Popular New Releases in SSH
Bastillion-EC2
1.77.0
lobbyboy
Lobbyboy New Version v0.3.0
ssh-web-console
v0.4.0
sftp-fs
2.0.3
ssh-tarpit
Reworked logging
Popular Libraries in SSH
by gliderlabs go
2132 BSD-3-Clause
Easy SSH servers in Golang
by FiloSottile go
1814 MIT
A ssh server that knows who you are. $ ssh whoami.filippo.io
by aker-gateway python
526 NOASSERTION
SSH bastion/jump host/jumpserver
by bastillion-io java
415 NOASSERTION
A web-based SSH console to execute commands and manage multiple EC2 instances simultaneously running on Amazon Web Services (AWS).
by rprichard c++
351 MIT
Bridge from Cygwin to WSL pty/pipe I/O
by vincenthsu shell
255 Unlicense
Automatically start ngrok by systemd
by Scalingo go
240 BSD-2-Clause
Go examples of SSH servers and clients
by laixintao python
195
A lobby boy will create a VPS server when you need one, and destroy it after using it.
by genshen go
165 MIT
Connect to your linux machine via ssh in your browser.
Trending New libraries in SSH
by laixintao python
195
A lobby boy will create a VPS server when you need one, and destroy it after using it.
by sorah rust
134 MIT
Utility to run systemd in WSL2 with a Linux namespace
by cdown shell
51 MIT
Bring your .bashrc, .vimrc, etc. with you when you ssh
by AsenOsen python
30
Simple SSH users management tool
by sr229 shell
27 MIT
A script that spawns a namespace with systemd as PID1, and allows you to spawn interactive sessions or exec commands inside it
by Monkey-D-Groot javascript
17
A small realtime ssh honeypot that visualize bot's ssh to my server. See http://khuyenn.com
by distrentic typescript
12 MIT
An SSH jump server using ssh2, socket.io and express.
by ncorbuk python
6 MIT
Python Tutorial || SSH Bot Brute-force || Botnet Series || Part 1
by xvSync shell
5
A simple IPTABLE/FIREWALLD Commands which refuse all ports people try to check on your current SSH Server that you will Secure.
Top Authors in SSH
1
1 Libraries
2
2
1 Libraries
5
3
1 Libraries
2
4
1 Libraries
2
5
1 Libraries
2
6
1 Libraries
8
7
1 Libraries
4
8
1 Libraries
8
9
1 Libraries
6
10
1 Libraries
4
1
1 Libraries
2
2
1 Libraries
5
3
1 Libraries
2
4
1 Libraries
2
5
1 Libraries
2
6
1 Libraries
8
7
1 Libraries
4
8
1 Libraries
8
9
1 Libraries
6
10
1 Libraries
4
Trending Kits in SSH
No Trending Kits are available at this moment for SSH
Trending Discussions on SSH
How to fix? "kex_exchange_identification: read: Connection reset by peer"
Unable to negotiate with 40.74.28.9 port 22: no matching host key type found. Their offer: ssh-rsa
The unauthenticated git protocol on port 9418 is no longer supported
Spring Cloud Config Server GitHub SHA-1 error
Eclipse/Git: "You're using an RSA key with SHA-1, which is no longer allowed. Please use a newer client or a different key type."
Connection reset when using jsch to connect to an sftp server hosted in azure
nexus-staging-maven-plugin: maven deploy failed: An API incompatibility was encountered while executing
Having difficulty to get SSH with a Yubikey working with macOS monterey
Git Bash - ssh connection issue
Paramiko authentication fails with "Agreed upon 'rsa-sha2-512' pubkey algorithm" (and "unsupported public key algorithm: rsa-sha2-512" in sshd log)
QUESTION
How to fix? "kex_exchange_identification: read: Connection reset by peer"
Asked 2022-Mar-30 at 10:07I want to copy data with scp
in GitLab pipeline using PRIVATE_KEY
error is :
1kex_exchange_identification: read: Connection reset by peer
2Connection reset by x.x.x.x port 22
3lost connection
4
pipeline log:
1kex_exchange_identification: read: Connection reset by peer
2Connection reset by x.x.x.x port 22
3lost connection
4$ mkdir -p ~/.ssh
5$ echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa
6$ chmod 600 ~/.ssh/id_rsa
7$ eval "$(ssh-agent -s)"
8Agent pid 22
9
10$ ssh-add ~/.ssh/id_rsa
11Identity added: /root/.ssh/id_rsa (/root/.ssh/id_rsa)
12
13$ ssh-keyscan -H $IP >> ~/.ssh/known_hosts
14# x.x.x.x:22 SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10
15# x.x.x.x:22 SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10
16
17$ scp -rv api.yml root@$IP:/home/services/test/
18Executing: program /usr/bin/ssh host x.x.x.x, user root, command scp -v -r -t /home/services/test/
19
20OpenSSH_8.6p1, OpenSSL 1.1.1l 24 Aug 2021
21debug1: Reading configuration data /etc/ssh/ssh_config
22debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
23debug1: Connecting to x.x.x.x [x.x.x.x] port 22.
24debug1: Connection established.
