-
Bug
-
Resolution: Answered
-
Low
-
None
-
5.15.5
-
None
-
Severity 3 - Minor
-
Summary
SSH/SCP task fail to connect to SSH server that only have aes256-ctr, aes192-ctr ciphers
Steps to Reproduce
- Edit the file /etc/ssh/sshd_config in the SSH server to add the following lines:
Ciphers aes256-ctr,aes192-ctr
- Restart the SSH service, e.g. "/etc/init.d/ssh restart"
- Configure Bamboo SSH task to connect to the SSH server
Expected Results
Able to connect to the SSH server successfully
Actual Results
SSH task fail to connect to the SSH server with the following error in the build log:
11-Apr-2017 05:56:56 Failed to connect to host 11-Apr-2017 05:56:56 net.schmizz.sshj.transport.TransportException: Unable to reach a settlement: [aes128-ctr, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, cast128-ctr, idea-cbc, idea-ctr, serpent128-cbc, serpent128-ctr, 3des-ctr, twofish128-cbc, twofish128-ctr, arcfour, arcfour128] and [aes256-ctr, aes192-ctr] 11-Apr-2017 05:56:56 at net.schmizz.sshj.transport.Proposal.firstMatch(Proposal.java:145) 11-Apr-2017 05:56:56 at net.schmizz.sshj.transport.Proposal.negotiate(Proposal.java:127) 11-Apr-2017 05:56:56 at net.schmizz.sshj.transport.KeyExchanger.gotKexInit(KeyExchanger.java:227) 11-Apr-2017 05:56:56 at net.schmizz.sshj.transport.KeyExchanger.handle(KeyExchanger.java:359) 11-Apr-2017 05:56:56 at net.schmizz.sshj.transport.TransportImpl.handle(TransportImpl.java:493) 11-Apr-2017 05:56:56 at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:107) 11-Apr-2017 05:56:56 at net.schmizz.sshj.transport.Decoder.received(Decoder.java:175) 11-Apr-2017 05:56:56 at net.schmizz.sshj.transport.Reader.run(Reader.java:60)
Notes
https://github.com/hierynomus/sshj used by Bamboo should be able to work with aes256-ctr, aes192-ctr ciphers
Workaround
Configure the SSH server to use other ciphers like "aes128-ctr"
- mentioned in
-
Page Loading...