Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-75214

Launching EC2 slaves can fail if multiple host keys are present

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • ec2-plugin
    • None
    • Operating System: AWS EC2, Ubuntu 22.04.5 LTS
      JRE/JDK: openjdk version "21.0.5" 2024-10-15
      Jenkins version: 2.479.3
      Amazon EC2 plugin version: 1823.v828850f7f155
      Amazon Web Services SDK version: 1.12.772-477.v650d756dcf6d

      SSH launching fails with host key mismatch

      Jan 30, 2025 5:27:23 PM hudson.plugins.ec2.EC2Cloud WARNING: The SSH key (redacted-fingerprint-1) presented by the instance has changed since first saved (redacted-fingerprint-2). The connection to EC2 (redacted-hostname) - IntegrationTest (i-redacted) is closed to prevent a possible man-in-the-middle attack Jan 30, 2025 5:27:23 PM hudson.plugins.ec2.EC2Cloud WARNING: Authentication failed. Trying again...

      Interrogating the known hosts on the built-in node with `ssh-keygen -l -E md5 -F ip-address` reveals that both the presented key (ECDSA), and the previously saved key (ED25519) are present in known hosts, along with a third key (RSA). The keys are on consecutive lines, with the ED25519 key first, the RSA second, and the ECDSA key third.

      Manual ssh to the node ec2 instance is successful, tested via `ssh -v ubuntu@ip-address hostname`

      It should be noted that this particular node ec2 instance is long-lived (unlike most nodes which are ephemeral) for reasons. As such it previously had extended uptimes prior to upgrading to the latest version / ec2 plugin et al.

       

       

       

          [JENKINS-75214] Launching EC2 slaves can fail if multiple host keys are present

            jmdesprez Jean-Marc Desprez
            maharg101 Graham
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: