLI.java:285)_
           _at hudson.cli.CLI.main(CLI.java:96)_
          _Caused by: io.jenkins.cli.shaded.org.apache.sshd.common.SshException: No more authentication methods available_
           _at io.jenkins.cli.shaded.org.apache.sshd.client.session.ClientUserAuthService.tryNext(ClientUserAuthService.java:342)_
           _at io.jenkins.cli.shaded.org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:277)_
           _at io.jenkins.cli.shaded.org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:224)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:502)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:428)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1463)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:388)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:64)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:358)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:335)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:332)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)_
           _at java.security.AccessController.doPrivileged(Native Method)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)_
           _at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)_
           _at sun.nio.ch.Invoker.invokeDirect(Invoker.java:157)_
           _at sun.nio.ch.UnixAsynchronousSocketChannelImpl.implRead(UnixAsynchronousSocketChannelImpl.java:555)_
           _at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:277)_
           _at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:298)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.doReadCycle(Nio2Session.java:429)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:362)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:335)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:332)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)_
           _at java.security.AccessController.doPrivileged(Native Method)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)_
           _at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)_
           _at sun.nio.ch.Invoker.invokeDirect(Invoker.java:157)_
           _at sun.nio.ch.UnixAsynchronousSocketChannelImpl.implRead(UnixAsynchronousSocketChannelImpl.java:555)_
           _at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:277)_
           _at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:298)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.doReadCycle(Nio2Session.java:429)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:362)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:335)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:332)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)_
           _at java.security.AccessController.doPrivileged(Native Method)_
           _at io.jenkins.cli.shaded.org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)_
           _at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)_
           _at sun.nio.ch.Invoker$2.run(Invoker.java:218)_
           _at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)_
           _at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)_
           _at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)_
           _at java.lang.Thread.run(Thread.java:748)_

            The credential are correct as the following works fine:

          _[root@~]# ssh -i jenkins-key.pem -p 53801 jenkins_automation@localhost who-am-i_
          _Authenticated as: jenkins_automation_
          _Authorities:_
           _authenticated_
           _system_users_
           _ROLE_SYSTEM_USERS_
          {code}


            I checked the changelog and I can see the following on 2.284: "Update Jenkins CLI to SSHD Core from 1.7.0 to 2.6.0. ([pull 5206|https://github.com/jenkinsci/jenkins/pull/5206])". I am not sure if related.

           

            We are suing SSH Credentials Plugin version 1.18.2, SSH server version 3.0.3.

           

            Any suggestion would be welcome.

           

          Thanks

          Andrea

           

           

            

            

           

             

           

          Andrea Lai added a comment -

          You are right. It seems something happen in 2.284 that broke our automation. Do we have any workaround or anything that we can do to make it work? We are Okay with 2.283 for awhile but we would need to upgrade in the next few weeks to stay up-to-date with the latest security patches.

          Thanks

          Andrea

          Andrea Lai added a comment - You are right. It seems something happen in 2.284 that broke our automation. Do we have any workaround or anything that we can do to make it work? We are Okay with 2.283 for awhile but we would need to upgrade in the next few weeks to stay up-to-date with the latest security patches. Thanks Andrea

          The incremental version of the plugin in that PR should resolve the issue https://ci.jenkins.io/blue/organizations/jenkins/Plugins%2Fsshd-plugin/detail/PR-37/8/artifacts, because is not a final release you will have to install it manually and wait for the official release.

          Ivan Fernandez Calvo added a comment - The incremental version of the plugin in that PR should resolve the issue https://ci.jenkins.io/blue/organizations/jenkins/Plugins%2Fsshd-plugin/detail/PR-37/8/artifacts , because is not a final release you will have to install it manually and wait for the official release.

            teilo James Nord
            andrea_lai Andrea Lai
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: