Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-69149

Git client "accept new host key" breaks SSH auth from OpenSSH 7.5 and earlier


    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Blocker Blocker
    • git-client-plugin
    • None
    • Debian Linux 9.13
      OpenSSH 7.4p1
    • 3.11.2

      After updating jenkins to 2.361 and all plugins to latest versions, jenkins ssh attempts to clone gitlab repository (standard git client) and fails with output:

      Setting origin to git@gitlab.xxxxx:yyyy/project.git
      > git config remote.origin.url git@gitlab.xxxxx:yyyy/project.git # timeout=10
      Fetching origin...
      Fetching upstream changes from origin
      > git --version # timeout=10
      > git --version # 'git version 2.11.0'
      > git config --get remote.origin.url # timeout=10
      using GIT_SSH to set credentials Gitlab Jenkins SSH Key
      Verifying host key using known hosts file, will automatically accept unseen keys
      > git fetch --tags --progress – origin +refs/heads/:refs/remotes/origin/ # timeout=10
      hudson.plugins.git.GitException: Command "git fetch --tags --progress – origin +refs/heads/:refs/remotes/origin/" returned status code 128:
      stderr: command-line line 0: unsupported option "accept-new".
      fatal: Could not read from remote repository.

      Manually executing "ssh -o StrictHostKeyChecking=accept-new gitlab" returns error. Substituting 'accept-new' with 'no' results in no error.

            markewaite Mark Waite
            koan00 Jesse McCormick
            15 Vote for this issue
            29 Start watching this issue