Uploaded image for project: 'Bamboo Data Center'
  1. Bamboo Data Center
  2. BAM-21897

svn+ssh:// URL fails when connecting to recent Subversion server over SSH

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: High High
    • 9.0.2
    • 9.0.0, 8.2.6, 8.1.10, 8.0.11, 9.0.1
    • Repository (Subversion)
    • None

      Issue Summary

      This is reproducible on Data Center:

      When creating a Subversion repository in Bamboo, it fails with svn: E210002: There was a problem while connecting to svnserver:22 when using svn+ssh:// in the URL.

      Older Key Exchange algorithms are already deprecated or not supported by later versions of OpenSSH (see this page for a better explanation). The svnkit library version used by Bamboo uses deprecated KEX and fails to connect to later versions of the SSH service.

      Steps to Reproduce

      1. Set a Subversion server over SSH
      2. Configure a Subversion repository and use a svn+ssh://svnserver/path/to/repo as the Repository root URL
      3. Click on the test button

      Expected Results

      The test should succeed

      Actual Results

      The test fails on the UI:

      svn: E210002: There was a problem while connecting to svnserver:22

      And in the Bamboo logs:

      2022-09-23 20:17:25,172 INFO [https-jsse-nio-45900-exec-11 url: /rest/api/latest/repository/testConnection; user: ealvarenga] [RepositoryResource] Failed to connect to repository (type: Subversion, location: svn+ssh://svnserver/var/opt/svn/new-repo, time: 672.1 ms, errors: [svn: E210002: There was a problem while connecting to svnserver:22])

      When enabling svnkit logs we can also observe:

      Sep 23, 2022 8:17:25 PM org.tmatesoft.svn.core.internal.util.DefaultSVNDebugLogger log
FINE: NETWORK: svn: E210002: There was a problem while connecting to svnserver:22

      And on the SSHD server:

      Unable to negotiate with 10.0.9.13 port 33622: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth]

      Workarounds

      1. Allow old KEX on the SSHD service running the Subversion server. Add the following option to /etc/ssh/sshd_config or equivalent file: 
        KexAlgorithms +diffie-hellman-group1-sha1
      2. Configure your Subversion service to serve contents through HTTP/HTTPS or pure SVN protocols and set them on the repository configuration on Bamboo.

            [BAM-21897] svn+ssh:// URL fails when connecting to recent Subversion server over SSH

            There are no comments yet on this issue.

              mgardias Marcin Gardias
              73868399605e Eduardo Alvarenga (Inactive)
              Affected customers:
              0 This affects my team
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: