using Jenkins I can't connect to a Debian Jessie box via ssh
Question
Using Jenkin CI's 'SSH plugin' I can not make a connection to a Debian Jessie box using password auth. I am able to ssh to the box directly with my local terminal no problem. I don't have the same issue with Debian Wheezy or Ubuntu LTS. Any ideas? Not an iptables issue, the firewall is wide open.
1 answers
solution1
0 2015-04-26 05:03:03
openssh-server 6.7 changes are at fault:
http://www.openssh.com/txt/release-6.7
Changes since OpenSSH 6.6
=========================
Potentially-incompatible changes
* sshd(8): The default set of ciphers and MACs has been altered to
remove unsafe algorithms. In particular, CBC ciphers and arcfour*
are disabled by default.
The full set of algorithms remains available if configured
explicitly via the Ciphers and MACs sshd_config options.
I think Jenkins needs to update the ssh clients to a supported and secure cipher. I added the below to my sshd_config and it did the trick:
KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
Anyone happen to know which of these ciphers is the one Jenkins uses?
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.