Explore all SSH open source software, libraries, packages, source code, cloud functions and APIs.

Popular New Releases in SSH

Bastillion-EC2

1.77.0

lobbyboy

Lobbyboy New Version v0.3.0

ssh-web-console

v0.4.0

sftp-fs

2.0.3

ssh-tarpit

Reworked logging

Popular Libraries in SSH

ssh

by gliderlabs doticongodoticon

star image 2132 doticonBSD-3-Clause

Easy SSH servers in Golang

whoami.filippo.io

by FiloSottile doticongodoticon

star image 1814 doticonMIT

A ssh server that knows who you are. $ ssh whoami.filippo.io

Aker

by aker-gateway doticonpythondoticon

star image 526 doticonNOASSERTION

SSH bastion/jump host/jumpserver

Bastillion-EC2

by bastillion-io doticonjavadoticon

star image 415 doticonNOASSERTION

A web-based SSH console to execute commands and manage multiple EC2 instances simultaneously running on Amazon Web Services (AWS).

wslbridge

by rprichard doticonc++doticon

star image 351 doticonMIT

Bridge from Cygwin to WSL pty/pipe I/O

systemd-ngrok

by vincenthsu doticonshelldoticon

star image 255 doticonUnlicense

Automatically start ngrok by systemd

go-ssh-examples

by Scalingo doticongodoticon

star image 240 doticonBSD-2-Clause

Go examples of SSH servers and clients

lobbyboy

by laixintao doticonpythondoticon

star image 195 doticon

A lobby boy will create a VPS server when you need one, and destroy it after using it.

ssh-web-console

by genshen doticongodoticon

star image 165 doticonMIT

Connect to your linux machine via ssh in your browser.

Trending New libraries in SSH

lobbyboy

by laixintao doticonpythondoticon

star image 195 doticon

A lobby boy will create a VPS server when you need one, and destroy it after using it.

subsystemctl

by sorah doticonrustdoticon

star image 134 doticonMIT

Utility to run systemd in WSL2 with a Linux namespace

sshrc

by cdown doticonshelldoticon

star image 51 doticonMIT

Bring your .bashrc, .vimrc, etc. with you when you ssh

SSHCenter

by AsenOsen doticonpythondoticon

star image 30 doticon

Simple SSH users management tool

wsl-systemd

by sr229 doticonshelldoticon

star image 27 doticonMIT

A script that spawns a namespace with systemd as PID1, and allows you to spawn interactive sessions or exec commands inside it

realtime-ssh-honeypot

by Monkey-D-Groot doticonjavascriptdoticon

star image 17 doticon

A small realtime ssh honeypot that visualize bot's ssh to my server. See http://khuyenn.com

high-jump

by distrentic doticontypescriptdoticon

star image 12 doticonMIT

An SSH jump server using ssh2, socket.io and express.

Python-Tutorial-SSH-Bot-Brute-force-Botnet-Series-Part-1

by ncorbuk doticonpythondoticon

star image 6 doticonMIT

Python Tutorial || SSH Bot Brute-force || Botnet Series || Part 1

Refusion

by xvSync doticonshelldoticon

star image 5 doticon

A simple IPTABLE/FIREWALLD Commands which refuse all ports people try to check on your current SSH Server that you will Secure.

Top Authors in SSH

1

Moniter123

1 Libraries

star icon2

2

piroor

1 Libraries

star icon5

3

0robustus1

1 Libraries

star icon2

4

IemProg

1 Libraries

star icon2

5

michaelwisely

1 Libraries

star icon2

6

kylemanna

1 Libraries

star icon8

7

ojroques

1 Libraries

star icon4

8

gaining

1 Libraries

star icon8

9

mysteriumnetwork

1 Libraries

star icon6

10

Waqar-Arain

1 Libraries

star icon4

1

Moniter123

1 Libraries

star icon2

2

piroor

1 Libraries

star icon5

3

0robustus1

1 Libraries

star icon2

4

IemProg

1 Libraries

star icon2

5

michaelwisely

1 Libraries

star icon2

6

kylemanna

1 Libraries

star icon8

7

ojroques

1 Libraries

star icon4

8

gaining

1 Libraries

star icon8

9

mysteriumnetwork

1 Libraries

star icon6

10

Waqar-Arain

1 Libraries

star icon4

Trending Kits in SSH

No Trending Kits are available at this moment for SSH

Trending Discussions on SSH

How to fix? "kex_exchange_identification: read: Connection reset by peer"

Unable to negotiate with 40.74.28.9 port 22: no matching host key type found. Their offer: ssh-rsa

The unauthenticated git protocol on port 9418 is no longer supported

Spring Cloud Config Server GitHub SHA-1 error

Eclipse/Git: "You're using an RSA key with SHA-1, which is no longer allowed. Please use a newer client or a different key type."

Connection reset when using jsch to connect to an sftp server hosted in azure

nexus-staging-maven-plugin: maven deploy failed: An API incompatibility was encountered while executing

Having difficulty to get SSH with a Yubikey working with macOS monterey

Git Bash - ssh connection issue

Paramiko authentication fails with "Agreed upon 'rsa-sha2-512' pubkey algorithm" (and "unsupported public key algorithm: rsa-sha2-512" in sshd log)

How to fix? "kex_exchange_identification: read: Connection reset by peer"
Unable to negotiate with 40.74.28.9 port 22: no matching host key type found. Their offer: ssh-rsa
The unauthenticated git protocol on port 9418 is no longer supported
Spring Cloud Config Server GitHub SHA-1 error
Eclipse/Git: "You're using an RSA key with SHA-1, which is no longer allowed. Please use a newer client or a different key type."
Connection reset when using jsch to connect to an sftp server hosted in azure
nexus-staging-maven-plugin: maven deploy failed: An API incompatibility was encountered while executing
Having difficulty to get SSH with a Yubikey working with macOS monterey
Git Bash - ssh connection issue
Paramiko authentication fails with "Agreed upon 'rsa-sha2-512' pubkey algorithm" (and "unsupported public key algorithm: rsa-sha2-512" in sshd log)

QUESTION

How to fix? "kex_exchange_identification: read: Connection reset by peer"

Asked 2022-Mar-30 at 10:07

I want to copy data with scp in GitLab pipeline using PRIVATE_KEY error is :

1kex_exchange_identification: read: Connection reset by peer
2Connection reset by x.x.x.x port 22
3lost connection
4

pipeline log:

1kex_exchange_identification: read: Connection reset by peer
2Connection reset by x.x.x.x port 22
3lost connection
4$ mkdir -p ~/.ssh
5$ echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa
6$ chmod 600 ~/.ssh/id_rsa
7$ eval "$(ssh-agent -s)"
8Agent pid 22
9
10$ ssh-add ~/.ssh/id_rsa
11Identity added: /root/.ssh/id_rsa (/root/.ssh/id_rsa)
12
13$ ssh-keyscan -H $IP >> ~/.ssh/known_hosts
14# x.x.x.x:22 SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10
15# x.x.x.x:22 SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10
16
17$ scp -rv api.yml root@$IP:/home/services/test/
18Executing: program /usr/bin/ssh host x.x.x.x, user root, command scp -v -r -t /home/services/test/
19
20OpenSSH_8.6p1, OpenSSL 1.1.1l  24 Aug 2021
21debug1: Reading configuration data /etc/ssh/ssh_config
22debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
23debug1: Connecting to x.x.x.x [x.x.x.x] port 22.
24debug1: Connection established.
25debug1: identity file /root/.ssh/id_rsa type -1
26debug1: identity file /root/.ssh/id_rsa-cert type -1
27debug1: identity file /root/.ssh/id_dsa type -1
28debug1: identity file /root/.ssh/id_dsa-cert type -1
29debug1: identity file /root/.ssh/id_ecdsa type -1
30debug1: identity file /root/.ssh/id_ecdsa-cert type -1
31debug1: identity file /root/.ssh/id_ecdsa_sk type -1
32debug1: identity file /root/.ssh/id_ecdsa_sk-cert type -1
33debug1: identity file /root/.ssh/id_ed25519 type -1
34debug1: identity file /root/.ssh/id_ed25519-cert type -1
35debug1: identity file /root/.ssh/id_ed25519_sk type -1
36debug1: identity file /root/.ssh/id_ed25519_sk-cert type -1
37debug1: identity file /root/.ssh/id_xmss type -1
38debug1: identity file /root/.ssh/id_xmss-cert type -1
39debug1: Local version string SSH-2.0-OpenSSH_8.6
40kex_exchange_identification: read: Connection reset by peer
41Connection reset by x.x.x.x port 22
42lost connection
43

ANSWER

Answered 2021-Sep-30 at 19:40
1kex_exchange_identification: read: Connection reset by peer
2Connection reset by x.x.x.x port 22
3lost connection
4$ mkdir -p ~/.ssh
5$ echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa
6$ chmod 600 ~/.ssh/id_rsa
7$ eval "$(ssh-agent -s)"
8Agent pid 22
9
10$ ssh-add ~/.ssh/id_rsa
11Identity added: /root/.ssh/id_rsa (/root/.ssh/id_rsa)
12
13$ ssh-keyscan -H $IP >> ~/.ssh/known_hosts
14# x.x.x.x:22 SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10
15# x.x.x.x:22 SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10
16
17$ scp -rv api.yml root@$IP:/home/services/test/
18Executing: program /usr/bin/ssh host x.x.x.x, user root, command scp -v -r -t /home/services/test/
19
20OpenSSH_8.6p1, OpenSSL 1.1.1l  24 Aug 2021
21debug1: Reading configuration data /etc/ssh/ssh_config
22debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
23debug1: Connecting to x.x.x.x [x.x.x.x] port 22.
24debug1: Connection established.
25debug1: identity file /root/.ssh/id_rsa type -1
26debug1: identity file /root/.ssh/id_rsa-cert type -1
27debug1: identity file /root/.ssh/id_dsa type -1
28debug1: identity file /root/.ssh/id_dsa-cert type -1
29debug1: identity file /root/.ssh/id_ecdsa type -1
30debug1: identity file /root/.ssh/id_ecdsa-cert type -1
31debug1: identity file /root/.ssh/id_ecdsa_sk type -1
32debug1: identity file /root/.ssh/id_ecdsa_sk-cert type -1
33debug1: identity file /root/.ssh/id_ed25519 type -1
34debug1: identity file /root/.ssh/id_ed25519-cert type -1
35debug1: identity file /root/.ssh/id_ed25519_sk type -1
36debug1: identity file /root/.ssh/id_ed25519_sk-cert type -1
37debug1: identity file /root/.ssh/id_xmss type -1
38debug1: identity file /root/.ssh/id_xmss-cert type -1
39debug1: Local version string SSH-2.0-OpenSSH_8.6
40kex_exchange_identification: read: Connection reset by peer
41Connection reset by x.x.x.x port 22
42lost connection
43kex_exchange_identification: read: Connection reset by peer
44

When an ssh client connects to an ssh server, the server starts by sending a version string to the client. The error that you're getting means that the TCP connection from the client to the server was "abnormally closed" while the client was waiting for this data from the server, in other words immediately after the TCP connection was opened.

As a practical matter, it's likely to mean one of two things:

  1. The ssh server process malfunctioned (crashed), or perhaps it detected some serious issue causing it to exit immediately.
  2. Some firewall is interfering with connections to the ssh server.

It looks like the ssh-keyscan program was able to connect to the server and get a version string without an error. So the ssh server process is apparently able to talk to a client without crashing.

You should talk the administrators of this x.x.x.x host and the network that it's attached to, to see if they can identify the problem from their end. It's possible that something--a firewall, or the ssh server process itself--is seeing the multiple connections, first from the ssh-keyscan process, then by the scp program, as an intrusion attempt. And it's blocking the second connection attempt.

Source https://stackoverflow.com/questions/69394001

QUESTION

Unable to negotiate with 40.74.28.9 port 22: no matching host key type found. Their offer: ssh-rsa

Asked 2022-Mar-28 at 15:54

After start of using NixOS as a new package management system, I get the following error when using git within Azure DevOps repositories and rsa ssh key:

1jaroslavbezdek@mac> git pull
2Unable to negotiate with 40.74.28.9 port 22: no matching host key type found. Their offer: ssh-rsa
3fatal: Could not read from remote repository.
4
5Please make sure you have the correct access rights
6and the repository exists.
7

What can I do with that, please?

ANSWER

Answered 2021-Nov-12 at 12:44

According to this post, you can add ssh.dev.azure.com host config to your ~/.ssh/config file:

Final ~/.ssh/config that worked for me:

1jaroslavbezdek@mac> git pull
2Unable to negotiate with 40.74.28.9 port 22: no matching host key type found. Their offer: ssh-rsa
3fatal: Could not read from remote repository.
4
5Please make sure you have the correct access rights
6and the repository exists.
7Host ssh.dev.azure.com
8    HostName ssh.dev.azure.com
9    User git
10    IdentityFile ~/.ssh/id_rsa
11    IdentitiesOnly yes
12    PubkeyAcceptedAlgorithms +ssh-rsa
13    HostkeyAlgorithms +ssh-rsa
14

Source https://stackoverflow.com/questions/69875520

QUESTION

The unauthenticated git protocol on port 9418 is no longer supported

Asked 2022-Mar-27 at 13:23

I have been using github actions for quite sometime but today my deployments started failing. Below is the error from github action logs

1Command: git
2Arguments: ls-remote --tags --heads git://github.com/adobe-webplatform/eve.git
3Directory: /home/runner/work/stackstream-fe/stackstream-fe
4Output:
5fatal: remote error: 
6  The unauthenticated git protocol on port 9418 is no longer supported.
7

Upon investigation, it appears that below section in my yml file is causing the issue.

1Command: git
2Arguments: ls-remote --tags --heads git://github.com/adobe-webplatform/eve.git
3Directory: /home/runner/work/stackstream-fe/stackstream-fe
4Output:
5fatal: remote error: 
6  The unauthenticated git protocol on port 9418 is no longer supported.
7    - name: Installing modules
8      run: yarn install
9

I have looked into this change log but can't seem to comprehend the issue.

Additional Details: Server: EC2 Instance Github actions steps:

1Command: git
2Arguments: ls-remote --tags --heads git://github.com/adobe-webplatform/eve.git
3Directory: /home/runner/work/stackstream-fe/stackstream-fe
4Output:
5fatal: remote error: 
6  The unauthenticated git protocol on port 9418 is no longer supported.
7    - name: Installing modules
8      run: yarn install
9  steps:
10  - name: Checkout
11    uses: actions/checkout@v2
12
13  - id: vars
14    run: |
15      if [ '${{ github.ref }}' == 'refs/heads/master' ]; then echo "::set-output name=environment::prod_stackstream" ; echo "::set-output name=api-url::api" ; elif [ '${{ github.ref }}' == 'refs/heads/staging' ]; then echo "::set-output name=environment::staging_stackstream"  ; echo "::set-output name=api-url::stagingapi" ; else echo "::set-output name=environment::dev_stackstream" ; echo "::set-output name=api-url::devapi" ; fi
16
17  - uses: pCYSl5EDgo/cat@master
18    id: slack
19    with:
20      path: .github/workflows/slack.txt
21
22  - name: Slack Start Notification
23    uses: 8398a7/action-slack@v3
24    env:
25      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
26      ENVIRONMENT: '`${{ steps.vars.outputs.environment }}`'
27      COLOR: good
28      STATUS: '`Started`'
29    with:
30      status: custom
31      fields: workflow,job,commit,repo,ref,author,took
32      custom_payload: |
33        ${{ steps.slack.outputs.text }}
34
35  - name: Installing modules
36    env:
37      REACT_APP_API_URL: 'https://${{ steps.vars.outputs.api-url }}mergestack.com/api/v1'
38    run: yarn install
39
40  - name: Create Frontend Build
41    env:
42      REACT_APP_API_URL: 'https://${{ steps.vars.outputs.api-url }}mergestack.com/api/v1'
43    run: yarn build
44
45  - name: Deploy to Frontend Server DEV
46    if: ${{ contains(github.ref, 'dev') }}
47    uses: easingthemes/ssh-deploy@v2.1.5
48    env:
49      SSH_PRIVATE_KEY: ${{ secrets.DEV_KEY }}
50      ARGS: '-rltgoDzvO --delete'
51      SOURCE: 'deploy/'
52      REMOTE_HOST: ${{ secrets.DEV_HOST }}
53      REMOTE_USER: plyfolio-dev
54      TARGET: '/home/plyfolio-dev/${{ steps.vars.outputs.environment }}/fe/deploy'
55

package.json file

1Command: git
2Arguments: ls-remote --tags --heads git://github.com/adobe-webplatform/eve.git
3Directory: /home/runner/work/stackstream-fe/stackstream-fe
4Output:
5fatal: remote error: 
6  The unauthenticated git protocol on port 9418 is no longer supported.
7    - name: Installing modules
8      run: yarn install
9  steps:
10  - name: Checkout
11    uses: actions/checkout@v2
12
13  - id: vars
14    run: |
15      if [ '${{ github.ref }}' == 'refs/heads/master' ]; then echo "::set-output name=environment::prod_stackstream" ; echo "::set-output name=api-url::api" ; elif [ '${{ github.ref }}' == 'refs/heads/staging' ]; then echo "::set-output name=environment::staging_stackstream"  ; echo "::set-output name=api-url::stagingapi" ; else echo "::set-output name=environment::dev_stackstream" ; echo "::set-output name=api-url::devapi" ; fi
16
17  - uses: pCYSl5EDgo/cat@master
18    id: slack
19    with:
20      path: .github/workflows/slack.txt
21
22  - name: Slack Start Notification
23    uses: 8398a7/action-slack@v3
24    env:
25      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
26      ENVIRONMENT: '`${{ steps.vars.outputs.environment }}`'
27      COLOR: good
28      STATUS: '`Started`'
29    with:
30      status: custom
31      fields: workflow,job,commit,repo,ref,author,took
32      custom_payload: |
33        ${{ steps.slack.outputs.text }}
34
35  - name: Installing modules
36    env:
37      REACT_APP_API_URL: 'https://${{ steps.vars.outputs.api-url }}mergestack.com/api/v1'
38    run: yarn install
39
40  - name: Create Frontend Build
41    env:
42      REACT_APP_API_URL: 'https://${{ steps.vars.outputs.api-url }}mergestack.com/api/v1'
43    run: yarn build
44
45  - name: Deploy to Frontend Server DEV
46    if: ${{ contains(github.ref, 'dev') }}
47    uses: easingthemes/ssh-deploy@v2.1.5
48    env:
49      SSH_PRIVATE_KEY: ${{ secrets.DEV_KEY }}
50      ARGS: '-rltgoDzvO --delete'
51      SOURCE: 'deploy/'
52      REMOTE_HOST: ${{ secrets.DEV_HOST }}
53      REMOTE_USER: plyfolio-dev
54      TARGET: '/home/plyfolio-dev/${{ steps.vars.outputs.environment }}/fe/deploy'
55   {
56  "name": "stackstream-fe",
57  "version": "1.0.0",
58  "authors": [
59    "fayyaznofal@gmail.com"
60  ],
61  "private": true,
62  "dependencies": {
63    "@fortawesome/fontawesome-svg-core": "^1.2.34",
64    "@fortawesome/free-solid-svg-icons": "^5.15.2",
65    "@fortawesome/react-fontawesome": "^0.1.14",
66    "@fullcalendar/bootstrap": "^5.5.0",
67    "@fullcalendar/core": "^5.5.0",
68    "@fullcalendar/daygrid": "^5.5.0",
69    "@fullcalendar/interaction": "^5.5.0",
70    "@fullcalendar/react": "^5.5.0",
71    "@lourenci/react-kanban": "^2.1.0",
72    "@redux-saga/simple-saga-monitor": "^1.1.2",
73    "@testing-library/jest-dom": "^5.11.9",
74    "@testing-library/react": "^11.2.3",
75    "@testing-library/user-event": "^12.6.0",
76    "@toast-ui/react-chart": "^1.0.2",
77    "@types/jest": "^26.0.14",
78    "@types/node": "^14.10.3",
79    "@types/react": "^16.9.49",
80    "@types/react-dom": "^16.9.8",
81    "@vtaits/react-color-picker": "^0.1.1",
82    "apexcharts": "^3.23.1",
83    "availity-reactstrap-validation": "^2.7.0",
84    "axios": "^0.21.1",
85    "axios-mock-adapter": "^1.19.0",
86    "axios-progress-bar": "^1.2.0",
87    "bootstrap": "^5.0.0-beta2",
88    "chart.js": "^2.9.4",
89    "chartist": "^0.11.4",
90    "classnames": "^2.2.6",
91    "components": "^0.1.0",
92    "dotenv": "^8.2.0",
93    "draft-js": "^0.11.7",
94    "echarts": "^4.9.0",
95    "echarts-for-react": "^2.0.16",
96    "firebase": "^8.2.3",
97    "google-maps-react": "^2.0.6",
98    "history": "^4.10.1",
99    "i": "^0.3.6",
100    "i18next": "^19.8.4",
101    "i18next-browser-languagedetector": "^6.0.1",
102    "jsonwebtoken": "^8.5.1",
103    "leaflet": "^1.7.1",
104    "lodash": "^4.17.21",
105    "lodash.clonedeep": "^4.5.0",
106    "lodash.get": "^4.4.2",
107    "metismenujs": "^1.2.1",
108    "mkdirp": "^1.0.4",
109    "moment": "2.29.1",
110    "moment-timezone": "^0.5.32",
111    "nouislider-react": "^3.3.9",
112    "npm": "^7.6.3",
113    "prop-types": "^15.7.2",
114    "query-string": "^6.14.0",
115    "react": "^16.13.1",
116    "react-apexcharts": "^1.3.7",
117    "react-auth-code-input": "^1.0.0",
118    "react-avatar": "^3.10.0",
119    "react-bootstrap": "^1.5.0",
120    "react-bootstrap-editable": "^0.8.2",
121    "react-bootstrap-sweetalert": "^5.2.0",
122    "react-bootstrap-table-next": "^4.0.3",
123    "react-bootstrap-table2-editor": "^1.4.0",
124    "react-bootstrap-table2-paginator": "^2.1.2",
125    "react-bootstrap-table2-toolkit": "^2.1.3",
126    "react-chartist": "^0.14.3",
127    "react-chartjs-2": "^2.11.1",
128    "react-color": "^2.19.3",
129    "react-confirm-alert": "^2.7.0",
130    "react-content-loader": "^6.0.1",
131    "react-countdown": "^2.3.1",
132    "react-countup": "^4.3.3",
133    "react-cropper": "^2.1.4",
134    "react-data-table-component": "^6.11.8",
135    "react-date-picker": "^8.0.6",
136    "react-datepicker": "^3.4.1",
137    "react-dom": "^16.13.1",
138    "react-draft-wysiwyg": "^1.14.5",
139    "react-drag-listview": "^0.1.8",
140    "react-drawer": "^1.3.4",
141    "react-dropzone": "^11.2.4",
142    "react-dual-listbox": "^2.0.0",
143    "react-facebook-login": "^4.1.1",
144    "react-flatpickr": "^3.10.6",
145    "react-google-login": "^5.2.2",
146    "react-hook-form": "^7.15.2",
147    "react-i18next": "^11.8.5",
148    "react-icons": "^4.2.0",
149    "react-image-lightbox": "^5.1.1",
150    "react-input-mask": "^2.0.4",
151    "react-jvectormap": "^0.0.16",
152    "react-leaflet": "^3.0.5",
153    "react-meta-tags": "^1.0.1",
154    "react-modal-video": "^1.2.6",
155    "react-notifications": "^1.7.2",
156    "react-number-format": "^4.7.3",
157    "react-perfect-scrollbar": "^1.5.8",
158    "react-rangeslider": "^2.2.0",
159    "react-rating": "^2.0.5",
160    "react-rating-tooltip": "^1.1.6",
161    "react-redux": "^7.2.1",
162    "react-responsive-carousel": "^3.2.11",
163    "react-router-dom": "^5.2.0",
164    "react-script": "^2.0.5",
165    "react-scripts": "3.4.3",
166    "react-select": "^4.3.1",
167    "react-sparklines": "^1.7.0",
168    "react-star-ratings": "^2.3.0",
169    "react-super-responsive-table": "^5.2.0",
170    "react-switch": "^6.0.0",
171    "react-table": "^7.6.3",
172    "react-toastify": "^7.0.3",
173    "react-toastr": "^3.0.0",
174    "react-twitter-auth": "0.0.13",
175    "reactstrap": "^8.8.1",
176    "recharts": "^2.0.8",
177    "redux": "^4.0.5",
178    "redux-saga": "^1.1.3",
179    "reselect": "^4.0.0",
180    "sass": "^1.37.5",
181    "simplebar-react": "^2.3.0",
182    "styled": "^1.0.0",
183    "styled-components": "^5.2.1",
184    "toastr": "^2.1.4",
185    "typescript": "^4.0.2",
186    "universal-cookie": "^4.0.4"
187  },
188  "devDependencies": {
189    "@typescript-eslint/eslint-plugin": "^2.27.0",
190    "@typescript-eslint/parser": "^2.27.0",
191    "@typescript-eslint/typescript-estree": "^4.15.2",
192    "eslint-config-prettier": "^6.10.1",
193    "eslint-plugin-prettier": "^3.1.2",
194    "husky": "^4.2.5",
195    "lint-staged": "^10.1.3",
196    "prettier": "^1.19.1",
197    "react-test-renderer": "^16.13.1",
198    "redux-devtools-extension": "^2.13.8",
199    "redux-mock-store": "^1.5.4"
200  },
201  "scripts": {
202    "start": "react-scripts start",
203    "build": "react-scripts build && mv build ./deploy/build",
204    "build-local": "react-scripts build",
205    "test": "react-scripts test",
206    "eject": "react-scripts eject"
207  },
208  "eslintConfig": {
209    "extends": "react-app"
210  },
211  "husky": {
212    "hooks": {
213      "pre-commit": "lint-staged"
214    }
215  },
216  "lint-staged": {
217    "*.{js,ts,tsx}": [
218      "eslint --fix"
219    ]
220  },
221  "browserslist": {
222    "production": [
223      ">0.2%",
224      "not dead",
225      "not op_mini all"
226    ],
227    "development": [
228      "last 1 chrome version",
229      "last 1 firefox version",
230      "last 1 safari version"
231    ]
232  }
233}
234

package-lock.json

ANSWER

Answered 2022-Mar-16 at 07:01

First, this error message is indeed expected on Jan. 11th, 2022.
See "Improving Git protocol security on GitHub".

January 11, 2022 Final brownout.

This is the full brownout period where we’ll temporarily stop accepting the deprecated key and signature types, ciphers, and MACs, and the unencrypted Git protocol.
This will help clients discover any lingering use of older keys or old URLs.

Second, check your package.json dependencies for any git:// URL, as in this example, fixed in this PR.

As noted by Jörg W Mittag:

There was a 4-month warning.
The entire Internet has been moving away from unauthenticated, unencrypted protocols for a decade, it's not like this is a huge surprise.

Personally, I consider it less an "issue" and more "detecting unmaintained dependencies".

Plus, this is still only the brownout period, so the protocol will only be disabled for a short period of time, allowing developers to discover the problem.

The permanent shutdown is not until March 15th.

For GitHub Actions:

As in actions/checkout issue 14, you can add as a first step:

1Command: git
2Arguments: ls-remote --tags --heads git://github.com/adobe-webplatform/eve.git
3Directory: /home/runner/work/stackstream-fe/stackstream-fe
4Output:
5fatal: remote error: 
6  The unauthenticated git protocol on port 9418 is no longer supported.
7    - name: Installing modules
8      run: yarn install
9  steps:
10  - name: Checkout
11    uses: actions/checkout@v2
12
13  - id: vars
14    run: |
15      if [ '${{ github.ref }}' == 'refs/heads/master' ]; then echo "::set-output name=environment::prod_stackstream" ; echo "::set-output name=api-url::api" ; elif [ '${{ github.ref }}' == 'refs/heads/staging' ]; then echo "::set-output name=environment::staging_stackstream"  ; echo "::set-output name=api-url::stagingapi" ; else echo "::set-output name=environment::dev_stackstream" ; echo "::set-output name=api-url::devapi" ; fi
16
17  - uses: pCYSl5EDgo/cat@master
18    id: slack
19    with:
20      path: .github/workflows/slack.txt
21
22  - name: Slack Start Notification
23    uses: 8398a7/action-slack@v3
24    env:
25      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
26      ENVIRONMENT: '`${{ steps.vars.outputs.environment }}`'
27      COLOR: good
28      STATUS: '`Started`'
29    with:
30      status: custom
31      fields: workflow,job,commit,repo,ref,author,took
32      custom_payload: |
33        ${{ steps.slack.outputs.text }}
34
35  - name: Installing modules
36    env:
37      REACT_APP_API_URL: 'https://${{ steps.vars.outputs.api-url }}mergestack.com/api/v1'
38    run: yarn install
39
40  - name: Create Frontend Build
41    env:
42      REACT_APP_API_URL: 'https://${{ steps.vars.outputs.api-url }}mergestack.com/api/v1'
43    run: yarn build
44
45  - name: Deploy to Frontend Server DEV
46    if: ${{ contains(github.ref, 'dev') }}
47    uses: easingthemes/ssh-deploy@v2.1.5
48    env:
49      SSH_PRIVATE_KEY: ${{ secrets.DEV_KEY }}
50      ARGS: '-rltgoDzvO --delete'
51      SOURCE: 'deploy/'
52      REMOTE_HOST: ${{ secrets.DEV_HOST }}
53      REMOTE_USER: plyfolio-dev
54      TARGET: '/home/plyfolio-dev/${{ steps.vars.outputs.environment }}/fe/deploy'
55   {
56  "name": "stackstream-fe",
57  "version": "1.0.0",
58  "authors": [
59    "fayyaznofal@gmail.com"
60  ],
61  "private": true,
62  "dependencies": {
63    "@fortawesome/fontawesome-svg-core": "^1.2.34",
64    "@fortawesome/free-solid-svg-icons": "^5.15.2",
65    "@fortawesome/react-fontawesome": "^0.1.14",
66    "@fullcalendar/bootstrap": "^5.5.0",
67    "@fullcalendar/core": "^5.5.0",
68    "@fullcalendar/daygrid": "^5.5.0",
69    "@fullcalendar/interaction": "^5.5.0",
70    "@fullcalendar/react": "^5.5.0",
71    "@lourenci/react-kanban": "^2.1.0",
72    "@redux-saga/simple-saga-monitor": "^1.1.2",
73    "@testing-library/jest-dom": "^5.11.9",
74    "@testing-library/react": "^11.2.3",
75    "@testing-library/user-event": "^12.6.0",
76    "@toast-ui/react-chart": "^1.0.2",
77    "@types/jest": "^26.0.14",
78    "@types/node": "^14.10.3",
79    "@types/react": "^16.9.49",
80    "@types/react-dom": "^16.9.8",
81    "@vtaits/react-color-picker": "^0.1.1",
82    "apexcharts": "^3.23.1",
83    "availity-reactstrap-validation": "^2.7.0",
84    "axios": "^0.21.1",
85    "axios-mock-adapter": "^1.19.0",
86    "axios-progress-bar": "^1.2.0",
87    "bootstrap": "^5.0.0-beta2",
88    "chart.js": "^2.9.4",
89    "chartist": "^0.11.4",
90    "classnames": "^2.2.6",
91    "components": "^0.1.0",
92    "dotenv": "^8.2.0",
93    "draft-js": "^0.11.7",
94    "echarts": "^4.9.0",
95    "echarts-for-react": "^2.0.16",
96    "firebase": "^8.2.3",
97    "google-maps-react": "^2.0.6",
98    "history": "^4.10.1",
99    "i": "^0.3.6",
100    "i18next": "^19.8.4",
101    "i18next-browser-languagedetector": "^6.0.1",
102    "jsonwebtoken": "^8.5.1",
103    "leaflet": "^1.7.1",
104    "lodash": "^4.17.21",
105    "lodash.clonedeep": "^4.5.0",
106    "lodash.get": "^4.4.2",
107    "metismenujs": "^1.2.1",
108    "mkdirp": "^1.0.4",
109    "moment": "2.29.1",
110    "moment-timezone": "^0.5.32",
111    "nouislider-react": "^3.3.9",
112    "npm": "^7.6.3",
113    "prop-types": "^15.7.2",
114    "query-string": "^6.14.0",
115    "react": "^16.13.1",
116    "react-apexcharts": "^1.3.7",
117    "react-auth-code-input": "^1.0.0",
118    "react-avatar": "^3.10.0",
119    "react-bootstrap": "^1.5.0",
120    "react-bootstrap-editable": "^0.8.2",
121    "react-bootstrap-sweetalert": "^5.2.0",
122    "react-bootstrap-table-next": "^4.0.3",
123    "react-bootstrap-table2-editor": "^1.4.0",
124    "react-bootstrap-table2-paginator": "^2.1.2",
125    "react-bootstrap-table2-toolkit": "^2.1.3",
126    "react-chartist": "^0.14.3",
127    "react-chartjs-2": "^2.11.1",
128    "react-color": "^2.19.3",
129    "react-confirm-alert": "^2.7.0",
130    "react-content-loader": "^6.0.1",
131    "react-countdown": "^2.3.1",
132    "react-countup": "^4.3.3",
133    "react-cropper": "^2.1.4",
134    "react-data-table-component": "^6.11.8",
135    "react-date-picker": "^8.0.6",
136    "react-datepicker": "^3.4.1",
137    "react-dom": "^16.13.1",
138    "react-draft-wysiwyg": "^1.14.5",
139    "react-drag-listview": "^0.1.8",
140    "react-drawer": "^1.3.4",
141    "react-dropzone": "^11.2.4",
142    "react-dual-listbox": "^2.0.0",
143    "react-facebook-login": "^4.1.1",
144    "react-flatpickr": "^3.10.6",
145    "react-google-login": "^5.2.2",
146    "react-hook-form": "^7.15.2",
147    "react-i18next": "^11.8.5",
148    "react-icons": "^4.2.0",
149    "react-image-lightbox": "^5.1.1",
150    "react-input-mask": "^2.0.4",
151    "react-jvectormap": "^0.0.16",
152    "react-leaflet": "^3.0.5",
153    "react-meta-tags": "^1.0.1",
154    "react-modal-video": "^1.2.6",
155    "react-notifications": "^1.7.2",
156    "react-number-format": "^4.7.3",
157    "react-perfect-scrollbar": "^1.5.8",
158    "react-rangeslider": "^2.2.0",
159    "react-rating": "^2.0.5",
160    "react-rating-tooltip": "^1.1.6",
161    "react-redux": "^7.2.1",
162    "react-responsive-carousel": "^3.2.11",
163    "react-router-dom": "^5.2.0",
164    "react-script": "^2.0.5",
165    "react-scripts": "3.4.3",
166    "react-select": "^4.3.1",
167    "react-sparklines": "^1.7.0",
168    "react-star-ratings": "^2.3.0",
169    "react-super-responsive-table": "^5.2.0",
170    "react-switch": "^6.0.0",
171    "react-table": "^7.6.3",
172    "react-toastify": "^7.0.3",
173    "react-toastr": "^3.0.0",
174    "react-twitter-auth": "0.0.13",
175    "reactstrap": "^8.8.1",
176    "recharts": "^2.0.8",
177    "redux": "^4.0.5",
178    "redux-saga": "^1.1.3",
179    "reselect": "^4.0.0",
180    "sass": "^1.37.5",
181    "simplebar-react": "^2.3.0",
182    "styled": "^1.0.0",
183    "styled-components": "^5.2.1",
184    "toastr": "^2.1.4",
185    "typescript": "^4.0.2",
186    "universal-cookie": "^4.0.4"
187  },
188  "devDependencies": {
189    "@typescript-eslint/eslint-plugin": "^2.27.0",
190    "@typescript-eslint/parser": "^2.27.0",
191    "@typescript-eslint/typescript-estree": "^4.15.2",
192    "eslint-config-prettier": "^6.10.1",
193    "eslint-plugin-prettier": "^3.1.2",
194    "husky": "^4.2.5",
195    "lint-staged": "^10.1.3",
196    "prettier": "^1.19.1",
197    "react-test-renderer": "^16.13.1",
198    "redux-devtools-extension": "^2.13.8",
199    "redux-mock-store": "^1.5.4"
200  },
201  "scripts": {
202    "start": "react-scripts start",
203    "build": "react-scripts build && mv build ./deploy/build",
204    "build-local": "react-scripts build",
205    "test": "react-scripts test",
206    "eject": "react-scripts eject"
207  },
208  "eslintConfig": {
209    "extends": "react-app"
210  },
211  "husky": {
212    "hooks": {
213      "pre-commit": "lint-staged"
214    }
215  },
216  "lint-staged": {
217    "*.{js,ts,tsx}": [
218      "eslint --fix"
219    ]
220  },
221  "browserslist": {
222    "production": [
223      ">0.2%",
224      "not dead",
225      "not op_mini all"
226    ],
227    "development": [
228      "last 1 chrome version",
229      "last 1 firefox version",
230      "last 1 safari version"
231    ]
232  }
233}
234    - name: Fix up git URLs
235      run: echo -e '[url "https://github.com/"]\n  insteadOf = "git://github.com/"' >> ~/.gitconfig
236

That will change any git://github.com/ into https://github.com/.

For local projects

For all your repositories, you can set:

1Command: git
2Arguments: ls-remote --tags --heads git://github.com/adobe-webplatform/eve.git
3Directory: /home/runner/work/stackstream-fe/stackstream-fe
4Output:
5fatal: remote error: 
6  The unauthenticated git protocol on port 9418 is no longer supported.
7    - name: Installing modules
8      run: yarn install
9  steps:
10  - name: Checkout
11    uses: actions/checkout@v2
12
13  - id: vars
14    run: |
15      if [ '${{ github.ref }}' == 'refs/heads/master' ]; then echo "::set-output name=environment::prod_stackstream" ; echo "::set-output name=api-url::api" ; elif [ '${{ github.ref }}' == 'refs/heads/staging' ]; then echo "::set-output name=environment::staging_stackstream"  ; echo "::set-output name=api-url::stagingapi" ; else echo "::set-output name=environment::dev_stackstream" ; echo "::set-output name=api-url::devapi" ; fi
16
17  - uses: pCYSl5EDgo/cat@master
18    id: slack
19    with:
20      path: .github/workflows/slack.txt
21
22  - name: Slack Start Notification
23    uses: 8398a7/action-slack@v3
24    env:
25      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
26      ENVIRONMENT: '`${{ steps.vars.outputs.environment }}`'
27      COLOR: good
28      STATUS: '`Started`'
29    with:
30      status: custom
31      fields: workflow,job,commit,repo,ref,author,took
32      custom_payload: |
33        ${{ steps.slack.outputs.text }}
34
35  - name: Installing modules
36    env:
37      REACT_APP_API_URL: 'https://${{ steps.vars.outputs.api-url }}mergestack.com/api/v1'
38    run: yarn install
39
40  - name: Create Frontend Build
41    env:
42      REACT_APP_API_URL: 'https://${{ steps.vars.outputs.api-url }}mergestack.com/api/v1'
43    run: yarn build
44
45  - name: Deploy to Frontend Server DEV
46    if: ${{ contains(github.ref, 'dev') }}
47    uses: easingthemes/ssh-deploy@v2.1.5
48    env:
49      SSH_PRIVATE_KEY: ${{ secrets.DEV_KEY }}
50      ARGS: '-rltgoDzvO --delete'
51      SOURCE: 'deploy/'
52      REMOTE_HOST: ${{ secrets.DEV_HOST }}
53      REMOTE_USER: plyfolio-dev
54      TARGET: '/home/plyfolio-dev/${{ steps.vars.outputs.environment }}/fe/deploy'
55   {
56  "name": "stackstream-fe",
57  "version": "1.0.0",
58  "authors": [
59    "fayyaznofal@gmail.com"
60  ],
61  "private": true,
62  "dependencies": {
63    "@fortawesome/fontawesome-svg-core": "^1.2.34",
64    "@fortawesome/free-solid-svg-icons": "^5.15.2",
65    "@fortawesome/react-fontawesome": "^0.1.14",
66    "@fullcalendar/bootstrap": "^5.5.0",
67    "@fullcalendar/core": "^5.5.0",
68    "@fullcalendar/daygrid": "^5.5.0",
69    "@fullcalendar/interaction": "^5.5.0",
70    "@fullcalendar/react": "^5.5.0",
71    "@lourenci/react-kanban": "^2.1.0",
72    "@redux-saga/simple-saga-monitor": "^1.1.2",
73    "@testing-library/jest-dom": "^5.11.9",
74    "@testing-library/react": "^11.2.3",
75    "@testing-library/user-event": "^12.6.0",
76    "@toast-ui/react-chart": "^1.0.2",
77    "@types/jest": "^26.0.14",
78    "@types/node": "^14.10.3",
79    "@types/react": "^16.9.49",
80    "@types/react-dom": "^16.9.8",
81    "@vtaits/react-color-picker": "^0.1.1",
82    "apexcharts": "^3.23.1",
83    "availity-reactstrap-validation": "^2.7.0",
84    "axios": "^0.21.1",
85    "axios-mock-adapter": "^1.19.0",
86    "axios-progress-bar": "^1.2.0",
87    "bootstrap": "^5.0.0-beta2",
88    "chart.js": "^2.9.4",
89    "chartist": "^0.11.4",
90    "classnames": "^2.2.6",
91    "components": "^0.1.0",
92    "dotenv": "^8.2.0",
93    "draft-js": "^0.11.7",
94    "echarts": "^4.9.0",
95    "echarts-for-react": "^2.0.16",
96    "firebase": "^8.2.3",
97    "google-maps-react": "^2.0.6",
98    "history": "^4.10.1",
99    "i": "^0.3.6",
100    "i18next": "^19.8.4",
101    "i18next-browser-languagedetector": "^6.0.1",
102    "jsonwebtoken": "^8.5.1",
103    "leaflet": "^1.7.1",
104    "lodash": "^4.17.21",
105    "lodash.clonedeep": "^4.5.0",
106    "lodash.get": "^4.4.2",
107    "metismenujs": "^1.2.1",
108    "mkdirp": "^1.0.4",
109    "moment": "2.29.1",
110    "moment-timezone": "^0.5.32",
111    "nouislider-react": "^3.3.9",
112    "npm": "^7.6.3",
113    "prop-types": "^15.7.2",
114    "query-string": "^6.14.0",
115    "react": "^16.13.1",
116    "react-apexcharts": "^1.3.7",
117    "react-auth-code-input": "^1.0.0",
118    "react-avatar": "^3.10.0",
119    "react-bootstrap": "^1.5.0",
120    "react-bootstrap-editable": "^0.8.2",
121    "react-bootstrap-sweetalert": "^5.2.0",
122    "react-bootstrap-table-next": "^4.0.3",
123    "react-bootstrap-table2-editor": "^1.4.0",
124    "react-bootstrap-table2-paginator": "^2.1.2",
125    "react-bootstrap-table2-toolkit": "^2.1.3",
126    "react-chartist": "^0.14.3",
127    "react-chartjs-2": "^2.11.1",
128    "react-color": "^2.19.3",
129    "react-confirm-alert": "^2.7.0",
130    "react-content-loader": "^6.0.1",
131    "react-countdown": "^2.3.1",
132    "react-countup": "^4.3.3",
133    "react-cropper": "^2.1.4",
134    "react-data-table-component": "^6.11.8",
135    "react-date-picker": "^8.0.6",
136    "react-datepicker": "^3.4.1",
137    "react-dom": "^16.13.1",
138    "react-draft-wysiwyg": "^1.14.5",
139    "react-drag-listview": "^0.1.8",
140    "react-drawer": "^1.3.4",
141    "react-dropzone": "^11.2.4",
142    "react-dual-listbox": "^2.0.0",
143    "react-facebook-login": "^4.1.1",
144    "react-flatpickr": "^3.10.6",
145    "react-google-login": "^5.2.2",
146    "react-hook-form": "^7.15.2",
147    "react-i18next": "^11.8.5",
148    "react-icons": "^4.2.0",
149    "react-image-lightbox": "^5.1.1",
150    "react-input-mask": "^2.0.4",
151    "react-jvectormap": "^0.0.16",
152    "react-leaflet": "^3.0.5",
153    "react-meta-tags": "^1.0.1",
154    "react-modal-video": "^1.2.6",
155    "react-notifications": "^1.7.2",
156    "react-number-format": "^4.7.3",
157    "react-perfect-scrollbar": "^1.5.8",
158    "react-rangeslider": "^2.2.0",
159    "react-rating": "^2.0.5",
160    "react-rating-tooltip": "^1.1.6",
161    "react-redux": "^7.2.1",
162    "react-responsive-carousel": "^3.2.11",
163    "react-router-dom": "^5.2.0",
164    "react-script": "^2.0.5",
165    "react-scripts": "3.4.3",
166    "react-select": "^4.3.1",
167    "react-sparklines": "^1.7.0",
168    "react-star-ratings": "^2.3.0",
169    "react-super-responsive-table": "^5.2.0",
170    "react-switch": "^6.0.0",
171    "react-table": "^7.6.3",
172    "react-toastify": "^7.0.3",
173    "react-toastr": "^3.0.0",
174    "react-twitter-auth": "0.0.13",
175    "reactstrap": "^8.8.1",
176    "recharts": "^2.0.8",
177    "redux": "^4.0.5",
178    "redux-saga": "^1.1.3",
179    "reselect": "^4.0.0",
180    "sass": "^1.37.5",
181    "simplebar-react": "^2.3.0",
182    "styled": "^1.0.0",
183    "styled-components": "^5.2.1",
184    "toastr": "^2.1.4",
185    "typescript": "^4.0.2",
186    "universal-cookie": "^4.0.4"
187  },
188  "devDependencies": {
189    "@typescript-eslint/eslint-plugin": "^2.27.0",
190    "@typescript-eslint/parser": "^2.27.0",
191    "@typescript-eslint/typescript-estree": "^4.15.2",
192    "eslint-config-prettier": "^6.10.1",
193    "eslint-plugin-prettier": "^3.1.2",
194    "husky": "^4.2.5",
195    "lint-staged": "^10.1.3",
196    "prettier": "^1.19.1",
197    "react-test-renderer": "^16.13.1",
198    "redux-devtools-extension": "^2.13.8",
199    "redux-mock-store": "^1.5.4"
200  },
201  "scripts": {
202    "start": "react-scripts start",
203    "build": "react-scripts build && mv build ./deploy/build",
204    "build-local": "react-scripts build",
205    "test": "react-scripts test",
206    "eject": "react-scripts eject"
207  },
208  "eslintConfig": {
209    "extends": "react-app"
210  },
211  "husky": {
212    "hooks": {
213      "pre-commit": "lint-staged"
214    }
215  },
216  "lint-staged": {
217    "*.{js,ts,tsx}": [
218      "eslint --fix"
219    ]
220  },
221  "browserslist": {
222    "production": [
223      ">0.2%",
224      "not dead",
225      "not op_mini all"
226    ],
227    "development": [
228      "last 1 chrome version",
229      "last 1 firefox version",
230      "last 1 safari version"
231    ]
232  }
233}
234    - name: Fix up git URLs
235      run: echo -e '[url "https://github.com/"]\n  insteadOf = "git://github.com/"' >> ~/.gitconfig
236git config --global url."https://github.com/".insteadOf git://github.com/
237

You can also use SSH, but GitHub Security reminds us that, as of March 15th, 2022, GitHub stopped accepting DSA keys. RSA keys uploaded after Nov 2, 2021 will work only with SHA-2 signatures.
The deprecated MACs, ciphers, and unencrypted Git protocol are permanently disabled.

So this (with the right key) would work:

1Command: git
2Arguments: ls-remote --tags --heads git://github.com/adobe-webplatform/eve.git
3Directory: /home/runner/work/stackstream-fe/stackstream-fe
4Output:
5fatal: remote error: 
6  The unauthenticated git protocol on port 9418 is no longer supported.
7    - name: Installing modules
8      run: yarn install
9  steps:
10  - name: Checkout
11    uses: actions/checkout@v2
12
13  - id: vars
14    run: |
15      if [ '${{ github.ref }}' == 'refs/heads/master' ]; then echo "::set-output name=environment::prod_stackstream" ; echo "::set-output name=api-url::api" ; elif [ '${{ github.ref }}' == 'refs/heads/staging' ]; then echo "::set-output name=environment::staging_stackstream"  ; echo "::set-output name=api-url::stagingapi" ; else echo "::set-output name=environment::dev_stackstream" ; echo "::set-output name=api-url::devapi" ; fi
16
17  - uses: pCYSl5EDgo/cat@master
18    id: slack
19    with:
20      path: .github/workflows/slack.txt
21
22  - name: Slack Start Notification
23    uses: 8398a7/action-slack@v3
24    env:
25      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
26      ENVIRONMENT: '`${{ steps.vars.outputs.environment }}`'
27      COLOR: good
28      STATUS: '`Started`'
29    with:
30      status: custom
31      fields: workflow,job,commit,repo,ref,author,took
32      custom_payload: |
33        ${{ steps.slack.outputs.text }}
34
35  - name: Installing modules
36    env:
37      REACT_APP_API_URL: 'https://${{ steps.vars.outputs.api-url }}mergestack.com/api/v1'
38    run: yarn install
39
40  - name: Create Frontend Build
41    env:
42      REACT_APP_API_URL: 'https://${{ steps.vars.outputs.api-url }}mergestack.com/api/v1'
43    run: yarn build
44
45  - name: Deploy to Frontend Server DEV
46    if: ${{ contains(github.ref, 'dev') }}
47    uses: easingthemes/ssh-deploy@v2.1.5
48    env:
49      SSH_PRIVATE_KEY: ${{ secrets.DEV_KEY }}
50      ARGS: '-rltgoDzvO --delete'
51      SOURCE: 'deploy/'
52      REMOTE_HOST: ${{ secrets.DEV_HOST }}
53      REMOTE_USER: plyfolio-dev
54      TARGET: '/home/plyfolio-dev/${{ steps.vars.outputs.environment }}/fe/deploy'
55   {
56  "name": "stackstream-fe",
57  "version": "1.0.0",
58  "authors": [
59    "fayyaznofal@gmail.com"
60  ],
61  "private": true,
62  "dependencies": {
63    "@fortawesome/fontawesome-svg-core": "^1.2.34",
64    "@fortawesome/free-solid-svg-icons": "^5.15.2",
65    "@fortawesome/react-fontawesome": "^0.1.14",
66    "@fullcalendar/bootstrap": "^5.5.0",
67    "@fullcalendar/core": "^5.5.0",
68    "@fullcalendar/daygrid": "^5.5.0",
69    "@fullcalendar/interaction": "^5.5.0",
70    "@fullcalendar/react": "^5.5.0",
71    "@lourenci/react-kanban": "^2.1.0",
72    "@redux-saga/simple-saga-monitor": "^1.1.2",
73    "@testing-library/jest-dom": "^5.11.9",
74    "@testing-library/react": "^11.2.3",
75    "@testing-library/user-event": "^12.6.0",
76    "@toast-ui/react-chart": "^1.0.2",
77    "@types/jest": "^26.0.14",
78    "@types/node": "^14.10.3",
79    "@types/react": "^16.9.49",
80    "@types/react-dom": "^16.9.8",
81    "@vtaits/react-color-picker": "^0.1.1",
82    "apexcharts": "^3.23.1",
83    "availity-reactstrap-validation": "^2.7.0",
84    "axios": "^0.21.1",
85    "axios-mock-adapter": "^1.19.0",
86    "axios-progress-bar": "^1.2.0",
87    "bootstrap": "^5.0.0-beta2",
88    "chart.js": "^2.9.4",
89    "chartist": "^0.11.4",
90    "classnames": "^2.2.6",
91    "components": "^0.1.0",
92    "dotenv": "^8.2.0",
93    "draft-js": "^0.11.7",
94    "echarts": "^4.9.0",
95    "echarts-for-react": "^2.0.16",
96    "firebase": "^8.2.3",
97    "google-maps-react": "^2.0.6",
98    "history": "^4.10.1",
99    "i": "^0.3.6",
100    "i18next": "^19.8.4",
101    "i18next-browser-languagedetector": "^6.0.1",
102    "jsonwebtoken": "^8.5.1",
103    "leaflet": "^1.7.1",
104    "lodash": "^4.17.21",
105    "lodash.clonedeep": "^4.5.0",
106    "lodash.get": "^4.4.2",
107    "metismenujs": "^1.2.1",
108    "mkdirp": "^1.0.4",
109    "moment": "2.29.1",
110    "moment-timezone": "^0.5.32",
111    "nouislider-react": "^3.3.9",
112    "npm": "^7.6.3",
113    "prop-types": "^15.7.2",
114    "query-string": "^6.14.0",
115    "react": "^16.13.1",
116    "react-apexcharts": "^1.3.7",
117    "react-auth-code-input": "^1.0.0",
118    "react-avatar": "^3.10.0",
119    "react-bootstrap": "^1.5.0",
120    "react-bootstrap-editable": "^0.8.2",
121    "react-bootstrap-sweetalert": "^5.2.0",
122    "react-bootstrap-table-next": "^4.0.3",
123    "react-bootstrap-table2-editor": "^1.4.0",
124    "react-bootstrap-table2-paginator": "^2.1.2",
125    "react-bootstrap-table2-toolkit": "^2.1.3",
126    "react-chartist": "^0.14.3",
127    "react-chartjs-2": "^2.11.1",
128    "react-color": "^2.19.3",
129    "react-confirm-alert": "^2.7.0",
130    "react-content-loader": "^6.0.1",
131    "react-countdown": "^2.3.1",
132    "react-countup": "^4.3.3",
133    "react-cropper": "^2.1.4",
134    "react-data-table-component": "^6.11.8",
135    "react-date-picker": "^8.0.6",
136    "react-datepicker": "^3.4.1",
137    "react-dom": "^16.13.1",
138    "react-draft-wysiwyg": "^1.14.5",
139    "react-drag-listview": "^0.1.8",
140    "react-drawer": "^1.3.4",
141    "react-dropzone": "^11.2.4",
142    "react-dual-listbox": "^2.0.0",
143    "react-facebook-login": "^4.1.1",
144    "react-flatpickr": "^3.10.6",
145    "react-google-login": "^5.2.2",
146    "react-hook-form": "^7.15.2",
147    "react-i18next": "^11.8.5",
148    "react-icons": "^4.2.0",
149    "react-image-lightbox": "^5.1.1",
150    "react-input-mask": "^2.0.4",
151    "react-jvectormap": "^0.0.16",
152    "react-leaflet": "^3.0.5",
153    "react-meta-tags": "^1.0.1",
154    "react-modal-video": "^1.2.6",
155    "react-notifications": "^1.7.2",
156    "react-number-format": "^4.7.3",
157    "react-perfect-scrollbar": "^1.5.8",
158    "react-rangeslider": "^2.2.0",
159    "react-rating": "^2.0.5",
160    "react-rating-tooltip": "^1.1.6",
161    "react-redux": "^7.2.1",
162    "react-responsive-carousel": "^3.2.11",
163    "react-router-dom": "^5.2.0",
164    "react-script": "^2.0.5",
165    "react-scripts": "3.4.3",
166    "react-select": "^4.3.1",
167    "react-sparklines": "^1.7.0",
168    "react-star-ratings": "^2.3.0",
169    "react-super-responsive-table": "^5.2.0",
170    "react-switch": "^6.0.0",
171    "react-table": "^7.6.3",
172    "react-toastify": "^7.0.3",
173    "react-toastr": "^3.0.0",
174    "react-twitter-auth": "0.0.13",
175    "reactstrap": "^8.8.1",
176    "recharts": "^2.0.8",
177    "redux": "^4.0.5",
178    "redux-saga": "^1.1.3",
179    "reselect": "^4.0.0",
180    "sass": "^1.37.5",
181    "simplebar-react": "^2.3.0",
182    "styled": "^1.0.0",
183    "styled-components": "^5.2.1",
184    "toastr": "^2.1.4",
185    "typescript": "^4.0.2",
186    "universal-cookie": "^4.0.4"
187  },
188  "devDependencies": {
189    "@typescript-eslint/eslint-plugin": "^2.27.0",
190    "@typescript-eslint/parser": "^2.27.0",
191    "@typescript-eslint/typescript-estree": "^4.15.2",
192    "eslint-config-prettier": "^6.10.1",
193    "eslint-plugin-prettier": "^3.1.2",
194    "husky": "^4.2.5",
195    "lint-staged": "^10.1.3",
196    "prettier": "^1.19.1",
197    "react-test-renderer": "^16.13.1",
198    "redux-devtools-extension": "^2.13.8",
199    "redux-mock-store": "^1.5.4"
200  },
201  "scripts": {
202    "start": "react-scripts start",
203    "build": "react-scripts build && mv build ./deploy/build",
204    "build-local": "react-scripts build",
205    "test": "react-scripts test",
206    "eject": "react-scripts eject"
207  },
208  "eslintConfig": {
209    "extends": "react-app"
210  },
211  "husky": {
212    "hooks": {
213      "pre-commit": "lint-staged"
214    }
215  },
216  "lint-staged": {
217    "*.{js,ts,tsx}": [
218      "eslint --fix"
219    ]
220  },
221  "browserslist": {
222    "production": [
223      ">0.2%",
224      "not dead",
225      "not op_mini all"
226    ],
227    "development": [
228      "last 1 chrome version",
229      "last 1 firefox version",
230      "last 1 safari version"
231    ]
232  }
233}
234    - name: Fix up git URLs
235      run: echo -e '[url "https://github.com/"]\n  insteadOf = "git://github.com/"' >> ~/.gitconfig
236git config --global url."https://github.com/".insteadOf git://github.com/
237git config --global url."git@github.com:".insteadOf git://github.com/
238

That will change any git://github.com/ (unencrypted Git protocol) into git@github.com: (SSH URL).

Source https://stackoverflow.com/questions/70663523

QUESTION

Spring Cloud Config Server GitHub SHA-1 error

Asked 2022-Mar-22 at 03:13
Context

This is regarding a Spring Cloud Config Server hobby project (with @EnableConfigServer).

Yesterday, the application could be started.

Today, the application failed to start because of a Git communication error.

From GitHub's official blog post, it is mentioned that SHA-1 is no longer supported starting from 15 March 2022. And that explains the results I'm getting these 2 days.

March 15, 2022

Changes made permanent.

We’ll permanently stop accepting DSA keys. RSA keys uploaded after the cut-off point above will work only with SHA-2 signatures (but again, RSA keys uploaded before this date will continue to work with SHA-1). The deprecated MACs, ciphers, and unencrypted Git protocol will be permanently disabled.

Even if I didn't delete the existing SSH key, it still failed to start today. But anyway, now the only key under the "Deploy keys" section of the repository settings is an SSH key that was added after the March 15, 2022 cut off date.

Dependency versions

Dependency Management:

Dependency Version
spring-cloud-dependencies Hoxton.SR12

Dependency:

Dependency Version
spring-cloud-config-server (Managed)
Spring application configurations

application.yml:

1spring:
2  cloud:
3    config:
4      server:
5        git:
6          ignore-local-ssh-settings: true
7          uri: git@github.com:xxx/xxx.git
8          private-key: |
9                        -----BEGIN RSA PRIVATE KEY-----
10                        (omitted)
11                        -----END RSA PRIVATE KEY-----
12
Additional information

The involved repo is a GitHub private repo configured with an SSH key under the "Deploy keys" settings section.

I have been generating the SSH key pairs according to the Spring Cloud Config official documentation.

Error

From the console log, I see:

ERROR: You're using an RSA key with SHA-1, which is no longer allowed. Please use a newer client or a different key type. Please see https://github.blog/2021-09-01-improving-git-protocol-security-github/ for more information.

This comes from JGit as a org.eclipse.jgit.errors.NoRemoteRepositoryException.

Question and my attempt to fix the issue

I tried upgrading the Spring Cloud dependency management version to the latest available in Maven repository, i.e. 2021.0.1, as it uses a newer version of JGit.

However, I'm still facing the same error.

If I just switch to GitLab with the exact same configurations, it just works regardless of the Spring Cloud dependency version and the JGit version.

What else can I do if I want to use GitHub?

ANSWER

Answered 2022-Mar-16 at 14:07

I have a same problem.

See https://github.com/spring-cloud/spring-cloud-config/issues/2061

For right now, I have a dirty workaround: use https uri, username and password(maybe personal secret token).

1spring:
2  cloud:
3    config:
4      server:
5        git:
6          ignore-local-ssh-settings: true
7          uri: git@github.com:xxx/xxx.git
8          private-key: |
9                        -----BEGIN RSA PRIVATE KEY-----
10                        (omitted)
11                        -----END RSA PRIVATE KEY-----
12spring:
13  cloud:
14    config:
15      server:
16        git:
17          uri: https://github.com/org/repo
18          username: ...
19          password: ...
20

Source https://stackoverflow.com/questions/71489256

QUESTION

Eclipse/Git: "You're using an RSA key with SHA-1, which is no longer allowed. Please use a newer client or a different key type."

Asked 2022-Mar-18 at 13:27

I created a public key in Git using ssh-keygen which was successfully created as .ssh/id_rsa.pub.

enter image description here

I then uploaded it to GitHub in my SSH Keys, and "Authorized" its SSO feature. Everything is uploaded now.

enter image description here

When cloning a repository in Eclipse, I get the following message enter image description here

ANSWER

Answered 2022-Mar-18 at 13:27

I had to generate an ECDSA key, not an RSA key. Not sure why, but none of the RSA options worked for me, including the default.

1ssh-keygen -t ecdsa -b 256 -m PEM
2

I got this from https://stackoverflow.com/a/71502531/1005607

Then I uploaded it to GitHub (after deleting my old key first), updated my Eclipse SSH2 private key to point to id_ecdsa. Now I can clone repositories.

Source https://stackoverflow.com/questions/71500791

QUESTION

Connection reset when using jsch to connect to an sftp server hosted in azure

Asked 2022-Feb-18 at 18:21

we are currently working with a cloud product that uses JSCH internally to connect to external sftp sources. Im investigating an connection reset exception that we are getting when trying to connect to azure sftp.

Using wireshark i determined that the problem occurs after we send the Client: Key Exchange Init. Establishing the same connection with filezilla we dont have this issue.

comparing the packages from jsch and filezilla i didn't see an obivious issue, but im not an expert on the ssh protocol. im gonna post both requests below if somebody could give me any pointers it would be greatly appreciated.

Request with JSCH (not working)

Request with Filezilla (working)

Response with Filezilla (working)

See below for the log output:

1INFO: Connecting to ***** port 22
2INFO: Connection established
3INFO: Remote version string: SSH-2.0-AzureSSH_1.0.0
4INFO: Local version string: SSH-2.0-JSCH-0.1.54
5INFO: CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
6INFO: CheckKexes: diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
7INFO: CheckSignatures: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
8INFO: SSH_MSG_KEXINIT sent
9INFO: Disconnecting from **** port 22
10com.jcraft.jsch.JSchException: Session.connect: java.net.SocketException: Connection reset
11

EDIT: following jameses suggestion i got the same result, connection closed but the client request only had the supported algos as payload. So i tried to replicate the FileZilla request by setting the jsch config regardless if jsch actually supports the algo, i just wanted to see if there is any respone.

But for some reason the connection still gets terminated

Modified jsch request

ANSWER

Answered 2022-Feb-03 at 08:09

i wanted to post a quick update for anybody that is having the same issue, i opened a similiar question on the microsoft q&a site and looks like it's an issue on the azure side that they are working on fixing for GA Microsoft Q&A

Source https://stackoverflow.com/questions/70878675

QUESTION

nexus-staging-maven-plugin: maven deploy failed: An API incompatibility was encountered while executing

Asked 2022-Feb-11 at 22:39

This worked fine for me be building under Java 8. Now under Java 17.01 I get this when I do mvn deploy.

mvn install works fine. I tried 3.6.3 and 3.8.4 and updated (I think) all my plugins to the newest versions.

Any ideas?

1[ERROR] Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy (injected-nexus-deploy) on project persism: Execution injected-nexus-deploy of goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:de
2ploy failed: An API incompatibility was encountered while executing org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
3
4
5[ERROR] import: Entry[import  from realm ClassRealm[maven.api, parent: null]]
6[ERROR]
7[ERROR] -----------------------------------------------------
8[ERROR] : Unable to make field private final java.util.Comparator java.util.TreeMap.comparator accessible: module java.base does not "opens java.util" to unnamed module @149f5761
9[ERROR] -> [Help 1]
10org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy (injected-nexus-deploy) on project persism: Execution injected-nexus-deploy of goal org.sona
11type.plugins:nexus-staging-maven-plugin:1.6.8:deploy failed: An API incompatibility was encountered while executing org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
12
13Caused by: org.apache.maven.plugin.PluginExecutionException: Execution injected-nexus-deploy of goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy failed: An API incompatibility was encountered while executing org.son
14atype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
15

POM:

1[ERROR] Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy (injected-nexus-deploy) on project persism: Execution injected-nexus-deploy of goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:de
2ploy failed: An API incompatibility was encountered while executing org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
3
4
5[ERROR] import: Entry[import  from realm ClassRealm[maven.api, parent: null]]
6[ERROR]
7[ERROR] -----------------------------------------------------
8[ERROR] : Unable to make field private final java.util.Comparator java.util.TreeMap.comparator accessible: module java.base does not "opens java.util" to unnamed module @149f5761
9[ERROR] -> [Help 1]
10org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy (injected-nexus-deploy) on project persism: Execution injected-nexus-deploy of goal org.sona
11type.plugins:nexus-staging-maven-plugin:1.6.8:deploy failed: An API incompatibility was encountered while executing org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
12
13Caused by: org.apache.maven.plugin.PluginExecutionException: Execution injected-nexus-deploy of goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy failed: An API incompatibility was encountered while executing org.son
14atype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
15<?xml version="1.0" encoding="UTF-8"?>
16<project xmlns="http://maven.apache.org/POM/4.0.0"
17         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
18         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
19    <modelVersion>4.0.0</modelVersion>
20
21    <groupId>io.github.sproket</groupId>
22    <artifactId>persism</artifactId>
23    <version>2.0.0</version>
24    <packaging>jar</packaging>
25
26
27    <build>
28        <sourceDirectory>./src</sourceDirectory>
29        <testSourceDirectory>./test</testSourceDirectory>
30        <testResources>
31            <testResource>
32                <directory>./test</directory>
33                <!--                <includes>-->
34                <!--                    <include>*.*</include>-->
35                <!--                </includes>-->
36            </testResource>
37        </testResources>
38        <plugins>
39            <plugin>
40                <groupId>org.apache.maven.plugins</groupId>
41                <artifactId>maven-compiler-plugin</artifactId>
42                <version>3.8.1</version>
43                <!-- MSSQL does not seem to able to connect with 16 -->
44                <configuration>
45                    <source>17</source>
46                    <target>17</target>
47<!--                    <compilerArgs>-->
48<!--                        <arg>-parameters</arg>-->
49<!--                    </compilerArgs>-->
50                </configuration>
51            </plugin>
52
53            <plugin>
54                <groupId>org.apache.maven.plugins</groupId>
55                <artifactId>maven-jar-plugin</artifactId>
56                <version>3.2.0</version>
57                <configuration>
58                    <archive>
59                        <manifestEntries>
60                            <Automatic-Module-Name>sproket.github.io.persism</Automatic-Module-Name>
61                        </manifestEntries>
62                    </archive>
63                </configuration>
64            </plugin>
65
66            <plugin>
67                <groupId>org.apache.maven.plugins</groupId>
68                <artifactId>maven-source-plugin</artifactId>
69                <version>3.2.1</version>
70                <executions>
71                    <execution>
72                        <id>attach-sources</id>
73                        <goals>
74                            <goal>jar-no-fork</goal>
75                        </goals>
76                    </execution>
77                </executions>
78            </plugin>
79            <plugin>
80                <groupId>org.apache.maven.plugins</groupId>
81                <artifactId>maven-javadoc-plugin</artifactId>
82                <version>3.2.0</version>
83                <configuration>
84                    <excludePackageNames>net.sf.persism.log*;net.sf.persism.logging.*</excludePackageNames>
85                    <source>17</source>
86                </configuration>
87                <executions>
88                    <execution>
89                        <id>attach-javadocs</id>
90                        <goals>
91                            <goal>jar</goal>
92                        </goals>
93                    </execution>
94                </executions>
95            </plugin>
96            <plugin>
97                <artifactId>maven-surefire-plugin</artifactId>
98                <version>3.0.0-M5</version>
99                <configuration>
100                    <excludedGroups>net.sf.persism.categories.ExternalDB,net.sf.persism.categories.TestContainerDB
101                    </excludedGroups>
102                </configuration>
103            </plugin>
104            <plugin>
105                <groupId>org.sonatype.plugins</groupId>
106                <artifactId>nexus-staging-maven-plugin</artifactId>
107                <version>1.6.8</version>
108                <extensions>true</extensions>
109                <configuration>
110                    <serverId>ossrh</serverId>
111                    <nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>
112                    <autoReleaseAfterClose>true</autoReleaseAfterClose>
113                </configuration>
114            </plugin>
115
116        </plugins>
117    </build>
118
119    <name>persism</name>
120    <description>A zero ceremony ORM for Java</description>
121    <url>https://github.com/sproket/Persism</url>
122
123    <properties>
124        <java.version>17</java.version>
125        <maven.compiler.release>17</maven.compiler.release>
126        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
127    </properties>
128
129    <licenses>
130        <license>
131            <name>BSD-3-Clause License</name>
132            <url>https://github.com/sproket/Persism/blob/master/license.txt</url>
133        </license>
134    </licenses>
135
136    <developers>
137        <developer>
138            <name>Dan Howard</name>
139            <email>--------------------------</email>
140            <organization>io.github</organization>
141            <organizationUrl>https://sproket.github.io/Persism/</organizationUrl>
142        </developer>
143    </developers>
144
145    <distributionManagement>
146        <snapshotRepository>
147            <id>ossrh</id>
148            <url>https://s01.oss.sonatype.org/content/repositories/snapshots</url>
149        </snapshotRepository>
150        <repository>
151            <id>ossrh</id>
152            <url>https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/</url>
153        </repository>
154    </distributionManagement>
155
156    <scm>
157        <connection>scm:git:git://github.com/sproket/Persism.git</connection>
158        <developerConnection>scm:git:ssh://github.com/sproket/Persism.git</developerConnection>
159        <url>https://github.com/sproket/Persism</url>
160    </scm>
161
162    <profiles>
163        <profile>
164            <id>include-test-containers-db</id>
165            <activation>
166                <activeByDefault>false</activeByDefault>
167            </activation>
168            <build>
169                <plugins>
170                    <plugin>
171                        <artifactId>maven-surefire-plugin</artifactId>
172                        <version>3.0.0-M5</version>
173                        <configuration>
174                            <excludedGroups>net.sf.persism.categories.ExternalDB</excludedGroups>
175                        </configuration>
176                    </plugin>
177                </plugins>
178            </build>
179        </profile>
180
181        <profile>
182            <id>exclude-test-containers-db</id>
183            <activation>
184                <activeByDefault>false</activeByDefault>
185            </activation>
186            <build>
187                <plugins>
188                    <plugin>
189                        <artifactId>maven-surefire-plugin</artifactId>
190                        <version>3.0.0-M5</version>
191                        <configuration>
192                            <excludedGroups>net.sf.persism.categories.TestContainerDB</excludedGroups>
193                        </configuration>
194                    </plugin>
195                </plugins>
196            </build>
197        </profile>
198
199        <profile>
200            <id>release</id>
201            <build>
202                <plugins>
203                    <plugin>
204                        <groupId>org.apache.maven.plugins</groupId>
205                        <artifactId>maven-jar-plugin</artifactId>
206                        <version>3.2.0</version>
207                        <configuration>
208                            <archive>
209                                <manifestEntries>
210                                    <Automatic-Module-Name>sproket.github.io.persism</Automatic-Module-Name>
211                                </manifestEntries>
212                            </archive>
213                        </configuration>
214                    </plugin>
215                    <plugin>
216                        <groupId>org.apache.maven.plugins</groupId>
217                        <artifactId>maven-source-plugin</artifactId>
218                        <version>3.2.1</version>
219                        <executions>
220                            <execution>
221                                <id>attach-sources</id>
222                                <goals>
223                                    <goal>jar-no-fork</goal>
224                                </goals>
225                            </execution>
226                        </executions>
227                    </plugin>
228                    <plugin>
229                        <groupId>org.apache.maven.plugins</groupId>
230                        <artifactId>maven-javadoc-plugin</artifactId>
231                        <version>3.2.0</version>
232                        <executions>
233                            <execution>
234                                <id>attach-javadocs</id>
235                                <goals>
236                                    <goal>jar</goal>
237                                </goals>
238                                <configuration>
239                                    <release>17</release>
240                                </configuration>
241                            </execution>
242                        </executions>
243                    </plugin>
244                    <plugin>
245                        <groupId>org.apache.maven.plugins</groupId>
246                        <artifactId>maven-gpg-plugin</artifactId>
247                        <version>3.0.1</version>
248                        <executions>
249                            <execution>
250                                <id>sign-artifacts</id>
251                                <phase>verify</phase>
252                                <goals>
253                                    <goal>sign</goal>
254                                </goals>
255                            </execution>
256                        </executions>
257                    </plugin>
258                </plugins>
259            </build>
260        </profile>
261    </profiles>
262
263
264    <dependencies>
265        <dependency>
266            <groupId>junit</groupId>
267            <artifactId>junit</artifactId>
268            <version>4.13.2</version>
269            <scope>test</scope>
270        </dependency>
271        <dependency>
272            <groupId>com.carrotsearch</groupId>
273            <artifactId>junit-benchmarks</artifactId>
274            <version>0.7.2</version>
275            <scope>test</scope>
276        </dependency>
277        <dependency>
278            <groupId>org.testcontainers</groupId>
279            <artifactId>testcontainers</artifactId>
280            <version>1.15.2</version>
281            <scope>test</scope>
282        </dependency>
283        <dependency>
284            <groupId>ch.qos.logback</groupId>
285            <artifactId>logback-classic</artifactId>
286            <version>1.2.7</version>
287            <scope>provided</scope>
288        </dependency>
289
290        <dependency>
291            <groupId>log4j</groupId>
292            <artifactId>log4j</artifactId>
293            <version>1.2.17</version>
294            <scope>provided</scope>
295        </dependency>
296
297        <dependency>
298            <groupId>org.apache.logging.log4j</groupId>
299            <artifactId>log4j-api</artifactId>
300            <version>2.14.1</version>
301            <scope>provided</scope>
302        </dependency>
303        <dependency>
304            <groupId>org.apache.logging.log4j</groupId>
305            <artifactId>log4j-core</artifactId>
306            <version>2.14.1</version>
307            <scope>provided</scope>
308        </dependency>
309
310
311        <dependency>
312            <groupId>commons-dbcp</groupId>
313            <artifactId>commons-dbcp</artifactId>
314            <version>1.4</version>
315            <scope>test</scope>
316        </dependency>
317
318        <dependency>
319            <groupId>org.firebirdsql.jdbc</groupId>
320            <artifactId>jaybird</artifactId>
321            <version>4.0.2.java8</version>
322            <scope>test</scope>
323        </dependency>
324
325        <dependency>
326            <groupId>org.firebirdsql</groupId>
327            <artifactId>firebird-testcontainers-java</artifactId>
328            <version>1.1.0</version>
329            <scope>test</scope>
330        </dependency>
331
332        <dependency>
333            <groupId>com.h2database</groupId>
334            <artifactId>h2</artifactId>
335            <version>1.4.200</version>
336            <scope>test</scope>
337        </dependency>
338
339        <dependency>
340            <!-- using older version as 2.5.1 collides with ucanaccess -->
341            <groupId>org.hsqldb</groupId>
342            <artifactId>hsqldb</artifactId>
343            <version>2.5.1</version>
344            <scope>test</scope>
345            <!--            <classifier>debug</classifier>-->
346        </dependency>
347
348        <dependency>
349            <groupId>org.apache.derby</groupId>
350            <artifactId>derby</artifactId>
351            <version>10.8.2.2</version>
352            <scope>test</scope>
353        </dependency>
354
355        <!-- OR -Djdk.tls.client.protocols=TLSv1 -->
356        <dependency>
357            <groupId>com.microsoft.sqlserver</groupId>
358            <artifactId>mssql-jdbc</artifactId>
359            <version>8.4.1.jre8</version>
360            <scope>test</scope>
361        </dependency>
362
363        <dependency>
364            <groupId>org.testcontainers</groupId>
365            <artifactId>mssqlserver</artifactId>
366            <version>1.15.2</version>
367            <scope>test</scope>
368        </dependency>
369
370        <dependency>
371            <groupId>mysql</groupId>
372            <artifactId>mysql-connector-java</artifactId>
373            <version>8.0.23</version>
374            <scope>test</scope>
375        </dependency>
376
377        <dependency>
378            <groupId>org.testcontainers</groupId>
379            <artifactId>mysql</artifactId>
380            <version>1.15.2</version>
381            <scope>test</scope>
382        </dependency>
383
384        <dependency>
385            <groupId>net.sourceforge.jtds</groupId>
386            <artifactId>jtds</artifactId>
387            <version>1.3.1</version>
388            <scope>test</scope>
389        </dependency>
390
391        <dependency>
392            <groupId>com.oracle.database.jdbc</groupId>
393            <artifactId>ojdbc8</artifactId>
394            <version>21.3.0.0</version>
395            <scope>test</scope>
396        </dependency>
397
398        <!--        <dependency>-->
399        <!--            <groupId>com.oracle</groupId>-->
400        <!--            <artifactId>ojdbc6</artifactId>-->
401        <!--            <version>11.2.0.4</version>-->
402        <!--            <scope>test</scope>-->
403        <!--        </dependency>-->
404
405        <dependency>
406            <groupId>org.postgresql</groupId>
407            <artifactId>postgresql</artifactId>
408            <version>9.2-1004-jdbc41</version>
409            <scope>test</scope>
410        </dependency>
411        <dependency>
412            <groupId>org.testcontainers</groupId>
413            <artifactId>postgresql</artifactId>
414            <version>1.15.2</version>
415            <scope>test</scope>
416        </dependency>
417
418        <dependency>
419            <groupId>org.xerial</groupId>
420            <artifactId>sqlite-jdbc</artifactId>
421            <version>3.34.0</version>
422            <scope>test</scope>
423        </dependency>
424
425        <dependency>
426            <groupId>net.sf.ucanaccess</groupId>
427            <artifactId>ucanaccess</artifactId>
428            <version>5.0.1</version>
429            <scope>test</scope>
430        </dependency>
431
432        <dependency>
433            <groupId>com.ibm.informix</groupId>
434            <artifactId>informix-jdbc-complete</artifactId>
435            <version>4.50.4.1</version>
436            <scope>test</scope>
437        </dependency>
438
439        <dependency>
440            <groupId>com.toddfast.typeconverter</groupId>
441            <artifactId>typeconverter</artifactId>
442            <version>1.0</version>
443            <scope>test</scope>
444        </dependency>
445
446        <dependency>
447            <groupId>org.reflections</groupId>
448            <artifactId>reflections</artifactId>
449            <version>0.9.11</version>
450            <scope>test</scope>
451        </dependency>
452
453        <!-- https://mvnrepository.com/artifact/javax.persistence/javax.persistence-api -->
454        <dependency>
455            <groupId>javax.persistence</groupId>
456            <artifactId>javax.persistence-api</artifactId>
457            <version>2.2</version>
458            <scope>test</scope>
459        </dependency>
460
461
462        <!-- https://mvnrepository.com/artifact/org.codehaus.mojo/cobertura-maven-plugin -->
463        <!-- DOES NOT WORK with JAVA 8 + -->
464        <!--        <dependency>-->
465        <!--            <groupId>org.codehaus.mojo</groupId>-->
466        <!--            <artifactId>cobertura-maven-plugin</artifactId>-->
467        <!--            <version>2.7</version>-->
468        <!--            <scope>test</scope>-->
469        <!--            <exclusions>-->
470        <!--                <exclusion>-->
471        <!--                    <groupId>com.sun</groupId>-->
472        <!--                    <artifactId>tools</artifactId>-->
473        <!--                </exclusion>-->
474        <!--            </exclusions>-->
475        <!--        </dependency>-->
476
477
478    </dependencies>
479
480</project>
481

ANSWER

Answered 2022-Feb-11 at 22:39

Update: Version 1.6.9 has been released and should fix this issue! 🎉

This is actually a known bug, which is now open for quite a while: OSSRH-66257. There are two known workarounds:

1. Open Modules

As a workaround, use --add-opens to give the library causing the problem access to the required classes:

1[ERROR] Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy (injected-nexus-deploy) on project persism: Execution injected-nexus-deploy of goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:de
2ploy failed: An API incompatibility was encountered while executing org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
3
4
5[ERROR] import: Entry[import  from realm ClassRealm[maven.api, parent: null]]
6[ERROR]
7[ERROR] -----------------------------------------------------
8[ERROR] : Unable to make field private final java.util.Comparator java.util.TreeMap.comparator accessible: module java.base does not "opens java.util" to unnamed module @149f5761
9[ERROR] -> [Help 1]
10org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy (injected-nexus-deploy) on project persism: Execution injected-nexus-deploy of goal org.sona
11type.plugins:nexus-staging-maven-plugin:1.6.8:deploy failed: An API incompatibility was encountered while executing org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
12
13Caused by: org.apache.maven.plugin.PluginExecutionException: Execution injected-nexus-deploy of goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy failed: An API incompatibility was encountered while executing org.son
14atype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
15<?xml version="1.0" encoding="UTF-8"?>
16<project xmlns="http://maven.apache.org/POM/4.0.0"
17         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
18         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
19    <modelVersion>4.0.0</modelVersion>
20
21    <groupId>io.github.sproket</groupId>
22    <artifactId>persism</artifactId>
23    <version>2.0.0</version>
24    <packaging>jar</packaging>
25
26
27    <build>
28        <sourceDirectory>./src</sourceDirectory>
29        <testSourceDirectory>./test</testSourceDirectory>
30        <testResources>
31            <testResource>
32                <directory>./test</directory>
33                <!--                <includes>-->
34                <!--                    <include>*.*</include>-->
35                <!--                </includes>-->
36            </testResource>
37        </testResources>
38        <plugins>
39            <plugin>
40                <groupId>org.apache.maven.plugins</groupId>
41                <artifactId>maven-compiler-plugin</artifactId>
42                <version>3.8.1</version>
43                <!-- MSSQL does not seem to able to connect with 16 -->
44                <configuration>
45                    <source>17</source>
46                    <target>17</target>
47<!--                    <compilerArgs>-->
48<!--                        <arg>-parameters</arg>-->
49<!--                    </compilerArgs>-->
50                </configuration>
51            </plugin>
52
53            <plugin>
54                <groupId>org.apache.maven.plugins</groupId>
55                <artifactId>maven-jar-plugin</artifactId>
56                <version>3.2.0</version>
57                <configuration>
58                    <archive>
59                        <manifestEntries>
60                            <Automatic-Module-Name>sproket.github.io.persism</Automatic-Module-Name>
61                        </manifestEntries>
62                    </archive>
63                </configuration>
64            </plugin>
65
66            <plugin>
67                <groupId>org.apache.maven.plugins</groupId>
68                <artifactId>maven-source-plugin</artifactId>
69                <version>3.2.1</version>
70                <executions>
71                    <execution>
72                        <id>attach-sources</id>
73                        <goals>
74                            <goal>jar-no-fork</goal>
75                        </goals>
76                    </execution>
77                </executions>
78            </plugin>
79            <plugin>
80                <groupId>org.apache.maven.plugins</groupId>
81                <artifactId>maven-javadoc-plugin</artifactId>
82                <version>3.2.0</version>
83                <configuration>
84                    <excludePackageNames>net.sf.persism.log*;net.sf.persism.logging.*</excludePackageNames>
85                    <source>17</source>
86                </configuration>
87                <executions>
88                    <execution>
89                        <id>attach-javadocs</id>
90                        <goals>
91                            <goal>jar</goal>
92                        </goals>
93                    </execution>
94                </executions>
95            </plugin>
96            <plugin>
97                <artifactId>maven-surefire-plugin</artifactId>
98                <version>3.0.0-M5</version>
99                <configuration>
100                    <excludedGroups>net.sf.persism.categories.ExternalDB,net.sf.persism.categories.TestContainerDB
101                    </excludedGroups>
102                </configuration>
103            </plugin>
104            <plugin>
105                <groupId>org.sonatype.plugins</groupId>
106                <artifactId>nexus-staging-maven-plugin</artifactId>
107                <version>1.6.8</version>
108                <extensions>true</extensions>
109                <configuration>
110                    <serverId>ossrh</serverId>
111                    <nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>
112                    <autoReleaseAfterClose>true</autoReleaseAfterClose>
113                </configuration>
114            </plugin>
115
116        </plugins>
117    </build>
118
119    <name>persism</name>
120    <description>A zero ceremony ORM for Java</description>
121    <url>https://github.com/sproket/Persism</url>
122
123    <properties>
124        <java.version>17</java.version>
125        <maven.compiler.release>17</maven.compiler.release>
126        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
127    </properties>
128
129    <licenses>
130        <license>
131            <name>BSD-3-Clause License</name>
132            <url>https://github.com/sproket/Persism/blob/master/license.txt</url>
133        </license>
134    </licenses>
135
136    <developers>
137        <developer>
138            <name>Dan Howard</name>
139            <email>--------------------------</email>
140            <organization>io.github</organization>
141            <organizationUrl>https://sproket.github.io/Persism/</organizationUrl>
142        </developer>
143    </developers>
144
145    <distributionManagement>
146        <snapshotRepository>
147            <id>ossrh</id>
148            <url>https://s01.oss.sonatype.org/content/repositories/snapshots</url>
149        </snapshotRepository>
150        <repository>
151            <id>ossrh</id>
152            <url>https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/</url>
153        </repository>
154    </distributionManagement>
155
156    <scm>
157        <connection>scm:git:git://github.com/sproket/Persism.git</connection>
158        <developerConnection>scm:git:ssh://github.com/sproket/Persism.git</developerConnection>
159        <url>https://github.com/sproket/Persism</url>
160    </scm>
161
162    <profiles>
163        <profile>
164            <id>include-test-containers-db</id>
165            <activation>
166                <activeByDefault>false</activeByDefault>
167            </activation>
168            <build>
169                <plugins>
170                    <plugin>
171                        <artifactId>maven-surefire-plugin</artifactId>
172                        <version>3.0.0-M5</version>
173                        <configuration>
174                            <excludedGroups>net.sf.persism.categories.ExternalDB</excludedGroups>
175                        </configuration>
176                    </plugin>
177                </plugins>
178            </build>
179        </profile>
180
181        <profile>
182            <id>exclude-test-containers-db</id>
183            <activation>
184                <activeByDefault>false</activeByDefault>
185            </activation>
186            <build>
187                <plugins>
188                    <plugin>
189                        <artifactId>maven-surefire-plugin</artifactId>
190                        <version>3.0.0-M5</version>
191                        <configuration>
192                            <excludedGroups>net.sf.persism.categories.TestContainerDB</excludedGroups>
193                        </configuration>
194                    </plugin>
195                </plugins>
196            </build>
197        </profile>
198
199        <profile>
200            <id>release</id>
201            <build>
202                <plugins>
203                    <plugin>
204                        <groupId>org.apache.maven.plugins</groupId>
205                        <artifactId>maven-jar-plugin</artifactId>
206                        <version>3.2.0</version>
207                        <configuration>
208                            <archive>
209                                <manifestEntries>
210                                    <Automatic-Module-Name>sproket.github.io.persism</Automatic-Module-Name>
211                                </manifestEntries>
212                            </archive>
213                        </configuration>
214                    </plugin>
215                    <plugin>
216                        <groupId>org.apache.maven.plugins</groupId>
217                        <artifactId>maven-source-plugin</artifactId>
218                        <version>3.2.1</version>
219                        <executions>
220                            <execution>
221                                <id>attach-sources</id>
222                                <goals>
223                                    <goal>jar-no-fork</goal>
224                                </goals>
225                            </execution>
226                        </executions>
227                    </plugin>
228                    <plugin>
229                        <groupId>org.apache.maven.plugins</groupId>
230                        <artifactId>maven-javadoc-plugin</artifactId>
231                        <version>3.2.0</version>
232                        <executions>
233                            <execution>
234                                <id>attach-javadocs</id>
235                                <goals>
236                                    <goal>jar</goal>
237                                </goals>
238                                <configuration>
239                                    <release>17</release>
240                                </configuration>
241                            </execution>
242                        </executions>
243                    </plugin>
244                    <plugin>
245                        <groupId>org.apache.maven.plugins</groupId>
246                        <artifactId>maven-gpg-plugin</artifactId>
247                        <version>3.0.1</version>
248                        <executions>
249                            <execution>
250                                <id>sign-artifacts</id>
251                                <phase>verify</phase>
252                                <goals>
253                                    <goal>sign</goal>
254                                </goals>
255                            </execution>
256                        </executions>
257                    </plugin>
258                </plugins>
259            </build>
260        </profile>
261    </profiles>
262
263
264    <dependencies>
265        <dependency>
266            <groupId>junit</groupId>
267            <artifactId>junit</artifactId>
268            <version>4.13.2</version>
269            <scope>test</scope>
270        </dependency>
271        <dependency>
272            <groupId>com.carrotsearch</groupId>
273            <artifactId>junit-benchmarks</artifactId>
274            <version>0.7.2</version>
275            <scope>test</scope>
276        </dependency>
277        <dependency>
278            <groupId>org.testcontainers</groupId>
279            <artifactId>testcontainers</artifactId>
280            <version>1.15.2</version>
281            <scope>test</scope>
282        </dependency>
283        <dependency>
284            <groupId>ch.qos.logback</groupId>
285            <artifactId>logback-classic</artifactId>
286            <version>1.2.7</version>
287            <scope>provided</scope>
288        </dependency>
289
290        <dependency>
291            <groupId>log4j</groupId>
292            <artifactId>log4j</artifactId>
293            <version>1.2.17</version>
294            <scope>provided</scope>
295        </dependency>
296
297        <dependency>
298            <groupId>org.apache.logging.log4j</groupId>
299            <artifactId>log4j-api</artifactId>
300            <version>2.14.1</version>
301            <scope>provided</scope>
302        </dependency>
303        <dependency>
304            <groupId>org.apache.logging.log4j</groupId>
305            <artifactId>log4j-core</artifactId>
306            <version>2.14.1</version>
307            <scope>provided</scope>
308        </dependency>
309
310
311        <dependency>
312            <groupId>commons-dbcp</groupId>
313            <artifactId>commons-dbcp</artifactId>
314            <version>1.4</version>
315            <scope>test</scope>
316        </dependency>
317
318        <dependency>
319            <groupId>org.firebirdsql.jdbc</groupId>
320            <artifactId>jaybird</artifactId>
321            <version>4.0.2.java8</version>
322            <scope>test</scope>
323        </dependency>
324
325        <dependency>
326            <groupId>org.firebirdsql</groupId>
327            <artifactId>firebird-testcontainers-java</artifactId>
328            <version>1.1.0</version>
329            <scope>test</scope>
330        </dependency>
331
332        <dependency>
333            <groupId>com.h2database</groupId>
334            <artifactId>h2</artifactId>
335            <version>1.4.200</version>
336            <scope>test</scope>
337        </dependency>
338
339        <dependency>
340            <!-- using older version as 2.5.1 collides with ucanaccess -->
341            <groupId>org.hsqldb</groupId>
342            <artifactId>hsqldb</artifactId>
343            <version>2.5.1</version>
344            <scope>test</scope>
345            <!--            <classifier>debug</classifier>-->
346        </dependency>
347
348        <dependency>
349            <groupId>org.apache.derby</groupId>
350            <artifactId>derby</artifactId>
351            <version>10.8.2.2</version>
352            <scope>test</scope>
353        </dependency>
354
355        <!-- OR -Djdk.tls.client.protocols=TLSv1 -->
356        <dependency>
357            <groupId>com.microsoft.sqlserver</groupId>
358            <artifactId>mssql-jdbc</artifactId>
359            <version>8.4.1.jre8</version>
360            <scope>test</scope>
361        </dependency>
362
363        <dependency>
364            <groupId>org.testcontainers</groupId>
365            <artifactId>mssqlserver</artifactId>
366            <version>1.15.2</version>
367            <scope>test</scope>
368        </dependency>
369
370        <dependency>
371            <groupId>mysql</groupId>
372            <artifactId>mysql-connector-java</artifactId>
373            <version>8.0.23</version>
374            <scope>test</scope>
375        </dependency>
376
377        <dependency>
378            <groupId>org.testcontainers</groupId>
379            <artifactId>mysql</artifactId>
380            <version>1.15.2</version>
381            <scope>test</scope>
382        </dependency>
383
384        <dependency>
385            <groupId>net.sourceforge.jtds</groupId>
386            <artifactId>jtds</artifactId>
387            <version>1.3.1</version>
388            <scope>test</scope>
389        </dependency>
390
391        <dependency>
392            <groupId>com.oracle.database.jdbc</groupId>
393            <artifactId>ojdbc8</artifactId>
394            <version>21.3.0.0</version>
395            <scope>test</scope>
396        </dependency>
397
398        <!--        <dependency>-->
399        <!--            <groupId>com.oracle</groupId>-->
400        <!--            <artifactId>ojdbc6</artifactId>-->
401        <!--            <version>11.2.0.4</version>-->
402        <!--            <scope>test</scope>-->
403        <!--        </dependency>-->
404
405        <dependency>
406            <groupId>org.postgresql</groupId>
407            <artifactId>postgresql</artifactId>
408            <version>9.2-1004-jdbc41</version>
409            <scope>test</scope>
410        </dependency>
411        <dependency>
412            <groupId>org.testcontainers</groupId>
413            <artifactId>postgresql</artifactId>
414            <version>1.15.2</version>
415            <scope>test</scope>
416        </dependency>
417
418        <dependency>
419            <groupId>org.xerial</groupId>
420            <artifactId>sqlite-jdbc</artifactId>
421            <version>3.34.0</version>
422            <scope>test</scope>
423        </dependency>
424
425        <dependency>
426            <groupId>net.sf.ucanaccess</groupId>
427            <artifactId>ucanaccess</artifactId>
428            <version>5.0.1</version>
429            <scope>test</scope>
430        </dependency>
431
432        <dependency>
433            <groupId>com.ibm.informix</groupId>
434            <artifactId>informix-jdbc-complete</artifactId>
435            <version>4.50.4.1</version>
436            <scope>test</scope>
437        </dependency>
438
439        <dependency>
440            <groupId>com.toddfast.typeconverter</groupId>
441            <artifactId>typeconverter</artifactId>
442            <version>1.0</version>
443            <scope>test</scope>
444        </dependency>
445
446        <dependency>
447            <groupId>org.reflections</groupId>
448            <artifactId>reflections</artifactId>
449            <version>0.9.11</version>
450            <scope>test</scope>
451        </dependency>
452
453        <!-- https://mvnrepository.com/artifact/javax.persistence/javax.persistence-api -->
454        <dependency>
455            <groupId>javax.persistence</groupId>
456            <artifactId>javax.persistence-api</artifactId>
457            <version>2.2</version>
458            <scope>test</scope>
459        </dependency>
460
461
462        <!-- https://mvnrepository.com/artifact/org.codehaus.mojo/cobertura-maven-plugin -->
463        <!-- DOES NOT WORK with JAVA 8 + -->
464        <!--        <dependency>-->
465        <!--            <groupId>org.codehaus.mojo</groupId>-->
466        <!--            <artifactId>cobertura-maven-plugin</artifactId>-->
467        <!--            <version>2.7</version>-->
468        <!--            <scope>test</scope>-->
469        <!--            <exclusions>-->
470        <!--                <exclusion>-->
471        <!--                    <groupId>com.sun</groupId>-->
472        <!--                    <artifactId>tools</artifactId>-->
473        <!--                </exclusion>-->
474        <!--            </exclusions>-->
475        <!--        </dependency>-->
476
477
478    </dependencies>
479
480</project>
481export MAVEN_OPTS="--add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.lang.reflect=ALL-UNNAMED --add-opens=java.base/java.text=ALL-UNNAMED --add-opens=java.desktop/java.awt.font=ALL-UNNAMED"
482mvn deploy
483
2. Manage Upstream Dependencies

Or you can update the library that causes the problem:

1[ERROR] Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy (injected-nexus-deploy) on project persism: Execution injected-nexus-deploy of goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:de
2ploy failed: An API incompatibility was encountered while executing org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
3
4
5[ERROR] import: Entry[import  from realm ClassRealm[maven.api, parent: null]]
6[ERROR]
7[ERROR] -----------------------------------------------------
8[ERROR] : Unable to make field private final java.util.Comparator java.util.TreeMap.comparator accessible: module java.base does not "opens java.util" to unnamed module @149f5761
9[ERROR] -> [Help 1]
10org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy (injected-nexus-deploy) on project persism: Execution injected-nexus-deploy of goal org.sona
11type.plugins:nexus-staging-maven-plugin:1.6.8:deploy failed: An API incompatibility was encountered while executing org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
12
13Caused by: org.apache.maven.plugin.PluginExecutionException: Execution injected-nexus-deploy of goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy failed: An API incompatibility was encountered while executing org.son
14atype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
15<?xml version="1.0" encoding="UTF-8"?>
16<project xmlns="http://maven.apache.org/POM/4.0.0"
17         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
18         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
19    <modelVersion>4.0.0</modelVersion>
20
21    <groupId>io.github.sproket</groupId>
22    <artifactId>persism</artifactId>
23    <version>2.0.0</version>
24    <packaging>jar</packaging>
25
26
27    <build>
28        <sourceDirectory>./src</sourceDirectory>
29        <testSourceDirectory>./test</testSourceDirectory>
30        <testResources>
31            <testResource>
32                <directory>./test</directory>
33                <!--                <includes>-->
34                <!--                    <include>*.*</include>-->
35                <!--                </includes>-->
36            </testResource>
37        </testResources>
38        <plugins>
39            <plugin>
40                <groupId>org.apache.maven.plugins</groupId>
41                <artifactId>maven-compiler-plugin</artifactId>
42                <version>3.8.1</version>
43                <!-- MSSQL does not seem to able to connect with 16 -->
44                <configuration>
45                    <source>17</source>
46                    <target>17</target>
47<!--                    <compilerArgs>-->
48<!--                        <arg>-parameters</arg>-->
49<!--                    </compilerArgs>-->
50                </configuration>
51            </plugin>
52
53            <plugin>
54                <groupId>org.apache.maven.plugins</groupId>
55                <artifactId>maven-jar-plugin</artifactId>
56                <version>3.2.0</version>
57                <configuration>
58                    <archive>
59                        <manifestEntries>
60                            <Automatic-Module-Name>sproket.github.io.persism</Automatic-Module-Name>
61                        </manifestEntries>
62                    </archive>
63                </configuration>
64            </plugin>
65
66            <plugin>
67                <groupId>org.apache.maven.plugins</groupId>
68                <artifactId>maven-source-plugin</artifactId>
69                <version>3.2.1</version>
70                <executions>
71                    <execution>
72                        <id>attach-sources</id>
73                        <goals>
74                            <goal>jar-no-fork</goal>
75                        </goals>
76                    </execution>
77                </executions>
78            </plugin>
79            <plugin>
80                <groupId>org.apache.maven.plugins</groupId>
81                <artifactId>maven-javadoc-plugin</artifactId>
82                <version>3.2.0</version>
83                <configuration>
84                    <excludePackageNames>net.sf.persism.log*;net.sf.persism.logging.*</excludePackageNames>
85                    <source>17</source>
86                </configuration>
87                <executions>
88                    <execution>
89                        <id>attach-javadocs</id>
90                        <goals>
91                            <goal>jar</goal>
92                        </goals>
93                    </execution>
94                </executions>
95            </plugin>
96            <plugin>
97                <artifactId>maven-surefire-plugin</artifactId>
98                <version>3.0.0-M5</version>
99                <configuration>
100                    <excludedGroups>net.sf.persism.categories.ExternalDB,net.sf.persism.categories.TestContainerDB
101                    </excludedGroups>
102                </configuration>
103            </plugin>
104            <plugin>
105                <groupId>org.sonatype.plugins</groupId>
106                <artifactId>nexus-staging-maven-plugin</artifactId>
107                <version>1.6.8</version>
108                <extensions>true</extensions>
109                <configuration>
110                    <serverId>ossrh</serverId>
111                    <nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>
112                    <autoReleaseAfterClose>true</autoReleaseAfterClose>
113                </configuration>
114            </plugin>
115
116        </plugins>
117    </build>
118
119    <name>persism</name>
120    <description>A zero ceremony ORM for Java</description>
121    <url>https://github.com/sproket/Persism</url>
122
123    <properties>
124        <java.version>17</java.version>
125        <maven.compiler.release>17</maven.compiler.release>
126        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
127    </properties>
128
129    <licenses>
130        <license>
131            <name>BSD-3-Clause License</name>
132            <url>https://github.com/sproket/Persism/blob/master/license.txt</url>
133        </license>
134    </licenses>
135
136    <developers>
137        <developer>
138            <name>Dan Howard</name>
139            <email>--------------------------</email>
140            <organization>io.github</organization>
141            <organizationUrl>https://sproket.github.io/Persism/</organizationUrl>
142        </developer>
143    </developers>
144
145    <distributionManagement>
146        <snapshotRepository>
147            <id>ossrh</id>
148            <url>https://s01.oss.sonatype.org/content/repositories/snapshots</url>
149        </snapshotRepository>
150        <repository>
151            <id>ossrh</id>
152            <url>https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/</url>
153        </repository>
154    </distributionManagement>
155
156    <scm>
157        <connection>scm:git:git://github.com/sproket/Persism.git</connection>
158        <developerConnection>scm:git:ssh://github.com/sproket/Persism.git</developerConnection>
159        <url>https://github.com/sproket/Persism</url>
160    </scm>
161
162    <profiles>
163        <profile>
164            <id>include-test-containers-db</id>
165            <activation>
166                <activeByDefault>false</activeByDefault>
167            </activation>
168            <build>
169                <plugins>
170                    <plugin>
171                        <artifactId>maven-surefire-plugin</artifactId>
172                        <version>3.0.0-M5</version>
173                        <configuration>
174                            <excludedGroups>net.sf.persism.categories.ExternalDB</excludedGroups>
175                        </configuration>
176                    </plugin>
177                </plugins>
178            </build>
179        </profile>
180
181        <profile>
182            <id>exclude-test-containers-db</id>
183            <activation>
184                <activeByDefault>false</activeByDefault>
185            </activation>
186            <build>
187                <plugins>
188                    <plugin>
189                        <artifactId>maven-surefire-plugin</artifactId>
190                        <version>3.0.0-M5</version>
191                        <configuration>
192                            <excludedGroups>net.sf.persism.categories.TestContainerDB</excludedGroups>
193                        </configuration>
194                    </plugin>
195                </plugins>
196            </build>
197        </profile>
198
199        <profile>
200            <id>release</id>
201            <build>
202                <plugins>
203                    <plugin>
204                        <groupId>org.apache.maven.plugins</groupId>
205                        <artifactId>maven-jar-plugin</artifactId>
206                        <version>3.2.0</version>
207                        <configuration>
208                            <archive>
209                                <manifestEntries>
210                                    <Automatic-Module-Name>sproket.github.io.persism</Automatic-Module-Name>
211                                </manifestEntries>
212                            </archive>
213                        </configuration>
214                    </plugin>
215                    <plugin>
216                        <groupId>org.apache.maven.plugins</groupId>
217                        <artifactId>maven-source-plugin</artifactId>
218                        <version>3.2.1</version>
219                        <executions>
220                            <execution>
221                                <id>attach-sources</id>
222                                <goals>
223                                    <goal>jar-no-fork</goal>
224                                </goals>
225                            </execution>
226                        </executions>
227                    </plugin>
228                    <plugin>
229                        <groupId>org.apache.maven.plugins</groupId>
230                        <artifactId>maven-javadoc-plugin</artifactId>
231                        <version>3.2.0</version>
232                        <executions>
233                            <execution>
234                                <id>attach-javadocs</id>
235                                <goals>
236                                    <goal>jar</goal>
237                                </goals>
238                                <configuration>
239                                    <release>17</release>
240                                </configuration>
241                            </execution>
242                        </executions>
243                    </plugin>
244                    <plugin>
245                        <groupId>org.apache.maven.plugins</groupId>
246                        <artifactId>maven-gpg-plugin</artifactId>
247                        <version>3.0.1</version>
248                        <executions>
249                            <execution>
250                                <id>sign-artifacts</id>
251                                <phase>verify</phase>
252                                <goals>
253                                    <goal>sign</goal>
254                                </goals>
255                            </execution>
256                        </executions>
257                    </plugin>
258                </plugins>
259            </build>
260        </profile>
261    </profiles>
262
263
264    <dependencies>
265        <dependency>
266            <groupId>junit</groupId>
267            <artifactId>junit</artifactId>
268            <version>4.13.2</version>
269            <scope>test</scope>
270        </dependency>
271        <dependency>
272            <groupId>com.carrotsearch</groupId>
273            <artifactId>junit-benchmarks</artifactId>
274            <version>0.7.2</version>
275            <scope>test</scope>
276        </dependency>
277        <dependency>
278            <groupId>org.testcontainers</groupId>
279            <artifactId>testcontainers</artifactId>
280            <version>1.15.2</version>
281            <scope>test</scope>
282        </dependency>
283        <dependency>
284            <groupId>ch.qos.logback</groupId>
285            <artifactId>logback-classic</artifactId>
286            <version>1.2.7</version>
287            <scope>provided</scope>
288        </dependency>
289
290        <dependency>
291            <groupId>log4j</groupId>
292            <artifactId>log4j</artifactId>
293            <version>1.2.17</version>
294            <scope>provided</scope>
295        </dependency>
296
297        <dependency>
298            <groupId>org.apache.logging.log4j</groupId>
299            <artifactId>log4j-api</artifactId>
300            <version>2.14.1</version>
301            <scope>provided</scope>
302        </dependency>
303        <dependency>
304            <groupId>org.apache.logging.log4j</groupId>
305            <artifactId>log4j-core</artifactId>
306            <version>2.14.1</version>
307            <scope>provided</scope>
308        </dependency>
309
310
311        <dependency>
312            <groupId>commons-dbcp</groupId>
313            <artifactId>commons-dbcp</artifactId>
314            <version>1.4</version>
315            <scope>test</scope>
316        </dependency>
317
318        <dependency>
319            <groupId>org.firebirdsql.jdbc</groupId>
320            <artifactId>jaybird</artifactId>
321            <version>4.0.2.java8</version>
322            <scope>test</scope>
323        </dependency>
324
325        <dependency>
326            <groupId>org.firebirdsql</groupId>
327            <artifactId>firebird-testcontainers-java</artifactId>
328            <version>1.1.0</version>
329            <scope>test</scope>
330        </dependency>
331
332        <dependency>
333            <groupId>com.h2database</groupId>
334            <artifactId>h2</artifactId>
335            <version>1.4.200</version>
336            <scope>test</scope>
337        </dependency>
338
339        <dependency>
340            <!-- using older version as 2.5.1 collides with ucanaccess -->
341            <groupId>org.hsqldb</groupId>
342            <artifactId>hsqldb</artifactId>
343            <version>2.5.1</version>
344            <scope>test</scope>
345            <!--            <classifier>debug</classifier>-->
346        </dependency>
347
348        <dependency>
349            <groupId>org.apache.derby</groupId>
350            <artifactId>derby</artifactId>
351            <version>10.8.2.2</version>
352            <scope>test</scope>
353        </dependency>
354
355        <!-- OR -Djdk.tls.client.protocols=TLSv1 -->
356        <dependency>
357            <groupId>com.microsoft.sqlserver</groupId>
358            <artifactId>mssql-jdbc</artifactId>
359            <version>8.4.1.jre8</version>
360            <scope>test</scope>
361        </dependency>
362
363        <dependency>
364            <groupId>org.testcontainers</groupId>
365            <artifactId>mssqlserver</artifactId>
366            <version>1.15.2</version>
367            <scope>test</scope>
368        </dependency>
369
370        <dependency>
371            <groupId>mysql</groupId>
372            <artifactId>mysql-connector-java</artifactId>
373            <version>8.0.23</version>
374            <scope>test</scope>
375        </dependency>
376
377        <dependency>
378            <groupId>org.testcontainers</groupId>
379            <artifactId>mysql</artifactId>
380            <version>1.15.2</version>
381            <scope>test</scope>
382        </dependency>
383
384        <dependency>
385            <groupId>net.sourceforge.jtds</groupId>
386            <artifactId>jtds</artifactId>
387            <version>1.3.1</version>
388            <scope>test</scope>
389        </dependency>
390
391        <dependency>
392            <groupId>com.oracle.database.jdbc</groupId>
393            <artifactId>ojdbc8</artifactId>
394            <version>21.3.0.0</version>
395            <scope>test</scope>
396        </dependency>
397
398        <!--        <dependency>-->
399        <!--            <groupId>com.oracle</groupId>-->
400        <!--            <artifactId>ojdbc6</artifactId>-->
401        <!--            <version>11.2.0.4</version>-->
402        <!--            <scope>test</scope>-->
403        <!--        </dependency>-->
404
405        <dependency>
406            <groupId>org.postgresql</groupId>
407            <artifactId>postgresql</artifactId>
408            <version>9.2-1004-jdbc41</version>
409            <scope>test</scope>
410        </dependency>
411        <dependency>
412            <groupId>org.testcontainers</groupId>
413            <artifactId>postgresql</artifactId>
414            <version>1.15.2</version>
415            <scope>test</scope>
416        </dependency>
417
418        <dependency>
419            <groupId>org.xerial</groupId>
420            <artifactId>sqlite-jdbc</artifactId>
421            <version>3.34.0</version>
422            <scope>test</scope>
423        </dependency>
424
425        <dependency>
426            <groupId>net.sf.ucanaccess</groupId>
427            <artifactId>ucanaccess</artifactId>
428            <version>5.0.1</version>
429            <scope>test</scope>
430        </dependency>
431
432        <dependency>
433            <groupId>com.ibm.informix</groupId>
434            <artifactId>informix-jdbc-complete</artifactId>
435            <version>4.50.4.1</version>
436            <scope>test</scope>
437        </dependency>
438
439        <dependency>
440            <groupId>com.toddfast.typeconverter</groupId>
441            <artifactId>typeconverter</artifactId>
442            <version>1.0</version>
443            <scope>test</scope>
444        </dependency>
445
446        <dependency>
447            <groupId>org.reflections</groupId>
448            <artifactId>reflections</artifactId>
449            <version>0.9.11</version>
450            <scope>test</scope>
451        </dependency>
452
453        <!-- https://mvnrepository.com/artifact/javax.persistence/javax.persistence-api -->
454        <dependency>
455            <groupId>javax.persistence</groupId>
456            <artifactId>javax.persistence-api</artifactId>
457            <version>2.2</version>
458            <scope>test</scope>
459        </dependency>
460
461
462        <!-- https://mvnrepository.com/artifact/org.codehaus.mojo/cobertura-maven-plugin -->
463        <!-- DOES NOT WORK with JAVA 8 + -->
464        <!--        <dependency>-->
465        <!--            <groupId>org.codehaus.mojo</groupId>-->
466        <!--            <artifactId>cobertura-maven-plugin</artifactId>-->
467        <!--            <version>2.7</version>-->
468        <!--            <scope>test</scope>-->
469        <!--            <exclusions>-->
470        <!--                <exclusion>-->
471        <!--                    <groupId>com.sun</groupId>-->
472        <!--                    <artifactId>tools</artifactId>-->
473        <!--                </exclusion>-->
474        <!--            </exclusions>-->
475        <!--        </dependency>-->
476
477
478    </dependencies>
479
480</project>
481export MAVEN_OPTS="--add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.lang.reflect=ALL-UNNAMED --add-opens=java.base/java.text=ALL-UNNAMED --add-opens=java.desktop/java.awt.font=ALL-UNNAMED"
482mvn deploy
483<plugin>
484  <groupId>org.sonatype.plugins</groupId>
485  <artifactId>nexus-staging-maven-plugin</artifactId>
486  <version>1.6.8</version>
487  <extensions>true</extensions>
488  <configuration>
489    <serverId>ossrh</serverId>
490    <nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>
491    <autoReleaseAfterClose>true</autoReleaseAfterClose>
492  </configuration>
493  <dependencies>
494    <dependency>
495      <groupId>com.thoughtworks.xstream</groupId>
496      <artifactId>xstream</artifactId>
497      <version>1.4.15</version> <!-- apparently this needs to be exactly this version -->
498    </dependency>
499  </dependencies>
500</plugin>
501

Source https://stackoverflow.com/questions/70153962

QUESTION

Having difficulty to get SSH with a Yubikey working with macOS monterey

Asked 2022-Feb-06 at 01:52

I'm following the FIDO U2F instructions on https://developers.yubico.com/SSH/ on macOS Monterey with openSSH 8.6 and run into the following issue:

1~ ssh-keygen -t ecdsa-sk -f ~/.ssh/id_ecdsa_sk
2Generating public/private ecdsa-sk key pair.
3You may need to touch your authenticator to authorize key generation.
4Key enrollment failed: unknown or unsupported key type
5

Anyone know what I'm missing here?

ANSWER

Answered 2022-Feb-06 at 01:52

Use Homebrew's OpenSSH

1~ ssh-keygen -t ecdsa-sk -f ~/.ssh/id_ecdsa_sk
2Generating public/private ecdsa-sk key pair.
3You may need to touch your authenticator to authorize key generation.
4Key enrollment failed: unknown or unsupported key type
5$ brew install openssh
6

Once installed, you have to override the one in your PATH by putting the openssh folder at the beginning of your PATH in your rc file like this

1~ ssh-keygen -t ecdsa-sk -f ~/.ssh/id_ecdsa_sk
2Generating public/private ecdsa-sk key pair.
3You may need to touch your authenticator to authorize key generation.
4Key enrollment failed: unknown or unsupported key type
5$ brew install openssh
6$ export PATH=$(brew --prefix openssh)/bin:$PATH
7

Once you've done that and you've sourced your rc file you should be able to generate your key

Tested on macOS Monterey and OpenSSH_8.8p1, OpenSSL 1.1.1l

Source https://stackoverflow.com/questions/68573454

QUESTION

Git Bash - ssh connection issue

Asked 2022-Jan-25 at 07:13

Environment:

1OS: Windows-10
2Git Bash Version: 2.33.1
3OpenSSH_8.8p1, OpenSSL 1.1.1l  24 Aug 2021
4$ which ssh
5 /usr/bin/ssh
6

SSH connection to Gerrit Error:-

1OS: Windows-10
2Git Bash Version: 2.33.1
3OpenSSH_8.8p1, OpenSSL 1.1.1l  24 Aug 2021
4$ which ssh
5 /usr/bin/ssh
6$ ssh -p 29418 user@gerrit.example.com
7
8Unable to negotiate with gerrit.example.com port 29418: no matching host key type found. Their offer: ssh-rsa,ssh-dss
9

In Git-2.32.0 ssh connection to gerrit works. Is there any restriction enabled in latest git version?

ANSWER

Answered 2022-Jan-25 at 07:13

Git For Windows 2.33.1 comes with OpenSSH 8.8 which disables RSA signatures using the SHA-1 hash algorithm by default.

For most users, this change should be invisible and there is no need to replace ssh-rsa keys.
OpenSSH has supported RFC8332 RSA/SHA-256/512 signatures since release 7.2 and existing ssh-rsa keys will automatically use the stronger algorithm where possible.

Incompatibility is more likely when connecting to older SSH implementations that have not been upgraded or have not closely tracked improvements in the SSH protocol.

For these cases, it may be necessary to selectively re-enable RSA/SHA1 to allow connection and/or user authentication via the HostkeyAlgorithms and PubkeyAcceptedAlgorithms options.
For example, the following stanza in ~/.ssh/config will enable RSA/SHA1 for host and user authentication for a single destination host:

1OS: Windows-10
2Git Bash Version: 2.33.1
3OpenSSH_8.8p1, OpenSSL 1.1.1l  24 Aug 2021
4$ which ssh
5 /usr/bin/ssh
6$ ssh -p 29418 user@gerrit.example.com
7
8Unable to negotiate with gerrit.example.com port 29418: no matching host key type found. Their offer: ssh-rsa,ssh-dss
9Host old-host
10   HostkeyAlgorithms +ssh-rsa
11   PubkeyAcceptedAlgorithms +ssh-rsa
12

Note: Git for Windows 2.34.0 does not bring any new element/evolution on the SSH front.

Stefan Prodan (DX @weaveworks, creator of http://flagger.app and maintainer of http://fluxcd.io) mentions in this tweet:

GitHub has changed its host keys 💥

If you're using @fluxcd please see here how to update the known hosts keys on your Kubernetes clusters.

Stefan refers to fluxcd/flux2 discussion 2097:

GitHub has changed its SSH host keys from RSA to ECDSA!

To fix the key mismatch error, you have two options:

  1. Update the known_hosts in the flux-system secret with the ecdsa-sha2-nistp25 value:

github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg=

  1. Or rotate the SSH keys with flux boostrap like so:
  • delete the deploy key secret from your cluster kubectl -n flux-system delete secret flux-system
  • rerun flux bootstrap github with the same arguments as before

Flux will generate the secret with ecdsa-sha2 SSH key and Host key

More details on fluxcd/source-controller#490

Note: since Jan. 2022, the GitHub SSH Host key are available through a metadata endpoint api.github.com/meta.
That includes the github.com ecdsa-sha2-nistp256 value.

Source https://stackoverflow.com/questions/69656858

QUESTION

Paramiko authentication fails with "Agreed upon 'rsa-sha2-512' pubkey algorithm" (and "unsupported public key algorithm: rsa-sha2-512" in sshd log)

Asked 2022-Jan-13 at 14:49

I have a Python 3 application running on CentOS Linux 7.7 executing SSH commands against remote hosts. It works properly but today I encountered an odd error executing a command against a "new" remote server (server based on RHEL 6.10):

encountered RSA key, expected OPENSSH key

Executing the same command from the system shell (using the same private key of course) works perfectly fine.

On the remote server I discovered in /var/log/secure that when SSH connection and commands are issued from the source server with Python (using Paramiko) sshd complains about unsupported public key algorithm:

userauth_pubkey: unsupported public key algorithm: rsa-sha2-512

Note that target servers with higher RHEL/CentOS like 7.x don't encounter the issue.

It seems like Paramiko picks/offers the wrong algorithm when negotiating with the remote server when on the contrary SSH shell performs the negotiation properly in the context of this "old" target server. How to get the Python program to work as expected?

Python code

1import paramiko
2import logging
3
4ssh_user = "my_user"
5ssh_keypath = "/path/to/.ssh/my_key.rsa"
6server = "server.tld"
7
8ssh_client = paramiko.SSHClient()
9ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) 
10ssh_client.connect(server,port=22,username=ssh_user, key_filename=ssh_keypath)  
11
12# SSH command
13cmd = "echo TEST : $(hostname)"
14
15stdin, stdout, stderr = ssh_client.exec_command(cmd, get_pty=True)
16exit_code = stdout.channel.recv_exit_status() 
17
18cmd_raw_output = stdout.readlines()
19out = "".join(cmd_raw_output)
20out_msg = out.strip()  
21
22# Ouput (logger code omitted)
23logger.debug(out_msg)
24
25if ssh_client is not None:
26    ssh_client.close()
27

Shell command equivalent

1import paramiko
2import logging
3
4ssh_user = "my_user"
5ssh_keypath = "/path/to/.ssh/my_key.rsa"
6server = "server.tld"
7
8ssh_client = paramiko.SSHClient()
9ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) 
10ssh_client.connect(server,port=22,username=ssh_user, key_filename=ssh_keypath)  
11
12# SSH command
13cmd = "echo TEST : $(hostname)"
14
15stdin, stdout, stderr = ssh_client.exec_command(cmd, get_pty=True)
16exit_code = stdout.channel.recv_exit_status() 
17
18cmd_raw_output = stdout.readlines()
19out = "".join(cmd_raw_output)
20out_msg = out.strip()  
21
22# Ouput (logger code omitted)
23logger.debug(out_msg)
24
25if ssh_client is not None:
26    ssh_client.close()
27ssh -i /path/to/.ssh/my_key.rsa my_user@server.tld "echo TEST : $(hostname)"   
28

Paramiko logs (DEBUG)

1import paramiko
2import logging
3
4ssh_user = "my_user"
5ssh_keypath = "/path/to/.ssh/my_key.rsa"
6server = "server.tld"
7
8ssh_client = paramiko.SSHClient()
9ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) 
10ssh_client.connect(server,port=22,username=ssh_user, key_filename=ssh_keypath)  
11
12# SSH command
13cmd = "echo TEST : $(hostname)"
14
15stdin, stdout, stderr = ssh_client.exec_command(cmd, get_pty=True)
16exit_code = stdout.channel.recv_exit_status() 
17
18cmd_raw_output = stdout.readlines()
19out = "".join(cmd_raw_output)
20out_msg = out.strip()  
21
22# Ouput (logger code omitted)
23logger.debug(out_msg)
24
25if ssh_client is not None:
26    ssh_client.close()
27ssh -i /path/to/.ssh/my_key.rsa my_user@server.tld "echo TEST : $(hostname)"   
28DEB [YYYYmmdd-HH:MM:30.475] thr=1   paramiko.transport: starting thread (client mode): 0xf6054ac8
29DEB [YYYYmmdd-HH:MM:30.476] thr=1   paramiko.transport: Local version/idstring: SSH-2.0-paramiko_2.9.1
30DEB [YYYYmmdd-HH:MM:30.490] thr=1   paramiko.transport: Remote version/idstring: SSH-2.0-OpenSSH_5.3
31INF [YYYYmmdd-HH:MM:30.490] thr=1   paramiko.transport: Connected (version 2.0, client OpenSSH_5.3)
32DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: === Key exchange possibilities ===
33DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: kex algos: diffie-hellman-group-exchange-sha256, diffie-hellman-group-exchange-sha1, diffie-hellman-group14-sha1, diffie-hellman-group1-sha1
34DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: server key: ssh-rsa, ssh-dss
35DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: client encrypt: aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se
36DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: server encrypt: aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se
37DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: client mac: hmac-md5, hmac-sha1, umac-64@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-ripemd160, hmac-ripemd160@openssh.com, hmac-sha1-96, hmac-md5-96
38DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: server mac: hmac-md5, hmac-sha1, umac-64@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-ripemd160, hmac-ripemd160@openssh.com, hmac-sha1-96, hmac-md5-96
39DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: client compress: none, zlib@openssh.com
40DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: server compress: none, zlib@openssh.com
41DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: client lang: <none>
42DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: server lang: <none>.
43DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: kex follows: False
44DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: === Key exchange agreements ===
45DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: Kex: diffie-hellman-group-exchange-sha256
46DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: HostKey: ssh-rsa
47DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: Cipher: aes128-ctr
48DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: MAC: hmac-sha2-256
49DEB [YYYYmmdd-HH:MM:30.501] thr=1   paramiko.transport: Compression: none
50DEB [YYYYmmdd-HH:MM:30.501] thr=1   paramiko.transport: === End of kex handshake ===
51DEB [YYYYmmdd-HH:MM:30.548] thr=1   paramiko.transport: Got server p (2048 bits)
52DEB [YYYYmmdd-HH:MM:30.666] thr=1   paramiko.transport: kex engine KexGexSHA256 specified hash_algo <built-in function openssl_sha256>
53DEB [YYYYmmdd-HH:MM:30.667] thr=1   paramiko.transport: Switch to new keys ...
54DEB [YYYYmmdd-HH:MM:30.669] thr=2   paramiko.transport: Adding ssh-rsa host key for server.tld: b'caea********************.'
55DEB [YYYYmmdd-HH:MM:30.674] thr=2   paramiko.transport: Trying discovered key b'b49c********************' in /path/to/.ssh/my_key.rsa
56DEB [YYYYmmdd-HH:MM:30.722] thr=1   paramiko.transport: userauth is OK
57DEB [YYYYmmdd-HH:MM:30.722] thr=1   paramiko.transport: Finalizing pubkey algorithm for key of type 'ssh-rsa'
58DEB [YYYYmmdd-HH:MM:30.722] thr=1   paramiko.transport: Our pubkey algorithm list: ['rsa-sha2-512', 'rsa-sha2-256', 'ssh-rsa']
59DEB [YYYYmmdd-HH:MM:30.723] thr=1   paramiko.transport: Server-side algorithm list: ['']
60DEB [YYYYmmdd-HH:MM:30.723] thr=1   paramiko.transport: Agreed upon 'rsa-sha2-512' pubkey algorithm
61INF [YYYYmmdd-HH:MM:30.735] thr=1   paramiko.transport: Authentication (publickey) failed.
62DEB [YYYYmmdd-HH:MM:30.739] thr=2   paramiko.transport: Trying SSH agent key b'9d37********************'
63DEB [YYYYmmdd-HH:MM:30.747] thr=1   paramiko.transport: userauth is OK.
64DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Finalizing pubkey algorithm for key of type 'ssh-rsa'
65DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Our pubkey algorithm list: ['rsa-sha2-512', 'rsa-sha2-256', 'ssh-rsa']
66DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Server-side algorithm list: ['']
67DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Agreed upon 'rsa-sha2-512' pubkey algorithm
68INF [YYYYmmdd-HH:MM:30.868] thr=1   paramiko.transport: Authentication (publickey) failed...
69

Shell command logs

1import paramiko
2import logging
3
4ssh_user = "my_user"
5ssh_keypath = "/path/to/.ssh/my_key.rsa"
6server = "server.tld"
7
8ssh_client = paramiko.SSHClient()
9ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) 
10ssh_client.connect(server,port=22,username=ssh_user, key_filename=ssh_keypath)  
11
12# SSH command
13cmd = "echo TEST : $(hostname)"
14
15stdin, stdout, stderr = ssh_client.exec_command(cmd, get_pty=True)
16exit_code = stdout.channel.recv_exit_status() 
17
18cmd_raw_output = stdout.readlines()
19out = "".join(cmd_raw_output)
20out_msg = out.strip()  
21
22# Ouput (logger code omitted)
23logger.debug(out_msg)
24
25if ssh_client is not None:
26    ssh_client.close()
27ssh -i /path/to/.ssh/my_key.rsa my_user@server.tld "echo TEST : $(hostname)"   
28DEB [YYYYmmdd-HH:MM:30.475] thr=1   paramiko.transport: starting thread (client mode): 0xf6054ac8
29DEB [YYYYmmdd-HH:MM:30.476] thr=1   paramiko.transport: Local version/idstring: SSH-2.0-paramiko_2.9.1
30DEB [YYYYmmdd-HH:MM:30.490] thr=1   paramiko.transport: Remote version/idstring: SSH-2.0-OpenSSH_5.3
31INF [YYYYmmdd-HH:MM:30.490] thr=1   paramiko.transport: Connected (version 2.0, client OpenSSH_5.3)
32DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: === Key exchange possibilities ===
33DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: kex algos: diffie-hellman-group-exchange-sha256, diffie-hellman-group-exchange-sha1, diffie-hellman-group14-sha1, diffie-hellman-group1-sha1
34DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: server key: ssh-rsa, ssh-dss
35DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: client encrypt: aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se
36DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: server encrypt: aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se
37DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: client mac: hmac-md5, hmac-sha1, umac-64@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-ripemd160, hmac-ripemd160@openssh.com, hmac-sha1-96, hmac-md5-96
38DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: server mac: hmac-md5, hmac-sha1, umac-64@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-ripemd160, hmac-ripemd160@openssh.com, hmac-sha1-96, hmac-md5-96
39DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: client compress: none, zlib@openssh.com
40DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: server compress: none, zlib@openssh.com
41DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: client lang: <none>
42DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: server lang: <none>.
43DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: kex follows: False
44DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: === Key exchange agreements ===
45DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: Kex: diffie-hellman-group-exchange-sha256
46DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: HostKey: ssh-rsa
47DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: Cipher: aes128-ctr
48DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: MAC: hmac-sha2-256
49DEB [YYYYmmdd-HH:MM:30.501] thr=1   paramiko.transport: Compression: none
50DEB [YYYYmmdd-HH:MM:30.501] thr=1   paramiko.transport: === End of kex handshake ===
51DEB [YYYYmmdd-HH:MM:30.548] thr=1   paramiko.transport: Got server p (2048 bits)
52DEB [YYYYmmdd-HH:MM:30.666] thr=1   paramiko.transport: kex engine KexGexSHA256 specified hash_algo <built-in function openssl_sha256>
53DEB [YYYYmmdd-HH:MM:30.667] thr=1   paramiko.transport: Switch to new keys ...
54DEB [YYYYmmdd-HH:MM:30.669] thr=2   paramiko.transport: Adding ssh-rsa host key for server.tld: b'caea********************.'
55DEB [YYYYmmdd-HH:MM:30.674] thr=2   paramiko.transport: Trying discovered key b'b49c********************' in /path/to/.ssh/my_key.rsa
56DEB [YYYYmmdd-HH:MM:30.722] thr=1   paramiko.transport: userauth is OK
57DEB [YYYYmmdd-HH:MM:30.722] thr=1   paramiko.transport: Finalizing pubkey algorithm for key of type 'ssh-rsa'
58DEB [YYYYmmdd-HH:MM:30.722] thr=1   paramiko.transport: Our pubkey algorithm list: ['rsa-sha2-512', 'rsa-sha2-256', 'ssh-rsa']
59DEB [YYYYmmdd-HH:MM:30.723] thr=1   paramiko.transport: Server-side algorithm list: ['']
60DEB [YYYYmmdd-HH:MM:30.723] thr=1   paramiko.transport: Agreed upon 'rsa-sha2-512' pubkey algorithm
61INF [YYYYmmdd-HH:MM:30.735] thr=1   paramiko.transport: Authentication (publickey) failed.
62DEB [YYYYmmdd-HH:MM:30.739] thr=2   paramiko.transport: Trying SSH agent key b'9d37********************'
63DEB [YYYYmmdd-HH:MM:30.747] thr=1   paramiko.transport: userauth is OK.
64DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Finalizing pubkey algorithm for key of type 'ssh-rsa'
65DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Our pubkey algorithm list: ['rsa-sha2-512', 'rsa-sha2-256', 'ssh-rsa']
66DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Server-side algorithm list: ['']
67DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Agreed upon 'rsa-sha2-512' pubkey algorithm
68INF [YYYYmmdd-HH:MM:30.868] thr=1   paramiko.transport: Authentication (publickey) failed...
69OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017
70debug1: Reading configuration data /etc/ssh/ssh_config
71debug1: /etc/ssh/ssh_config line 58: Applying options for *
72debug2: resolving "server.tld" port 22
73debug2: ssh_connect_direct: needpriv 0
74debug1: Connecting to server.tld [server.tld] port 22.
75debug1: Connection established.
76debug1: permanently_set_uid: 0/0
77debug1: key_load_public: No such file or directory
78debug1: identity file /path/to/.ssh/my_key.rsa type -1
79debug1: key_load_public: No such file or directory
80debug1: identity file /path/to/.ssh/my_key.rsa-cert type -1
81debug1: Enabling compatibility mode for protocol 2.0
82debug1: Local version string SSH-2.0-OpenSSH_7.4
83debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
84debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
85debug2: fd 3 setting O_NONBLOCK
86debug1: Authenticating to server.tld:22 as 'my_user'
87debug3: hostkeys_foreach: reading file "/path/to/.ssh/known_hosts"
88debug3: record_hostkey: found key type RSA in file /path/to/.ssh/known_hosts:82
89debug3: load_hostkeys: loaded 1 keys from server.tld
90debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
91debug3: send packet: type 20
92debug1: SSH2_MSG_KEXINIT sent
93debug3: receive packet: type 20
94debug1: SSH2_MSG_KEXINIT received
95debug2: local client KEXINIT proposal
96debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c
97debug2: host key algorithms: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-dss
98debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
99debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
100debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
101debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
102debug2: compression ctos: none,zlib@openssh.com,zlib
103debug2: compression stoc: none,zlib@openssh.com,zlib
104debug2: languages ctos:
105debug2: languages stoc:
106debug2: first_kex_follows 0
107debug2: reserved 0
108debug2: peer server KEXINIT proposal
109debug2: KEX algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
110debug2: host key algorithms: ssh-rsa,ssh-dss
111debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
112debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
113debug2: MACs ctos: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
114debug2: MACs stoc: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
115debug2: compression ctos: none,zlib@openssh.com
116debug2: compression stoc: none,zlib@openssh.com
117debug2: languages ctos:
118debug2: languages stoc:
119debug2: first_kex_follows 0
120debug2: reserved 0
121debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
122debug1: kex: host key algorithm: ssh-rsa
123debug1: kex: server->client cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
124debug1: kex: client->server cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
125debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
126debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
127debug3: send packet: type 34
128debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
129debug3: receive packet: type 31
130debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
131debug2: bits set: 1502/3072
132debug3: send packet: type 32
133debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
134debug3: receive packet: type 33
135debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
136debug1: Server host key: ssh-.:**************************************************
137debug3: hostkeys_foreach: reading file "/path/to/.ssh/known_hosts"
138debug3: record_hostkey: found key type RSA in file /path/to/.ssh/known_hosts:8..2
139debug3: load_hostkeys: loaded 1 keys from server.tld
140debug1: Host 'server.tld' is known and matches the RSA host key.
141debug1: Found key in /path/to/.ssh/known_hosts:82
142debug2: bits set: 1562/3072
143debug3: send packet: type 21
144debug2: set_newkeys: mode 1
145debug1: rekey after 4294967296 blocks
146debug1: SSH2_MSG_NEWKEYS sent
147debug1: expecting SSH2_MSG_NEWKEYS
148debug3: receive packet: type 21
149debug1: SSH2_MSG_NEWKEYS received
150debug2: set_newkeys: mode 0
151debug1: rekey after 4294967296 blocks
152debug2: key: <foo> (0x55bcf6d1d320), agent
153debug2: key: /path/to/.ssh/my_key.rsa ((nil)), explicit
154debug3: send packet: type 5
155debug3: receive packet: type 6
156debug2: service_accept: ssh-userauth
157debug1: SSH2_MSG_SERVICE_ACCEPT received
158debug3: send packet: type 50
159debug3: receive packet: type 51
160debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
161debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password
162debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
163debug3: authmethod_lookup gssapi-keyex
164debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive,password
165debug3: authmethod_is_enabled gssapi-keyex
166debug1: Next authentication method: gssapi-keyex
167debug1: No valid Key exchange context
168debug2: we did not send a packet, disable method
169debug3: authmethod_lookup gssapi-with-mic
170debug3: remaining preferred: publickey,keyboard-interactive,password
171debug3: authmethod_is_enabled gssapi-with-mic
172debug1: Next authentication method: gssapi-with-mic
173debug1: Unspecified GSS failure.  Minor code may provide more information
174No Kerberos credentials available (default cache: KEYRING:persistent:0)
175
176debug1: Unspecified GSS failure.  Minor code may provide more information
177No Kerberos credentials available (default cache: KEYRING:persistent:0)
178
179debug2: we did not send a packet, disable method
180debug3: authmethod_lookup publickey
181debug3: remaining preferred: keyboard-interactive,password
182debug3: authmethod_is_enabled publickey
183debug1: Next authentication method: publickey
184debug1: Offering RSA public key: <foo>
185debug3: send_pubkey_test
186debug3: send packet: type 50
187debug2: we sent a publickey packet, wait for reply
188debug3: receive packet: type 51
189debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
190debug1: Trying private key: /path/to/.ssh/my_key.rsa
191debug3: sign_and_send_pubkey: RSA SHA256:**********************************
192debug3: send packet: type 50
193debug2: we sent a publickey packet, wait for reply
194debug3: receive packet: type 52
195debug1: Authentication succeeded (publickey).
196Authenticated to server.tld ([server.tld]:22).
197debug1: channel 0: new [client-session]
198debug3: ssh_session2_open: channel_new: 0
199debug2: channel 0: send open
200debug3: send packet: type 90
201debug1: Requesting no-more-sessions@openssh.com
202debug3: send packet: type 80
203debug1: Entering interactive session.
204debug1: pledge: network
205debug3: receive packet: type 91
206debug2: callback start
207debug2: fd 3 setting TCP_NODELAY
208debug3: ssh_packet_set_tos: set IP_TOS 0x08
209debug2: client_session2_setup: id 0
210debug1: Sending environment.
211debug3: Ignored env XDG_SESSION_ID
212debug3: Ignored env HOSTNAME
213debug3: Ignored env SELINUX_ROLE_REQUESTED
214debug3: Ignored env TERM
215debug3: Ignored env SHELL
216debug3: Ignored env HISTSIZE
217debug3: Ignored env SSH_CLIENT
218debug3: Ignored env SELINUX_USE_CURRENT_RANGE
219debug3: Ignored env SSH_TTY
220debug3: Ignored env CDPATH
221debug3: Ignored env USER
222debug3: Ignored env LS_COLORS
223debug3: Ignored env SSH_AUTH_SOCK
224debug3: Ignored env MAIL
225debug3: Ignored env PATH
226debug3: Ignored env PWD
227debug1: Sending env LANG = xx_XX.UTF-8
228debug2: channel 0: request env confirm 0
229debug3: send packet: type 98
230debug3: Ignored env SELINUX_LEVEL_REQUESTED
231debug3: Ignored env HISTCONTROL
232debug3: Ignored env SHLVL
233debug3: Ignored env HOME
234debug3: Ignored env LOGNAME
235debug3: Ignored env SSH_CONNECTION
236debug3: Ignored env LESSOPEN
237debug3: Ignored env XDG_RUNTIME_DIR
238debug3: Ignored env _
239debug1: Sending command: echo TEST : $(hostname)
240debug2: channel 0: request exec confirm 1
241debug3: send packet: type 98
242debug2: callback done
243debug2: channel 0: open confirm rwindow 0 rmax 32768
244debug2: channel 0: rcvd adjust 2097152
245debug3: receive packet: type 99
246debug2: channel_input_status_confirm: type 99 id 0
247debug2: exec request accepted on channel 0
248TEST : server.tld
249debug3: receive packet: type 96
250debug2: channel 0: rcvd eof
251debug2: channel 0: output open -> drain
252debug2: channel 0: obuf empty
253debug2: channel 0: close_write
254debug2: channel 0: output drain -> closed
255debug3: receive packet: type 98
256debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
257debug3: receive packet: type 98
258debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
259debug2: channel 0: rcvd eow
260debug2: channel 0: close_read
261debug2: channel 0: input open -> closed
262debug3: receive packet: type 97
263debug2: channel 0: rcvd close
264debug3: channel 0: will not send data after close
265debug2: channel 0: almost dead
266debug2: channel 0: gc: notify user
267debug2: channel 0: gc: user detached
268debug2: channel 0: send close
269debug3: send packet: type 97
270debug2: channel 0: is dead
271debug2: channel 0: garbage collecting
272debug1: channel 0: free: client-session, nchannels 1
273debug3: channel 0: status: The following connections are open:
274  #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)
275
276debug3: send packet: type 1
277Transferred: sent 3264, received 2656 bytes, in 0.0 seconds.
278Bytes per second: sent 92349.8, received 75147.4
279debug1: Exit status 0
280.
281

ANSWER

Answered 2022-Jan-13 at 14:49

Imo, it's a bug in Paramiko. It does not handle correctly absence of server-sig-algs extension on the server side.

Try disabling rsa-sha2-* on Paramiko side altogether:

1import paramiko
2import logging
3
4ssh_user = "my_user"
5ssh_keypath = "/path/to/.ssh/my_key.rsa"
6server = "server.tld"
7
8ssh_client = paramiko.SSHClient()
9ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) 
10ssh_client.connect(server,port=22,username=ssh_user, key_filename=ssh_keypath)  
11
12# SSH command
13cmd = "echo TEST : $(hostname)"
14
15stdin, stdout, stderr = ssh_client.exec_command(cmd, get_pty=True)
16exit_code = stdout.channel.recv_exit_status() 
17
18cmd_raw_output = stdout.readlines()
19out = "".join(cmd_raw_output)
20out_msg = out.strip()  
21
22# Ouput (logger code omitted)
23logger.debug(out_msg)
24
25if ssh_client is not None:
26    ssh_client.close()
27ssh -i /path/to/.ssh/my_key.rsa my_user@server.tld "echo TEST : $(hostname)"   
28DEB [YYYYmmdd-HH:MM:30.475] thr=1   paramiko.transport: starting thread (client mode): 0xf6054ac8
29DEB [YYYYmmdd-HH:MM:30.476] thr=1   paramiko.transport: Local version/idstring: SSH-2.0-paramiko_2.9.1
30DEB [YYYYmmdd-HH:MM:30.490] thr=1   paramiko.transport: Remote version/idstring: SSH-2.0-OpenSSH_5.3
31INF [YYYYmmdd-HH:MM:30.490] thr=1   paramiko.transport: Connected (version 2.0, client OpenSSH_5.3)
32DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: === Key exchange possibilities ===
33DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: kex algos: diffie-hellman-group-exchange-sha256, diffie-hellman-group-exchange-sha1, diffie-hellman-group14-sha1, diffie-hellman-group1-sha1
34DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: server key: ssh-rsa, ssh-dss
35DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: client encrypt: aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se
36DEB [YYYYmmdd-HH:MM:30.498] thr=1   paramiko.transport: server encrypt: aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se
37DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: client mac: hmac-md5, hmac-sha1, umac-64@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-ripemd160, hmac-ripemd160@openssh.com, hmac-sha1-96, hmac-md5-96
38DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: server mac: hmac-md5, hmac-sha1, umac-64@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-ripemd160, hmac-ripemd160@openssh.com, hmac-sha1-96, hmac-md5-96
39DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: client compress: none, zlib@openssh.com
40DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: server compress: none, zlib@openssh.com
41DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: client lang: <none>
42DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: server lang: <none>.
43DEB [YYYYmmdd-HH:MM:30.499] thr=1   paramiko.transport: kex follows: False
44DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: === Key exchange agreements ===
45DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: Kex: diffie-hellman-group-exchange-sha256
46DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: HostKey: ssh-rsa
47DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: Cipher: aes128-ctr
48DEB [YYYYmmdd-HH:MM:30.500] thr=1   paramiko.transport: MAC: hmac-sha2-256
49DEB [YYYYmmdd-HH:MM:30.501] thr=1   paramiko.transport: Compression: none
50DEB [YYYYmmdd-HH:MM:30.501] thr=1   paramiko.transport: === End of kex handshake ===
51DEB [YYYYmmdd-HH:MM:30.548] thr=1   paramiko.transport: Got server p (2048 bits)
52DEB [YYYYmmdd-HH:MM:30.666] thr=1   paramiko.transport: kex engine KexGexSHA256 specified hash_algo <built-in function openssl_sha256>
53DEB [YYYYmmdd-HH:MM:30.667] thr=1   paramiko.transport: Switch to new keys ...
54DEB [YYYYmmdd-HH:MM:30.669] thr=2   paramiko.transport: Adding ssh-rsa host key for server.tld: b'caea********************.'
55DEB [YYYYmmdd-HH:MM:30.674] thr=2   paramiko.transport: Trying discovered key b'b49c********************' in /path/to/.ssh/my_key.rsa
56DEB [YYYYmmdd-HH:MM:30.722] thr=1   paramiko.transport: userauth is OK
57DEB [YYYYmmdd-HH:MM:30.722] thr=1   paramiko.transport: Finalizing pubkey algorithm for key of type 'ssh-rsa'
58DEB [YYYYmmdd-HH:MM:30.722] thr=1   paramiko.transport: Our pubkey algorithm list: ['rsa-sha2-512', 'rsa-sha2-256', 'ssh-rsa']
59DEB [YYYYmmdd-HH:MM:30.723] thr=1   paramiko.transport: Server-side algorithm list: ['']
60DEB [YYYYmmdd-HH:MM:30.723] thr=1   paramiko.transport: Agreed upon 'rsa-sha2-512' pubkey algorithm
61INF [YYYYmmdd-HH:MM:30.735] thr=1   paramiko.transport: Authentication (publickey) failed.
62DEB [YYYYmmdd-HH:MM:30.739] thr=2   paramiko.transport: Trying SSH agent key b'9d37********************'
63DEB [YYYYmmdd-HH:MM:30.747] thr=1   paramiko.transport: userauth is OK.
64DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Finalizing pubkey algorithm for key of type 'ssh-rsa'
65DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Our pubkey algorithm list: ['rsa-sha2-512', 'rsa-sha2-256', 'ssh-rsa']
66DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Server-side algorithm list: ['']
67DEB [YYYYmmdd-HH:MM:30.748] thr=1   paramiko.transport: Agreed upon 'rsa-sha2-512' pubkey algorithm
68INF [YYYYmmdd-HH:MM:30.868] thr=1   paramiko.transport: Authentication (publickey) failed...
69OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017
70debug1: Reading configuration data /etc/ssh/ssh_config
71debug1: /etc/ssh/ssh_config line 58: Applying options for *
72debug2: resolving "server.tld" port 22
73debug2: ssh_connect_direct: needpriv 0
74debug1: Connecting to server.tld [server.tld] port 22.
75debug1: Connection established.
76debug1: permanently_set_uid: 0/0
77debug1: key_load_public: No such file or directory
78debug1: identity file /path/to/.ssh/my_key.rsa type -1
79debug1: key_load_public: No such file or directory
80debug1: identity file /path/to/.ssh/my_key.rsa-cert type -1
81debug1: Enabling compatibility mode for protocol 2.0
82debug1: Local version string SSH-2.0-OpenSSH_7.4
83debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
84debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
85debug2: fd 3 setting O_NONBLOCK
86debug1: Authenticating to server.tld:22 as 'my_user'
87debug3: hostkeys_foreach: reading file "/path/to/.ssh/known_hosts"
88debug3: record_hostkey: found key type RSA in file /path/to/.ssh/known_hosts:82
89debug3: load_hostkeys: loaded 1 keys from server.tld
90debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
91debug3: send packet: type 20
92debug1: SSH2_MSG_KEXINIT sent
93debug3: receive packet: type 20
94debug1: SSH2_MSG_KEXINIT received
95debug2: local client KEXINIT proposal
96debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c
97debug2: host key algorithms: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-dss
98debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
99debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
100debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
101debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
102debug2: compression ctos: none,zlib@openssh.com,zlib
103debug2: compression stoc: none,zlib@openssh.com,zlib
104debug2: languages ctos:
105debug2: languages stoc:
106debug2: first_kex_follows 0
107debug2: reserved 0
108debug2: peer server KEXINIT proposal
109debug2: KEX algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
110debug2: host key algorithms: ssh-rsa,ssh-dss
111debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
112debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
113debug2: MACs ctos: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
114debug2: MACs stoc: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
115debug2: compression ctos: none,zlib@openssh.com
116debug2: compression stoc: none,zlib@openssh.com
117debug2: languages ctos:
118debug2: languages stoc:
119debug2: first_kex_follows 0
120debug2: reserved 0
121debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
122debug1: kex: host key algorithm: ssh-rsa
123debug1: kex: server->client cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
124debug1: kex: client->server cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
125debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
126debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
127debug3: send packet: type 34
128debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
129debug3: receive packet: type 31
130debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
131debug2: bits set: 1502/3072
132debug3: send packet: type 32
133debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
134debug3: receive packet: type 33
135debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
136debug1: Server host key: ssh-.:**************************************************
137debug3: hostkeys_foreach: reading file "/path/to/.ssh/known_hosts"
138debug3: record_hostkey: found key type RSA in file /path/to/.ssh/known_hosts:8..2
139debug3: load_hostkeys: loaded 1 keys from server.tld
140debug1: Host 'server.tld' is known and matches the RSA host key.
141debug1: Found key in /path/to/.ssh/known_hosts:82
142debug2: bits set: 1562/3072
143debug3: send packet: type 21
144debug2: set_newkeys: mode 1
145debug1: rekey after 4294967296 blocks
146debug1: SSH2_MSG_NEWKEYS sent
147debug1: expecting SSH2_MSG_NEWKEYS
148debug3: receive packet: type 21
149debug1: SSH2_MSG_NEWKEYS received
150debug2: set_newkeys: mode 0
151debug1: rekey after 4294967296 blocks
152debug2: key: <foo> (0x55bcf6d1d320), agent
153debug2: key: /path/to/.ssh/my_key.rsa ((nil)), explicit
154debug3: send packet: type 5
155debug3: receive packet: type 6
156debug2: service_accept: ssh-userauth
157debug1: SSH2_MSG_SERVICE_ACCEPT received
158debug3: send packet: type 50
159debug3: receive packet: type 51
160debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
161debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password
162debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
163debug3: authmethod_lookup gssapi-keyex
164debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive,password
165debug3: authmethod_is_enabled gssapi-keyex
166debug1: Next authentication method: gssapi-keyex
167debug1: No valid Key exchange context
168debug2: we did not send a packet, disable method
169debug3: authmethod_lookup gssapi-with-mic
170debug3: remaining preferred: publickey,keyboard-interactive,password
171debug3: authmethod_is_enabled gssapi-with-mic
172debug1: Next authentication method: gssapi-with-mic
173debug1: Unspecified GSS failure.  Minor code may provide more information
174No Kerberos credentials available (default cache: KEYRING:persistent:0)
175
176debug1: Unspecified GSS failure.  Minor code may provide more information
177No Kerberos credentials available (default cache: KEYRING:persistent:0)
178
179debug2: we did not send a packet, disable method
180debug3: authmethod_lookup publickey
181debug3: remaining preferred: keyboard-interactive,password
182debug3: authmethod_is_enabled publickey
183debug1: Next authentication method: publickey
184debug1: Offering RSA public key: <foo>
185debug3: send_pubkey_test
186debug3: send packet: type 50
187debug2: we sent a publickey packet, wait for reply
188debug3: receive packet: type 51
189debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
190debug1: Trying private key: /path/to/.ssh/my_key.rsa
191debug3: sign_and_send_pubkey: RSA SHA256:**********************************
192debug3: send packet: type 50
193debug2: we sent a publickey packet, wait for reply
194debug3: receive packet: type 52
195debug1: Authentication succeeded (publickey).
196Authenticated to server.tld ([server.tld]:22).
197debug1: channel 0: new [client-session]
198debug3: ssh_session2_open: channel_new: 0
199debug2: channel 0: send open
200debug3: send packet: type 90
201debug1: Requesting no-more-sessions@openssh.com
202debug3: send packet: type 80
203debug1: Entering interactive session.
204debug1: pledge: network
205debug3: receive packet: type 91
206debug2: callback start
207debug2: fd 3 setting TCP_NODELAY
208debug3: ssh_packet_set_tos: set IP_TOS 0x08
209debug2: client_session2_setup: id 0
210debug1: Sending environment.
211debug3: Ignored env XDG_SESSION_ID
212debug3: Ignored env HOSTNAME
213debug3: Ignored env SELINUX_ROLE_REQUESTED
214debug3: Ignored env TERM
215debug3: Ignored env SHELL
216debug3: Ignored env HISTSIZE
217debug3: Ignored env SSH_CLIENT
218debug3: Ignored env SELINUX_USE_CURRENT_RANGE
219debug3: Ignored env SSH_TTY
220debug3: Ignored env CDPATH
221debug3: Ignored env USER
222debug3: Ignored env LS_COLORS
223debug3: Ignored env SSH_AUTH_SOCK
224debug3: Ignored env MAIL
225debug3: Ignored env PATH
226debug3: Ignored env PWD
227debug1: Sending env LANG = xx_XX.UTF-8
228debug2: channel 0: request env confirm 0
229debug3: send packet: type 98
230debug3: Ignored env SELINUX_LEVEL_REQUESTED
231debug3: Ignored env HISTCONTROL
232debug3: Ignored env SHLVL
233debug3: Ignored env HOME
234debug3: Ignored env LOGNAME
235debug3: Ignored env SSH_CONNECTION
236debug3: Ignored env LESSOPEN
237debug3: Ignored env XDG_RUNTIME_DIR
238debug3: Ignored env _
239debug1: Sending command: echo TEST : $(hostname)
240debug2: channel 0: request exec confirm 1
241debug3: send packet: type 98
242debug2: callback done
243debug2: channel 0: open confirm rwindow 0 rmax 32768
244debug2: channel 0: rcvd adjust 2097152
245debug3: receive packet: type 99
246debug2: channel_input_status_confirm: type 99 id 0
247debug2: exec request accepted on channel 0
248TEST : server.tld
249debug3: receive packet: type 96
250debug2: channel 0: rcvd eof
251debug2: channel 0: output open -> drain
252debug2: channel 0: obuf empty
253debug2: channel 0: close_write
254debug2: channel 0: output drain -> closed
255debug3: receive packet: type 98
256debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
257debug3: receive packet: type 98
258debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
259debug2: channel 0: rcvd eow
260debug2: channel 0: close_read
261debug2: channel 0: input open -> closed
262debug3: receive packet: type 97
263debug2: channel 0: rcvd close
264debug3: channel 0: will not send data after close
265debug2: channel 0: almost dead
266debug2: channel 0: gc: notify user
267debug2: channel 0: gc: user detached
268debug2: channel 0: send close
269debug3: send packet: type 97
270debug2: channel 0: is dead
271debug2: channel 0: garbage collecting
272debug1: channel 0: free: client-session, nchannels 1
273debug3: channel 0: status: The following connections are open:
274  #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)
275
276debug3: send packet: type 1
277Transferred: sent 3264, received 2656 bytes, in 0.0 seconds.
278Bytes per second: sent 92349.8, received 75147.4
279debug1: Exit status 0
280.
281ssh_client.connect(
282  server, username=ssh_user, key_filename=ssh_keypath,
283  disabled_algorithms=dict(pubkeys=["rsa-sha2-512", "rsa-sha2-256"]))
284

(note that there's no need to specify port=22, as that's the default)

I've found related Paramiko issue:
RSA key auth failing from paramiko 2.9.x client to dropbear server

Though it refers to Paramiko 2.9.0 change log, which seems to imply that the behavior is deliberate:

When the server does not send server-sig-algs, Paramiko will attempt the first algorithm in the above list. Clients connecting to legacy servers should thus use disabled_algorithms to turn off SHA2.

Since 2.9.2, Paramiko will say:

DEB [20220113-14:46:13.882] thr=1 paramiko.transport: Server did not send a server-sig-algs list; defaulting to our first preferred algo ('rsa-sha2-512')
DEB [20220113-14:46:13.882] thr=1 paramiko.transport: NOTE: you may use the 'disabled_algorithms' SSHClient/Transport init kwarg to disable that or other algorithms if your server does not support them!

Obligatory warning: Do not use AutoAddPolicy – You are losing a protection against MITM attacks by doing so. For a correct solution, see Paramiko "Unknown Server".

Your code for waiting for command to complete and reading its output is flawed too. See Wait to finish command executed with Python Paramiko. And for most purposes, the get_pty=True is not a good idea either.

Source https://stackoverflow.com/questions/70565357

Community Discussions contain sources that include Stack Exchange Network

Tutorials and Learning Resources in SSH

Tutorials and Learning Resources are not available at this moment for SSH

Explore all libraries in SSH kandi align

Share this Page

share link

Get latest updates on SSH

Open Weaver – Develop Applications Faster with Open Source

kandi

Community and Support

Company

Follow

  • © 2023 Open Weaver Inc.