Git fails to fetch the Multibranch Pipeline repo since the 2.346.2 LTS and related Plugin updates. It's worth mentioning that the update ran into the Mina SSH / CasC dependency cycle, which was finally resolved by an update.
 
While branch discovering and fetching the Jenkinsfile works fine, the actual build fails due to "Permission denied (publickey)".
Jobs were working until that day, SSH Credentials haven't changed.
This happens on all agents (Linux, Windows), connections (SSH, Swarm Client) and clients (CLI, JGit, JGit + Http Client). The error is reproducable with a simple Multibranch Pipeline Job – see below.
 
It seems the credentials aren't passed to the actual Git / SSH calls at this point:
 

run_command: unset GIT_PREFIX; GIT_PROTOCOL=version=2 'ssh -vvv' -o SendEnv=GIT_PROTOCOL git@[[ REPO ]] 'git-upload-pack

 
(GIT_SSH_COMMAND=ssh -vvv and GIT_TRACE=1)
 
According to SSH debug log no other keys than the default locations (~/.ssh/id{_}...) are attempted.  
 
The issue appeared before the host key verification change of Git plugin already.
Using JGit or JGit with Apache HTTP Client fails too, just with a slightly different message.
 

Error

ERROR: Error fetching remote repo 'origin'
hudson.plugins.git.GitException: Failed to fetch from ssh://git@[[ REPO ]]
 ...
git@[[ REPO ]]: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

 (Log attached)
 

Reproduction

Using a minimal declarative Pipeline Jenkinsfile.
 

1. Generate an ed25519 SSH key (no Password to simplify testing), readable to the Pipelines repo
2. Create a Multibranch Pipeline
3. Add SSH key to Pipeline (at pipeline level, type: SSH username and private key)
4. Mulitbranch Pipeline scan succeeds and lists branches (log shows usage of correct credentials)
5. Build a branch: Fetching the Jenkinsfile ok, correct credentials are used, but checkout step fails
    

Workaround

 
Restore Master host from backup.