Page MenuHomePhabricator
Create Task
Maniphest T401180

Jenkins fails to connect to node on releases2003
Closed, ResolvedPublic
Actions

Description

From the logs:

[08/05/25 09:49:31] [SSH] Opening SSH connection to localhost:22.
[08/05/25 09:49:32] [SSH] WARNING: The SSH key for this host does not match the key required in the connection configuration. Connections will be denied until the host key matches the configuration key.
Key exchange was not finished, connection is closed.
SSH Connection failed with IOException: "Key exchange was not finished, connection is closed.", retrying in 15 seconds. There are 10 more retries left.
[08/05/25 09:49:47] [SSH] WARNING: The SSH key for this host does not match the key required in the connection configuration. Connections will be denied until the host key matches the configuration key.
Key exchange was not finished, connection is closed.

We are currently configuring the agent launcher with the host's RSA key that we extract with ssh-keyscan -t rsa localhost. However Jenkins uses the local SSH client to connect and it looks like it selects ssh-ed25519 during the negotiation phase:

$ ssh -vvv localhost -o PasswordAuthentication=no -o StrictHostKeyChecking=no 2>&1 | grep -i 'Server host key:'
debug1: Server host key: ssh-ed25519 SHA256:Y+jV7PPrEBsvPa9K4yXeh2WLWfXPT4c98UJuXx4xUug

releases2003 was recently reimaged

Details

Related Changes in GitLab:
TitleReferenceAuthorSource BranchDest Branch
jenkins-rel: determine agent host key dynamicallyrepos/releng/jenkins-deploy!102jnucheT401180master
Customize query in GitLab

Event Timeline

jnuche created this task.Aug 5 2025, 9:59 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 5 2025, 9:59 AM
CodeReviewBot added a project: Patch-For-Review.Aug 5 2025, 10:39 AM

jnuche opened https://gitlab.wikimedia.org/repos/releng/jenkins-deploy/-/merge_requests/102

jenkins-rel: determine agent host key dynamically

CodeReviewBot added a comment.Aug 5 2025, 10:40 AM

jnuche merged https://gitlab.wikimedia.org/repos/releng/jenkins-deploy/-/merge_requests/102

jenkins-rel: determine agent host key dynamically

Stashbot added a comment.Aug 5 2025, 10:56 AM

Mentioned in SAL (#wikimedia-operations) [2025-08-05T10:56:05Z] <jnuche@deploy1003> Started deploy [releng/jenkins-deploy@62138e1] (releasing): T401180

Stashbot added a comment.Aug 5 2025, 10:56 AM

Mentioned in SAL (#wikimedia-operations) [2025-08-05T10:56:37Z] <jnuche@deploy1003> Finished deploy [releng/jenkins-deploy@62138e1] (releasing): T401180 (duration: 00m 32s)

jnuche closed this task as Resolved.Aug 5 2025, 11:23 AM
jnuche claimed this task.

Fixed now, Jenkins can connect to the agent (to its own host) again

Maintenance_bot removed a project: Patch-For-Review.Aug 5 2025, 11:31 AM
thcipriani added a project: Essential-Work.Aug 11 2025, 4:09 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits