Plugin is not seeing settings in my config file

[ZillaG]

Jenkins and plugins versions report

Environment

I have the following simple pipeline to test this plugin

def uploadFileToSFtpSite(final String workspace,
                         final String remoteDir,
                         final String artifact) {
  dir(workspace) {
    withCredentials([[$class: 'UsernamePasswordMultiBinding',
                      credentialsId: 'sftp_user',
                      usernameVariable: 'SFTP_USER',
                      passwordVariable: 'SFTP_PW'
    ]]) {
        sshPublisher(
      publishers: [
        sshPublisherDesc(
          configName: 'ftp.kmhapub.com',
          sshCredentials: [
            encryptedPassphrase: "{$SFTP_PW}",
            key: '',
            keyPath: '',
            username: SFTP_USER],
          sshRetry: [
            retries: 0,
            retryDelay: 10000],
          transfers: [
            sshTransfer(
              cleanRemote: false,
              excludes: '',
              execCommand: '',
              execTimeout: 60000,
              flatten: false,
              makeEmptyDirs: false,
              noDefaultExcludes: false,
              patternSeparator: '[, ]+',
              remoteDirectory: remoteDir,
              remoteDirectorySDF: false,
              removePrefix: '',
              sourceFiles: artifact)],
          usePromotionTimestamp: false,
          useWorkspaceInPromotion: false,
          verbose: true)]
    )
    }
  }
}


node('exa-build-03') {
    stage('Test SFTP') {
        sh "touch junk.txt; pwd; ls; whoami"
        uploadFileToSFtpSite(env.WORKSPACE, "test-ftp", "junk.txt")
    }
}

I have the following ~/.ssh/config file setup up for the user that's running the pipeline

Host ftp.company.com                                                                                            
  Hostname ftp.company.com                                                                                      
  User devops                                                                                                   
  HostKeyAlgorithms = +ssh-rsa                                                                                  
  PubkeyAcceptedAlgorithms = +ssh-rsa

But I'm still getting the following

What Operating System are you using (both controller, and any agents involved in the problem)?

Jenkins master: Linux jenkins.company.com 4.15.0-211-generic #222-Ubuntu SMP Tue Apr 18 18:55:06 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

Jenkins Build node: Windows Server 2016 Standard

Reproduction steps

1. On the build node, set up ~/.ssh/authorized_keys file to contain a valid public ssh key
2. On the build node, set up ~/.ssh/config file

Host ftp.company.com                                                                                            
  Hostname ftp.company.com                                                                                      
  User devops                                                                                                   
  HostKeyAlgorithms = +ssh-rsa                                                                                  
  PubkeyAcceptedAlgorithms = +ssh-rsa

4. Write a Jenkins pipeline

def uploadFileToSFtpSite(final String workspace,
                         final String remoteDir,
                         final String artifact) {
  dir(workspace) {
    withCredentials([[$class: 'UsernamePasswordMultiBinding',
                      credentialsId: 'sftp_devops_user',
                      usernameVariable: 'SFTP_USER',
                      passwordVariable: 'SFTP_PW'
    ]]) {
        sshPublisher(
      publishers: [
        sshPublisherDesc(
          configName: 'ftp.kmhapub.com',
          sshCredentials: [
            encryptedPassphrase: "{$SFTP_PW}",
            key: '',
            keyPath: '',
            username: SFTP_USER],
          sshRetry: [
            retries: 0,
            retryDelay: 10000],
          transfers: [
            sshTransfer(
              cleanRemote: false,
              excludes: '',
              execCommand: '',
              execTimeout: 60000,
              flatten: false,
              makeEmptyDirs: false,
              noDefaultExcludes: false,
              patternSeparator: '[, ]+',
              remoteDirectory: remoteDir,
              remoteDirectorySDF: false,
              removePrefix: '',
              sourceFiles: artifact)],
          usePromotionTimestamp: false,
          useWorkspaceInPromotion: false,
          verbose: true)]
    )
    }
  }
}


node('exa-build-03') {
    stage('Test SFTP') {
        sh "touch junk.txt; pwd; ls; whoami"
        uploadFileToSFtpSite(env.WORKSPACE, "test-ftp", "junk.txt")
    }
}

5. Run it

Expected Results

Should be able to use the plugin to publish over ssh

Actual Results

I get this error

 ERROR: Exception when publishing, exception message [Failed to connect and initialize SSH connection. Message: [Failed to connect session for config [ftp.kmhapub.com]. Message [Algorithm negotiation fail: algorithmName="server_host_key" jschProposal="ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256" serverProposal="ssh-rsa"]]]

Anything else?

No response

[dshvedchenko]

Hi, faced exact the same problem. but from my knowledge publish over ssh is working from controller node, not from worker node. also it is Java ssh implementation so I will check now if it respects .ssh configs

[dshvedchenko]

@ZillaG try perform this on your controller in Script Console:

import com.jcraft.jsch.JSch 
JSch.setConfig("server_host_key", JSch.getConfig("server_host_key") + ",ssh-rsa")
JSch.setConfig("PubkeyAcceptedAlgorithms", JSch.getConfig("PubkeyAcceptedAlgorithms") + ",ssh-rsa")

this is from https://github.com/mwiede/jsch

[dshvedchenko]

on my 2.401.1 before it, it complains about unsupported ssh-rsa protocol.

[dshvedchenko]

to persist it : add to your controller jenkins start

 -Djsch.server_host_key=ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa -Djsch.client_pubkey=ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa

[6LWa6ZKx]

坚持它：添加到你的控制器 jenkins start

 -Djsch.server_host_key=ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa -Djsch.client_pubkey=ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa

我的天，非常感谢你。我为这个问题找了两天的资料，非常感谢你。我将它设置在tomcat/bin/catalina.sh 中。
JAVA_OPTS="$JAVA_OPTS -Djsch.server_host_key=ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa -Djsch.client_pubkey=ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa"

[aikar]

Note the supplied flags work on controller when using the built in agent, but if you want to use remote ssh agents, you need to go into each ssh agents config and set the jvm options for the -Djsch flags there too.