Description
Please update the SSH exchange key algorithms that are used by the current Bamboo java library. Based on the current encryption levels, SSH and SCP tasks can fail with the following error message if your environment is set to use higher encrypted algorithms:
Starting task 'SCP <application> to <server name>' of type 'com.atlassian.bamboo.plugins.bamboo-scp-plugin:scptask' 09-Oct-2015 14:15:42 Connecting to <server name>.<domain> on port: 22 09-Oct-2015 14:15:42 Failed to connect to host 09-Oct-2015 14:15:42 net.schmizz.sshj.transport.TransportException: Unable to reach a settlement: [diffie-hellman-group14-sha1, diffie-hellman-group1-sha1] and [curve25519-sha256@libssh.org, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group-exchange-sha256, diffie-hellman-group-exchange-sha1] 09-Oct-2015 14:15:42 at net.schmizz.sshj.transport.Proposal.firstMatch(Proposal.java:145) 09-Oct-2015 14:15:42 at net.schmizz.sshj.transport.Proposal.negotiate(Proposal.java:128) 09-Oct-2015 14:15:42 at net.schmizz.sshj.transport.KeyExchanger.gotKexInit(KeyExchanger.java:219) 09-Oct-2015 14:15:42 at net.schmizz.sshj.transport.KeyExchanger.handle(KeyExchanger.java:344) 09-Oct-2015 14:15:42 at net.schmizz.sshj.transport.TransportImpl.handle(TransportImpl.java:458) 09-Oct-2015 14:15:42 at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:107) 09-Oct-2015 14:15:42 at net.schmizz.sshj.transport.Decoder.received(Decoder.java:175) 09-Oct-2015 14:15:42 at net.schmizz.sshj.transport.Reader.run(Reader.java:61) 09-Oct-2015 14:15:42 Finished task 'SCP <application> to <server name>' with result: Error
We need to have a change made to the library to enable Bamboo to use higher encrypted algorithms. In the example above, the following algorithms are needed:
curve25519-sha256@libssh.org, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group-exchange-sha256, diffie-hellman-group-exchange-sha1