9

Jenkins master is running on Amazon instance and slave machine set up on dedicated Soyoustart machine. Worked fine until it was needed to redo the slave setup: reinstalled the OS, installed Java, added masters key to slave authorized_keys and removed/added again the slave in masters known_hosts. Set up new credentials for the slave and configured the node in Jenkins master but it is unable to connect to the slave.

The setup is the the same that is and has been working with other slaves without hiccups. The only thing different is that this time the new slave is the same machine with the IP as the old one was.

It is possible to ssh into the slave from master from CLI(replaced filename and slave IP with placeholder for this post): $ ssh -i <key-file> jenkins@<slave-ip>

Credentials have been set up : enter image description here

Node is configured: enter image description here

Output when connecting to the slave:

[05/17/15 07:30:31] [SSH] Opening SSH connection to <slave-ip>.
Key exchange was not finished, connection is closed.
ERROR: Unexpected error in launching a slave. This is probably a bug in Jenkins.
java.lang.IllegalStateException: Connection is not established!
at com.trilead.ssh2.Connection.getRemainingAuthMethods(Connection.java:1030)
at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.getRemainingAuthMethods(TrileadSSHPublicKeyAuthenticator.java:88)
at com.cloudbees.jenkins.plugins.sshcredentials.impl.TrileadSSHPublicKeyAuthenticator.canAuthenticate(TrileadSSHPublicKeyAuthenticator.java:80)
at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.newInstance(SSHAuthenticator.java:207)
at com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator.newInstance(SSHAuthenticator.java:169)
at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1173)
at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:701)
at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:696)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
[05/17/15 07:30:31] Launch failed - cleaning up connection
[05/17/15 07:30:31] [SSH] Connection closed.

Version numbers:

  • Jenkins 1.613
  • SSH Credentials Plugin 1.11
  • SSH Slaves plugin 1.9

For those who prefer to dig into code:

Am I missing something obvious here? What could be causing this? Any known workaround? Or does it look like a bug that needs to be reported?

Please let me know if more information is needed.

Tanel Mae
  • 191
  • 1
  • 1
  • 2

2 Answers2

7

I'm running Jenkins master using official Docker image which uses OpenJDK8 and should not need to install JCE.

Apparently this is an unresolved issue in Jenkins/SSH security.

My current workaround is by commenting out MACs and KexAlgorithm line in /etc/ssh/sshd_config of Jenkins Slave and restarting the sshd (service ssh restart on Ubuntu)

UPDATE: the issue has been resolved as of 2017-04-29

akhy
  • 5,760
  • 6
  • 39
  • 60
2

I suspect that you need to install the Java Cryptography Extension for your JVM. Without that the RSA key size is limited and authentication is not being established.

See https://issues.jenkins-ci.org/browse/JENKINS-26495 for more details.

tarantoga
  • 1,096
  • 9
  • 19
  • 2
    You probably missed the part where I said that it connects fine to other slaves. – Tanel Mae May 22 '15 at 04:07
  • @TanelMae I got the exact same issue too. I'm running Jenkins using official Docker image which uses OpenJDK8 and don't need to install JCE – akhy Apr 04 '16 at 02:56