[JIRA] [ssh-credentials] (JENKINS-24273) Presence of ECDSA SSH keys breaks SSH credentials plugin
Hendrik Halkow reopened JENKINS-24273 Presence of ECDSA SSH keys breaks SSH credentials plugin This didn't solve the problem and I still can't connect to any SSH slave when ECDSA keys are present. Even with SSH agent plugin installed I don't see any difference. I suggest that we release version 1.10 by reverting the code to 1.7 and only release ECDSA updates when they are really implemented. This is the slave connection log: 09/11/14 18:01:36 SSH Opening SSH connection to xx:22. ERROR: Server rejected the 1 private key(s) for xx (credentialId:101b6fd0-3bb9---c5dbb6f7d966/method:publickey) ERROR: Server rejected the 2 private key(s) for xx (credentialId:101b6fd0-3bb9---c5dbb6f7d966/method:publickey) ERROR: Failed to authenticate as xx with credential=101b6fd0---8e7d-c5dbb6f7d966 java.io.IOException: Publickey authentication failed. at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:315) at com.trilead.ssh2.Connection.authenticateWithPublicKey(Connection.java:467) at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.doAuthenticate(TrileadSSHPublicKeyAuthenticator.java:109) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:408) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:428) at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1138) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:648) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:642) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: java.io.IOException: Invalid PEM structure, '-BEGIN...' missing at com.trilead.ssh2.crypto.PEMDecoder.parsePEM(PEMDecoder.java:138) at com.trilead.ssh2.crypto.PEMDecoder.decode(PEMDecoder.java:313) at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:224) ... 11 more ERROR: Failed to authenticate as xx with credential=101b6fd0---8e7d-c5dbb6f7d966 java.io.IOException: Publickey authentication failed. at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:315) at com.trilead.ssh2.Connection.authenticateWithPublicKey(Connection.java:467) at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.doAuthenticate(TrileadSSHPublicKeyAuthenticator.java:109) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:408) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:428) at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1138) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:648) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:642) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: java.io.IOException: Sorry, this connection is closed. at com.trilead.ssh2.transport.TransportManager.sendMessage(TransportManager.java:647) at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:283) ... 11 more Caused by: java.io.IOException: Invalid PEM structure, '-BEGIN...' missing at com.trilead.ssh2.crypto.PEMDecoder.parsePEM(PEMDecoder.java:138) at com.trilead.ssh2.crypto.PEMDecoder.decode(PEMDecoder.java:313) at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:224) ... 11 more 09/11/14 18:01:47 SSH Authentication failed. hudson.AbortException: Authentication failed. at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1143) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:648) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:642) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
[JIRA] [ssh-credentials] (JENKINS-24273) Presence of ECDSA SSH keys breaks SSH credentials plugin
Hendrik Halkow commented on JENKINS-24273 Presence of ECDSA SSH keys breaks SSH credentials plugin Yes, I do have the unrestricted JCA policy in the master's JVM. I am running the latest LTS version 1.565.1 on Java 8 update 11. Same happens with the latest Jenkins version, 1.575. Below is my slave connection log. Have a look at the exception and the link I posted above. ERROR: Failed to authenticate as build-tcc with credential=872d37c9-0500-4097-ad35-9fbbdb50edbd java.io.IOException: Publickey authentication failed. at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:315) at com.trilead.ssh2.Connection.authenticateWithPublicKey(Connection.java:467) at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.doAuthenticate(TrileadSSHPublicKeyAuthenticator.java:106) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:408) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:428) at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1138) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:648) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:642) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: java.io.IOException: Invalid PEM structure, '-BEGIN...' missing at com.trilead.ssh2.crypto.PEMDecoder.parsePEM(PEMDecoder.java:138) at com.trilead.ssh2.crypto.PEMDecoder.decode(PEMDecoder.java:313) at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:224) ... 11 more 08/14/14 21:14:16 SSH Authentication failed. hudson.AbortException: Authentication failed. at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1143) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:648) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:642) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) 08/14/14 21:14:16 SSH Connection closed. 08/14/14 21:14:16 Launch failed - cleaning up connection This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [ssh-credentials] (JENKINS-24273) Presence of ECDSA SSH keys breaks SSH credentials plugin
Hendrik Halkow edited a comment on JENKINS-24273 Presence of ECDSA SSH keys breaks SSH credentials plugin Yes, I do have the unrestricted JCA policy in the master's JVM. I am running the latest LTS version 1.565.1 on Java 8 update 11. Same happens with the latest Jenkins version, 1.575. On the command line, my ECDSA keys work fine. Below is my slave connection log. Have a look at the exception and the link I posted above. ERROR: Failed to authenticate as build-tcc with credential=872d37c9-0500-4097-ad35-9fbbdb50edbd java.io.IOException: Publickey authentication failed. at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:315) at com.trilead.ssh2.Connection.authenticateWithPublicKey(Connection.java:467) at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.doAuthenticate(TrileadSSHPublicKeyAuthenticator.java:106) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:408) at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.authenticate(SSHAuthenticator.java:428) at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1138) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:648) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:642) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: java.io.IOException: Invalid PEM structure, '-BEGIN...' missing at com.trilead.ssh2.crypto.PEMDecoder.parsePEM(PEMDecoder.java:138) at com.trilead.ssh2.crypto.PEMDecoder.decode(PEMDecoder.java:313) at com.trilead.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:224) ... 11 more 08/14/14 21:14:16 SSH Authentication failed. hudson.AbortException: Authentication failed. at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1143) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:648) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:642) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) 08/14/14 21:14:16 SSH Connection closed. 08/14/14 21:14:16 Launch failed - cleaning up connection This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [ssh-credentials] (JENKINS-24273) Presence of ECDSA SSH keys breaks SSH credentials plugin
Hendrik Halkow updated JENKINS-24273 Presence of ECDSA SSH keys breaks SSH credentials plugin Change By: Hendrik Halkow (14/Aug/14 6:52 PM) Summary: PresenceofECDSASSHkeys break breaks SSHcredentialsplugin This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [ssh-credentials] (JENKINS-24273) Presence of ECDSA SSH keys breaks SSH credentials plugin
SCM/JIRA link daemon resolved JENKINS-24273 as Fixed Presence of ECDSA SSH keys breaks SSH credentials plugin Change By: SCM/JIRA link daemon (15/Aug/14 7:46 PM) Status: Open Resolved Resolution: Fixed This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [ssh-credentials] (JENKINS-24273) Presence of ECDSA SSH keys breaks SSH credentials plugin
SCM/JIRA link daemon commented on JENKINS-24273 Presence of ECDSA SSH keys breaks SSH credentials plugin Code changed in jenkins User: Stephen Connolly Path: src/main/java/com/cloudbees/jenkins/plugins/sshcredentials/impl/TrileadSSHPublicKeyAuthenticator.java http://jenkins-ci.org/commit/ssh-credentials-plugin/a5fb4045c3e50d651e32593a789310d01a31648a Log: FIXED JENKINS-24273 Thrilead SSH throws IOE when passed an unknown keytype This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.