25debug1: identity file /root/.ssh/id_rsa type -1
26debug1: identity file /root/.ssh/id_rsa-cert type -1
27debug1: identity file /root/.ssh/id_dsa type -1
28debug1: identity file /root/.ssh/id_dsa-cert type -1
29debug1: identity file /root/.ssh/id_ecdsa type -1
30debug1: identity file /root/.ssh/id_ecdsa-cert type -1
31debug1: identity file /root/.ssh/id_ecdsa_sk type -1
32debug1: identity file /root/.ssh/id_ecdsa_sk-cert type -1
33debug1: identity file /root/.ssh/id_ed25519 type -1
34debug1: identity file /root/.ssh/id_ed25519-cert type -1
35debug1: identity file /root/.ssh/id_ed25519_sk type -1
36debug1: identity file /root/.ssh/id_ed25519_sk-cert type -1
37debug1: identity file /root/.ssh/id_xmss type -1
38debug1: identity file /root/.ssh/id_xmss-cert type -1
39debug1: Local version string SSH-2.0-OpenSSH_8.6
40kex_exchange_identification: read: Connection reset by peer
41Connection reset by x.x.x.x port 22
42lost connection
43
ANSWER
Answered 2021-Sep-30 at 19:401kex_exchange_identification: read: Connection reset by peer
2Connection reset by x.x.x.x port 22
3lost connection
4$ mkdir -p ~/.ssh
5$ echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa
6$ chmod 600 ~/.ssh/id_rsa
7$ eval "$(ssh-agent -s)"
8Agent pid 22
9
10$ ssh-add ~/.ssh/id_rsa
11Identity added: /root/.ssh/id_rsa (/root/.ssh/id_rsa)
12
13$ ssh-keyscan -H $IP >> ~/.ssh/known_hosts
14# x.x.x.x:22 SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10
15# x.x.x.x:22 SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10
16
17$ scp -rv api.yml root@$IP:/home/services/test/
18Executing: program /usr/bin/ssh host x.x.x.x, user root, command scp -v -r -t /home/services/test/
19
20OpenSSH_8.6p1, OpenSSL 1.1.1l 24 Aug 2021
21debug1: Reading configuration data /etc/ssh/ssh_config
22debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
23debug1: Connecting to x.x.x.x [x.x.x.x] port 22.
24debug1: Connection established.
25debug1: identity file /root/.ssh/id_rsa type -1
26debug1: identity file /root/.ssh/id_rsa-cert type -1
27debug1: identity file /root/.ssh/id_dsa type -1
28debug1: identity file /root/.ssh/id_dsa-cert type -1
29debug1: identity file /root/.ssh/id_ecdsa type -1
30debug1: identity file /root/.ssh/id_ecdsa-cert type -1
31debug1: identity file /root/.ssh/id_ecdsa_sk type -1
32debug1: identity file /root/.ssh/id_ecdsa_sk-cert type -1
33debug1: identity file /root/.ssh/id_ed25519 type -1
34debug1: identity file /root/.ssh/id_ed25519-cert type -1
35debug1: identity file /root/.ssh/id_ed25519_sk type -1
36debug1: identity file /root/.ssh/id_ed25519_sk-cert type -1
37debug1: identity file /root/.ssh/id_xmss type -1
38debug1: identity file /root/.ssh/id_xmss-cert type -1
39debug1: Local version string SSH-2.0-OpenSSH_8.6
40kex_exchange_identification: read: Connection reset by peer
41Connection reset by x.x.x.x port 22
42lost connection
43kex_exchange_identification: read: Connection reset by peer
44
When an ssh client connects to an ssh server, the server starts by sending a version string to the client. The error that you're getting means that the TCP connection from the client to the server was "abnormally closed" while the client was waiting for this data from the server, in other words immediately after the TCP connection was opened.
As a practical matter, it's likely to mean one of two things:
- The ssh server process malfunctioned (crashed), or perhaps it detected some serious issue causing it to exit immediately.
- Some firewall is interfering with connections to the ssh server.
It looks like the ssh-keyscan program was able to connect to the server and get a version string without an error. So the ssh server process is apparently able to talk to a client without crashing.
You should talk the administrators of this x.x.x.x host and the network that it's attached to, to see if they can identify the problem from their end. It's possible that something--a firewall, or the ssh server process itself--is seeing the multiple connections, first from the ssh-keyscan process, then by the scp program, as an intrusion attempt. And it's blocking the second connection attempt.
QUESTION
Unable to negotiate with 40.74.28.9 port 22: no matching host key type found. Their offer: ssh-rsa
Asked 2022-Mar-28 at 15:54After start of using NixOS as a new package management system, I get the following error when using git within Azure DevOps repositories and rsa ssh key:
1jaroslavbezdek@mac> git pull
2Unable to negotiate with 40.74.28.9 port 22: no matching host key type found. Their offer: ssh-rsa
3fatal: Could not read from remote repository.
4
5Please make sure you have the correct access rights
6and the repository exists.
7
What can I do with that, please?
ANSWER
Answered 2021-Nov-12 at 12:44According to this post, you can add ssh.dev.azure.com
host config to your ~/.ssh/config
file:
Final
~/.ssh/config
that worked for me:
1jaroslavbezdek@mac> git pull
2Unable to negotiate with 40.74.28.9 port 22: no matching host key type found. Their offer: ssh-rsa
3fatal: Could not read from remote repository.
4
5Please make sure you have the correct access rights
6and the repository exists.
7Host ssh.dev.azure.com
8 HostName ssh.dev.azure.com
9 User git
10 IdentityFile ~/.ssh/id_rsa
11 IdentitiesOnly yes
12 PubkeyAcceptedAlgorithms +ssh-rsa
13 HostkeyAlgorithms +ssh-rsa
14
QUESTION
The unauthenticated git protocol on port 9418 is no longer supported
Asked 2022-Mar-27 at 13:23I have been using github actions for quite sometime but today my deployments started failing. Below is the error from github action logs
1Command: git
2Arguments: ls-remote --tags --heads git://github.com/adobe-webplatform/eve.git
3Directory: /home/runner/work/stackstream-fe/stackstream-fe
4Output:
5fatal: remote error:
6 The unauthenticated git protocol on port 9418 is no longer supported.
7
Upon investigation, it appears that below section in my yml file is causing the issue.
1Command: git
2Arguments: ls-remote --tags --heads git://github.com/adobe-webplatform/eve.git
3Directory: /home/runner/work/stackstream-fe/stackstream-fe
4Output:
5fatal: remote error:
6 The unauthenticated git protocol on port 9418 is no longer supported.
7 - name: Installing modules
8 run: yarn install
9
I have looked into this change log but can't seem to comprehend the issue.
Additional Details: Server: EC2 Instance Github actions steps:
1Command: git
2Arguments: ls-remote --tags --heads git://github.com/adobe-webplatform/eve.git
3Directory: /home/runner/work/stackstream-fe/stackstream-fe
4Output:
5fatal: remote error:
6 The unauthenticated git protocol on port 9418 is no longer supported.
7 - name: Installing modules
8 run: yarn install
9 steps:
10 - name: Checkout
11 uses: actions/checkout@v2
12
13 - id: vars
14 run: |
15 if [ '${{ github.ref }}' == 'refs/heads/master' ]; then echo "::set-output name=environment::prod_stackstream" ; echo "::set-output name=api-url::api" ; elif [ '${{ github.ref }}' == 'refs/heads/staging' ]; then echo "::set-output name=environment::staging_stackstream" ; echo "::set-output name=api-url::stagingapi" ; else echo "::set-output name=environment::dev_stackstream" ; echo "::set-output name=api-url::devapi" ; fi
16
17 - uses: pCYSl5EDgo/cat@master
18 id: slack
19 with:
20 path: .github/workflows/slack.txt
21
22 - name: Slack Start Notification
23 uses: 8398a7/action-slack@v3
24 env:
25 SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
26 ENVIRONMENT: '`${{ steps.vars.outputs.environment }}`'
27 COLOR: good
28 STATUS: '`Started`'
29 with:
30 status: custom
31 fields: workflow,job,commit,repo,ref,author,took
32 custom_payload: |
33 ${{ steps.slack.outputs.text }}
34
35 - name: Installing modules
36 env:
37 REACT_APP_API_URL: 'https://${{ steps.vars.outputs.api-url }}mergestack.com/api/v1'
38 run: yarn install
39
40 - name: Create Frontend Build
41 env:
42 REACT_APP_API_URL: 'https://${{ steps.vars.outputs.api-url }}mergestack.com/api/v1'
43 run: yarn build
44
45 - name: Deploy to Frontend Server DEV
46 if: ${{ contains(github.ref, 'dev') }}
47 uses: easingthemes/ssh-deploy@v2.1.5
48 env:
49 SSH_PRIVATE_KEY: ${{ secrets.DEV_KEY }}
50 ARGS: '-rltgoDzvO --delete'
51 SOURCE: 'deploy/'
52 REMOTE_HOST: ${{ secrets.DEV_HOST }}
53 REMOTE_USER: plyfolio-dev
54 TARGET: '/home/plyfolio-dev/${{ steps.vars.outputs.environment }}/fe/deploy'
55
package.json file
1Command: git
2Arguments: ls-remote --tags --heads git://github.com/adobe-webplatform/eve.git
3Directory: /home/runner/work/stackstream-fe/stackstream-fe
4Output:
5fatal: remote error:
6 The unauthenticated git protocol on port 9418 is no longer supported.
7 - name: Installing modules
8 run: yarn install
9 steps:
10 - name: Checkout
11 uses: actions/checkout@v2
12
13 - id: vars
14 run: |
15 if [ '${{ github.ref }}' == 'refs/heads/master' ]; then echo "::set-output name=environment::prod_stackstream" ; echo "::set-output name=api-url::api" ; elif [ '${{ github.ref }}' == 'refs/heads/staging' ]; then echo "::set-output name=environment::staging_stackstream" ; echo "::set-output name=api-url::stagingapi" ; else echo "::set-output name=environment::dev_stackstream" ; echo "::set-output name=api-url::devapi" ; fi
16
17 - uses: pCYSl5EDgo/cat@master
18 id: slack
19 with:
20 path: .github/workflows/slack.txt
21
22 - name: Slack Start Notification
23 uses: 8398a7/action-slack@v3
24 env:
25 SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
26 ENVIRONMENT: '`${{ steps.vars.outputs.environment }}`'
27 COLOR: good
28 STATUS: '`Started`'
29 with:
30 status: custom
31 fields: workflow,job,commit,repo,ref,author,took
32 custom_payload: |
33 ${{ steps.slack.outputs.text }}
34
35 - name: Installing modules
36 env:
37 REACT_APP_API_URL: 'https://${{ steps.vars.outputs.api-url }}mergestack.com/api/v1'
38 run: yarn install
39
40 - name: Create Frontend Build
41 env:
42 REACT_APP_API_URL: 'https://${{ steps.vars.outputs.api-url }}mergestack.com/api/v1'
43 run: yarn build
44
45 - name: Deploy to Frontend Server DEV
46 if: ${{ contains(github.ref, 'dev') }}
47 uses: easingthemes/ssh-deploy@v2.1.5
48 env:
49 SSH_PRIVATE_KEY: ${{ secrets.DEV_KEY }}
50 ARGS: '-rltgoDzvO --delete'
51 SOURCE: 'deploy/'
52 REMOTE_HOST: ${{ secrets.DEV_HOST }}
53 REMOTE_USER: plyfolio-dev
54 TARGET: '/home/plyfolio-dev/${{ steps.vars.outputs.environment }}/fe/deploy'
55 {
56 "name": "stackstream-fe",
57 "version": "1.0.0",
58 "authors": [
59 "fayyaznofal@gmail.com"
60 ],
61 "private": true,
62 "dependencies": {
63 "@fortawesome/fontawesome-svg-core": "^1.2.34",
64 "@fortawesome/free-solid-svg-icons": "^5.15.2",
65 "@fortawesome/react-fontawesome": "^0.1.14",
66 "@fullcalendar/bootstrap": "^5.5.0",
67 "@fullcalendar/core": "^5.5.0",
68 "@fullcalendar/daygrid": "^5.5.0",
69 "@fullcalendar/interaction": "^5.5.0",
70 "@fullcalendar/react": "^5.5.0",
71 "@lourenci/react-kanban": "^2.1.0",
72 "@redux-saga/simple-saga-monitor": "^1.1.2",
73 "@testing-library/jest-dom": "^5.11.9",
74 "@testing-library/react": "^11.2.3",
75 "@testing-library/user-event": "^12.6.0",
76 "@toast-ui/react-chart": "^1.0.2",
77 "@types/jest": "^26.0.14",
78 "@types/node": "^14.10.3",
79 "@types/react": "^16.9.49",
80 "@types/react-dom": "^16.9.8",
81 "@vtaits/react-color-picker": "^0.1.1",
82 "apexcharts": "^3.23.1",
83 "availity-reactstrap-validation": "^2.7.0",
84 "axios": "^0.21.1",
85 "axios-mock-adapter": "^1.19.0",
86 "axios-progress-bar": "^1.2.0",
87 "bootstrap": "^5.0.0-beta2",
88 "chart.js": "^2.9.4",
89 "chartist": "^0.11.4",
90 "classnames": "^2.2.6",
91 "components": "^0.1.0",
92 "dotenv": "^8.2.0",
93 "draft-js": "^0.11.7",
94 "echarts": "^4.9.0",
95 "echarts-for-react": "^2.0.16",
96 "firebase": "^8.2.3",
97 "google-maps-react": "^2.0.6",
98 "history": "^4.10.1",
99 "i": "^0.3.6",
100 "i18next": "^19.8.4",
101 "i18next-browser-languagedetector": "^6.0.1",
102 "jsonwebtoken": "^8.5.1",
103 "leaflet": "^1.7.1",
104 "lodash": "^4.17.21",
105 "lodash.clonedeep": "^4.5.0",
106 "lodash.get": "^4.4.2",
107 "metismenujs": "^1.2.1",
108 "mkdirp": "^1.0.4",
109 "moment": "2.29.1",
110 "moment-timezone": "^0.5.32",
111 "nouislider-react": "^3.3.9",
112 "npm": "^7.6.3",
113 "prop-types": "^15.7.2",
114 "query-string": "^6.14.0",
115 "react": "^16.13.1",
116 "react-apexcharts": "^1.3.7",
117 "react-auth-code-input": "^1.0.0",
118 "react-avatar": "^3.10.0",
119 "react-bootstrap": "^1.5.0",
120 "react-bootstrap-editable": "^0.8.2",
121 "react-bootstrap-sweetalert": "^5.2.0",
122 "react-bootstrap-table-next": "^4.0.3",
123 "react-bootstrap-table2-editor": "^1.4.0",
124 "react-bootstrap-table2-paginator": "^2.1.2",
125 "react-bootstrap-table2-toolkit": "^2.1.3",
126 "react-chartist": "^0.14.3",
127 "react-chartjs-2": "^2.11.1",
128 "react-color": "^2.19.3",
129 "react-confirm-alert": "^2.7.0",
130 "react-content-loader": "^6.0.1",
131 "react-countdown": "^2.3.1",
132 "react-countup": "^4.3.3",
133 "react-cropper": "^2.1.4",
134 "react-data-table-component": "^6.11.8",
135 "react-date-picker": "^8.0.6",
136 "react-datepicker": "^3.4.1",
137 "react-dom": "^16.13.1",
138 "react-draft-wysiwyg": "^1.14.5",
139 "react-drag-listview": "^0.1.8",
140 "react-drawer": "^1.3.4",
141 "react-dropzone": "^11.2.4",
142 "react-dual-listbox": "^2.0.0",
143 "react-facebook-login": "^4.1.1",
144 "react-flatpickr": "^3.10.6",
145 "react-google-login": "^5.2.2",
146 "react-hook-form": "^7.15.2",
147 "react-i18next": "^11.8.5",
148 "react-icons": "^4.2.0",
149 "react-image-lightbox": "^5.1.1",
150 "react-input-mask": "^2.0.4",
151 "react-jvectormap": "^0.0.16",
152 "react-leaflet": "^3.0.5",
153 "react-meta-tags": "^1.0.1",
154 "react-modal-video": "^1.2.6",
155 "react-notifications": "^1.7.2",
156 "react-number-format": "^4.7.3",
157 "react-perfect-scrollbar": "^1.5.8",
158 "react-rangeslider": "^2.2.0",
159 "react-rating": "^2.0.5",
160 "react-rating-tooltip": "^1.1.6",
161 "react-redux": "^7.2.1",
162 "react-responsive-carousel": "^3.2.11",
163 "react-router-dom": "^5.2.0",
164 "react-script": "^2.0.5",
165 "react-scripts": "3.4.3",
166 "react-select": "^4.3.1",
167 "react-sparklines": "^1.7.0",
168 "react-star-ratings": "^2.3.0",
169 "react-super-responsive-table": "^5.2.0",
170 "react-switch": "^6.0.0",
171 "react-table": "^7.6.3",
172 "react-toastify": "^7.0.3",
173 "react-toastr": "^3.0.0",
174 "react-twitter-auth": "0.0.13",
175 "reactstrap": "^8.8.1",
176 "recharts": "^2.0.8",
177 "redux": "^4.0.5",
178 "redux-saga": "^1.1.3",
179 "reselect": "^4.0.0",
180 "sass": "^1.37.5",
181 "simplebar-react": "^2.3.0",
182 "styled": "^1.0.0",
183 "styled-components": "^5.2.1",
184 "toastr": "^2.1.4",
185 "typescript": "^4.0.2",
186 "universal-cookie": "^4.0.4"
187 },
188 "devDependencies": {
189 "@typescript-eslint/eslint-plugin": "^2.27.0",
190 "@typescript-eslint/parser": "^2.27.0",
191 "@typescript-eslint/typescript-estree": "^4.15.2",
192 "eslint-config-prettier": "^6.10.1",
193 "eslint-plugin-prettier": "^3.1.2",
194 "husky": "^4.2.5",
195 "lint-staged": "^10.1.3",
196 "prettier": "^1.19.1",
197 "react-test-renderer": "^16.13.1",
198 "redux-devtools-extension": "^2.13.8",
199 "redux-mock-store": "^1.5.4"
200 },
201 "scripts": {
202 "start": "react-scripts start",
203 "build": "react-scripts build && mv build ./deploy/build",
204 "build-local": "react-scripts build",
205 "test": "react-scripts test",
206 "eject": "react-scripts eject"
207 },
208 "eslintConfig": {
209 "extends": "react-app"
210 },
211 "husky": {
212 "hooks": {
213 "pre-commit": "lint-staged"
214 }
215 },
216 "lint-staged": {
217 "*.{js,ts,tsx}": [
218 "eslint --fix"
219 ]
220 },
221 "browserslist": {
222 "production": [
223 ">0.2%",
224 "not dead",
225 "not op_mini all"
226 ],
227 "development": [
228 "last 1 chrome version",
229 "last 1 firefox version",
230 "last 1 safari version"
231 ]
232 }
233}
234
ANSWER
Answered 2022-Mar-16 at 07:01First, this error message is indeed expected on Jan. 11th, 2022.
See "Improving Git protocol security on GitHub".
January 11, 2022 Final brownout.
This is the full brownout period where we’ll temporarily stop accepting the deprecated key and signature types, ciphers, and MACs, and the unencrypted Git protocol.
This will help clients discover any lingering use of older keys or old URLs.
Second, check your package.json
dependencies for any git://
URL, as in this example, fixed in this PR.
As noted by Jörg W Mittag:
There was a 4-month warning.
The entire Internet has been moving away from unauthenticated, unencrypted protocols for a decade, it's not like this is a huge surprise.Personally, I consider it less an "issue" and more "detecting unmaintained dependencies".
Plus, this is still only the brownout period, so the protocol will only be disabled for a short period of time, allowing developers to discover the problem.
The permanent shutdown is not until March 15th.
For GitHub Actions:
As in actions/checkout issue 14, you can add as a first step:
1Command: git
2Arguments: ls-remote --tags --heads git://github.com/adobe-webplatform/eve.git
3Directory: /home/runner/work/stackstream-fe/stackstream-fe
4Output:
5fatal: remote error:
6 The unauthenticated git protocol on port 9418 is no longer supported.
7 - name: Installing modules
8 run: yarn install
9 steps:
10 - name: Checkout
11 uses: actions/checkout@v2
12
13 - id: vars
14 run: |
15 if [ '${{ github.ref }}' == 'refs/heads/master' ]; then echo "::set-output name=environment::prod_stackstream" ; echo "::set-output name=api-url::api" ; elif [ '${{ github.ref }}' == 'refs/heads/staging' ]; then echo "::set-output name=environment::staging_stackstream" ; echo "::set-output name=api-url::stagingapi" ; else echo "::set-output name=environment::dev_stackstream" ; echo "::set-output name=api-url::devapi" ; fi
16
17 - uses: pCYSl5EDgo/cat@master
18 id: slack
19 with:
20 path: .github/workflows/slack.txt
21
22 - name: Slack Start Notification
23 uses: 8398a7/action-slack@v3
24 env:
25 SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
26 ENVIRONMENT: '`${{ steps.vars.outputs.environment }}`'
27 COLOR: good
28 STATUS: '`Started`'
29 with:
30 status: custom
31 fields: workflow,job,commit,repo,ref,author,took
32 custom_payload: |
33 ${{ steps.slack.outputs.text }}
34
35 - name: Installing modules
36 env:
37 REACT_APP_API_URL: 'https://${{ steps.vars.outputs.api-url }}mergestack.com/api/v1'
38 run: yarn install
39
40 - name: Create Frontend Build
41 env:
42 REACT_APP_API_URL: 'https://${{ steps.vars.outputs.api-url }}mergestack.com/api/v1'
43 run: yarn build
44
45 - name: Deploy to Frontend Server DEV
46 if: ${{ contains(github.ref, 'dev') }}
47 uses: easingthemes/ssh-deploy@v2.1.5
48 env:
49 SSH_PRIVATE_KEY: ${{ secrets.DEV_KEY }}
50 ARGS: '-rltgoDzvO --delete'
51 SOURCE: 'deploy/'
52 REMOTE_HOST: ${{ secrets.DEV_HOST }}
53 REMOTE_USER: plyfolio-dev
54 TARGET: '/home/plyfolio-dev/${{ steps.vars.outputs.environment }}/fe/deploy'
55 {
56 "name": "stackstream-fe",
57 "version": "1.0.0",
58 "authors": [
59 "fayyaznofal@gmail.com"
60 ],
61 "private": true,
62 "dependencies": {
63 "@fortawesome/fontawesome-svg-core": "^1.2.34",
64 "@fortawesome/free-solid-svg-icons": "^5.15.2",
65 "@fortawesome/react-fontawesome": "^0.1.14",
66 "@fullcalendar/bootstrap": "^5.5.0",
67 "@fullcalendar/core": "^5.5.0",
68 "@fullcalendar/daygrid": "^5.5.0",
69 "@fullcalendar/interaction": "^5.5.0",
70 "@fullcalendar/react": "^5.5.0",
71 "@lourenci/react-kanban": "^2.1.0",
72 "@redux-saga/simple-saga-monitor": "^1.1.2",
73 "@testing-library/jest-dom": "^5.11.9",
74 "@testing-library/react": "^11.2.3",
75 "@testing-library/user-event": "^12.6.0",
76 "@toast-ui/react-chart": "^1.0.2",
77 "@types/jest": "^26.0.14",
78 "@types/node": "^14.10.3",
79 "@types/react": "^16.9.49",
80 "@types/react-dom": "^16.9.8",
81 "@vtaits/react-color-picker": "^0.1.1",
82 "apexcharts": "^3.23.1",
83 "availity-reactstrap-validation": "^2.7.0",
84 "axios": "^0.21.1",
85 "axios-mock-adapter": "^1.19.0",
86 "axios-progress-bar": "^1.2.0",
87 "bootstrap": "^5.0.0-beta2",
88 "chart.js": "^2.9.4",
89 "chartist": "^0.11.4",
90 "classnames": "^2.2.6",
91 "components": "^0.1.0",
92 "dotenv": "^8.2.0",
93 "draft-js": "^0.11.7",
94 "echarts": "^4.9.0",
95 "echarts-for-react": "^2.0.16",
96 "firebase": "^8.2.3",
97 "google-maps-react": "^2.0.6",
98 "history": "^4.10.1",
99 "i": "^0.3.6",
100 "i18next": "^19.8.4",
101 "i18next-browser-languagedetector": "^6.0.1",
102 "jsonwebtoken": "^8.5.1",
103 "leaflet": "^1.7.1",
104 "lodash": "^4.17.21",
105 "lodash.clonedeep": "^4.5.0",
106 "lodash.get": "^4.4.2",
107 "metismenujs": "^1.2.1",
108 "mkdirp": "^1.0.4",
109 "moment": "2.29.1",
110 "moment-timezone": "^0.5.32",
111 "nouislider-react": "^3.3.9",
112 "npm": "^7.6.3",
113 "prop-types": "^15.7.2",
114 "query-string": "^6.14.0",
115 "react": "^16.13.1",
116 "react-apexcharts": "^1.3.7",
117 "react-auth-code-input": "^1.0.0",
118 "react-avatar": "^3.10.0",
119 "react-bootstrap": "^1.5.0",
120 "react-bootstrap-editable": "^0.8.2",
121 "react-bootstrap-sweetalert": "^5.2.0",
122 "react-bootstrap-table-next": "^4.0.3",
123 "react-bootstrap-table2-editor": "^1.4.0",
124 "react-bootstrap-table2-paginator": "^2.1.2",
125 "react-bootstrap-table2-toolkit": "^2.1.3",
126 "react-chartist": "^0.14.3",
127 "react-chartjs-2": "^2.11.1",
128 "react-color": "^2.19.3",
129 "react-confirm-alert": "^2.7.0",
130 "react-content-loader": "^6.0.1",
131 "react-countdown": "^2.3.1",
132 "react-countup": "^4.3.3",
133 "react-cropper": "^2.1.4",
134 "react-data-table-component": "^6.11.8",
135 "react-date-picker": "^8.0.6",
136 "react-datepicker": "^3.4.1",
137 "react-dom": "^16.13.1",
138 "react-draft-wysiwyg": "^1.14.5",
139 "react-drag-listview": "^0.1.8",
140 "react-drawer": "^1.3.4",
141 "react-dropzone": "^11.2.4",
142 "react-dual-listbox": "^2.0.0",
143 "react-facebook-login": "^4.1.1",
144 "react-flatpickr": "^3.10.6",
145 "react-google-login": "^5.2.2",
146 "react-hook-form": "^7.15.2",
147 "react-i18next": "^11.8.5",
148 "react-icons": "^4.2.0",
149 "react-image-lightbox": "^5.1.1",
150 "react-input-mask": "^2.0.4",
151 "react-jvectormap": "^0.0.16",
152 "react-leaflet": "^3.0.5",
153 "react-meta-tags": "^1.0.1",
154 "react-modal-video": "^1.2.6",
155 "react-notifications": "^1.7.2",
156 "react-number-format": "^4.7.3",
157 "react-perfect-scrollbar": "^1.5.8",
158 "react-rangeslider": "^2.2.0",
159 "react-rating": "^2.0.5",
160 "react-rating-tooltip": "^1.1.6",
161 "react-redux": "^7.2.1",
162 "react-responsive-carousel": "^3.2.11",
163 "react-router-dom": "^5.2.0",
164 "react-script": "^2.0.5",
165 "react-scripts": "3.4.3",
166 "react-select": "^4.3.1",
167 "react-sparklines": "^1.7.0",
168 "react-star-ratings": "^2.3.0",
169 "react-super-responsive-table": "^5.2.0",
170 "react-switch": "^6.0.0",
171 "react-table": "^7.6.3",
172 "react-toastify": "^7.0.3",
173 "react-toastr": "^3.0.0",
174 "react-twitter-auth": "0.0.13",
175 "reactstrap": "^8.8.1",
176 "recharts": "^2.0.8",
177 "redux": "^4.0.5",
178 "redux-saga": "^1.1.3",
179 "reselect": "^4.0.0",
180 "sass": "^1.37.5",
181 "simplebar-react": "^2.3.0",
182 "styled": "^1.0.0",
183 "styled-components": "^5.2.1",
184 "toastr": "^2.1.4",
185 "typescript": "^4.0.2",
186 "universal-cookie": "^4.0.4"
187 },
188 "devDependencies": {
189 "@typescript-eslint/eslint-plugin": "^2.27.0",
190 "@typescript-eslint/parser": "^2.27.0",
191 "@typescript-eslint/typescript-estree": "^4.15.2",
192 "eslint-config-prettier": "^6.10.1",
193 "eslint-plugin-prettier": "^3.1.2",
194 "husky": "^4.2.5",
195 "lint-staged": "^10.1.3",
196 "prettier": "^1.19.1",
197 "react-test-renderer": "^16.13.1",
198 "redux-devtools-extension": "^2.13.8",
199 "redux-mock-store": "^1.5.4"
200 },
201 "scripts": {
202 "start": "react-scripts start",
203 "build": "react-scripts build && mv build ./deploy/build",
204 "build-local": "react-scripts build",
205 "test": "react-scripts test",
206 "eject": "react-scripts eject"
207 },
208 "eslintConfig": {
209 "extends": "react-app"
210 },
211 "husky": {
212 "hooks": {
213 "pre-commit": "lint-staged"
214 }
215 },
216 "lint-staged": {
217 "*.{js,ts,tsx}": [
218 "eslint --fix"
219 ]
220 },
221 "browserslist": {
222 "production": [
223 ">0.2%",
224 "not dead",
225 "not op_mini all"
226 ],
227 "development": [
228 "last 1 chrome version",
229 "last 1 firefox version",
230 "last 1 safari version"
231 ]
232 }
233}
234 - name: Fix up git URLs
235 run: echo -e '[url "https://github.com/"]\n insteadOf = "git://github.com/"' >> ~/.gitconfig
236
That will change any git://github.com/
into https://github.com/
.
For all your repositories, you can set:
1Command: git
2Arguments: ls-remote --tags --heads git://github.com/adobe-webplatform/eve.git
3Directory: /home/runner/work/stackstream-fe/stackstream-fe
4Output:
5fatal: remote error:
6 The unauthenticated git protocol on port 9418 is no longer supported.
7 - name: Installing modules
8 run: yarn install
9 steps:
10 - name: Checkout
11 uses: actions/checkout@v2
12
13 - id: vars
14 run: |
15 if [ '${{ github.ref }}' == 'refs/heads/master' ]; then echo "::set-output name=environment::prod_stackstream" ; echo "::set-output name=api-url::api" ; elif [ '${{ github.ref }}' == 'refs/heads/staging' ]; then echo "::set-output name=environment::staging_stackstream" ; echo "::set-output name=api-url::stagingapi" ; else echo "::set-output name=environment::dev_stackstream" ; echo "::set-output name=api-url::devapi" ; fi
16
17 - uses: pCYSl5EDgo/cat@master
18 id: slack
19 with:
20 path: .github/workflows/slack.txt
21
22 - name: Slack Start Notification
23 uses: 8398a7/action-slack@v3
24 env:
25 SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
26 ENVIRONMENT: '`${{ steps.vars.outputs.environment }}`'
27 COLOR: good
28 STATUS: '`Started`'
29 with:
30 status: custom
31 fields: workflow,job,commit,repo,ref,author,took
32 custom_payload: |
33 ${{ steps.slack.outputs.text }}
34
35 - name: Installing modules
36 env:
37 REACT_APP_API_URL: 'https://${{ steps.vars.outputs.api-url }}mergestack.com/api/v1'
38 run: yarn install
39
40 - name: Create Frontend Build
41 env:
42 REACT_APP_API_URL: 'https://${{ steps.vars.outputs.api-url }}mergestack.com/api/v1'
43 run: yarn build
44
45 - name: Deploy to Frontend Server DEV
46 if: ${{ contains(github.ref, 'dev') }}
47 uses: easingthemes/ssh-deploy@v2.1.5
48 env:
49 SSH_PRIVATE_KEY: ${{ secrets.DEV_KEY }}
50 ARGS: '-rltgoDzvO --delete'
51 SOURCE: 'deploy/'
52 REMOTE_HOST: ${{ secrets.DEV_HOST }}
53 REMOTE_USER: plyfolio-dev
54 TARGET: '/home/plyfolio-dev/${{ steps.vars.outputs.environment }}/fe/deploy'
55 {
56 "name": "stackstream-fe",
57 "version": "1.0.0",
58 "authors": [
59 "fayyaznofal@gmail.com"
60 ],
61 "private": true,
62 "dependencies": {
63 "@fortawesome/fontawesome-svg-core": "^1.2.34",
64 "@fortawesome/free-solid-svg-icons": "^5.15.2",
65 "@fortawesome/react-fontawesome": "^0.1.14",
66 "@fullcalendar/bootstrap": "^5.5.0",
67 "@fullcalendar/core": "^5.5.0",
68 "@fullcalendar/daygrid": "^5.5.0",
69 "@fullcalendar/interaction": "^5.5.0",
70 "@fullcalendar/react": "^5.5.0",
71 "@lourenci/react-kanban": "^2.1.0",
72 "@redux-saga/simple-saga-monitor": "^1.1.2",
73 "@testing-library/jest-dom": "^5.11.9",
74 "@testing-library/react": "^11.2.3",
75 "@testing-library/user-event": "^12.6.0",
76 "@toast-ui/react-chart": "^1.0.2",
77 "@types/jest": "^26.0.14",
78 "@types/node": "^14.10.3",
79 "@types/react": "^16.9.49",
80 "@types/react-dom": "^16.9.8",
81 "@vtaits/react-color-picker": "^0.1.1",
82 "apexcharts": "^3.23.1",
83 "availity-reactstrap-validation": "^2.7.0",
84 "axios": "^0.21.1",
85 "axios-mock-adapter": "^1.19.0",
86 "axios-progress-bar": "^1.2.0",
87 "bootstrap": "^5.0.0-beta2",
88 "chart.js": "^2.9.4",
89 "chartist": "^0.11.4",
90 "classnames": "^2.2.6",
91 "components": "^0.1.0",
92 "dotenv": "^8.2.0",
93 "draft-js": "^0.11.7",
94 "echarts": "^4.9.0",
95 "echarts-for-react": "^2.0.16",
96 "firebase": "^8.2.3",
97 "google-maps-react": "^2.0.6",
98 "history": "^4.10.1",
99 "i": "^0.3.6",
100 "i18next": "^19.8.4",
101 "i18next-browser-languagedetector": "^6.0.1",
102 "jsonwebtoken": "^8.5.1",
103 "leaflet": "^1.7.1",
104 "lodash": "^4.17.21",
105 "lodash.clonedeep": "^4.5.0",
106 "lodash.get": "^4.4.2",
107 "metismenujs": "^1.2.1",
108 "mkdirp": "^1.0.4",
109 "moment": "2.29.1",
110 "moment-timezone": "^0.5.32",
111 "nouislider-react": "^3.3.9",
112 "npm": "^7.6.3",
113 "prop-types": "^15.7.2",
114 "query-string": "^6.14.0",
115 "react": "^16.13.1",
116 "react-apexcharts": "^1.3.7",
117 "react-auth-code-input": "^1.0.0",
118 "react-avatar": "^3.10.0",
119 "react-bootstrap": "^1.5.0",
120 "react-bootstrap-editable": "^0.8.2",
121 "react-bootstrap-sweetalert": "^5.2.0",
122 "react-bootstrap-table-next": "^4.0.3",
123 "react-bootstrap-table2-editor": "^1.4.0",
124 "react-bootstrap-table2-paginator": "^2.1.2",
125 "react-bootstrap-table2-toolkit": "^2.1.3",
126 "react-chartist": "^0.14.3",
127 "react-chartjs-2": "^2.11.1",
128 "react-color": "^2.19.3",
129 "react-confirm-alert": "^2.7.0",
130 "react-content-loader": "^6.0.1",
131 "react-countdown": "^2.3.1",
132 "react-countup": "^4.3.3",
133 "react-cropper": "^2.1.4",
134 "react-data-table-component": "^6.11.8",
135 "react-date-picker": "^8.0.6",
136 "react-datepicker": "^3.4.1",
137 "react-dom": "^16.13.1",
138 "react-draft-wysiwyg": "^1.14.5",
139 "react-drag-listview": "^0.1.8",
140 "react-drawer": "^1.3.4",
141 "react-dropzone": "^11.2.4",
142 "react-dual-listbox": "^2.0.0",
143 "react-facebook-login": "^4.1.1",
144 "react-flatpickr": "^3.10.6",
145 "react-google-login": "^5.2.2",
146 "react-hook-form": "^7.15.2",
147 "react-i18next": "^11.8.5",
148 "react-icons": "^4.2.0",
149 "react-image-lightbox": "^5.1.1",
150 "react-input-mask": "^2.0.4",
151 "react-jvectormap": "^0.0.16",
152 "react-leaflet": "^3.0.5",
153 "react-meta-tags": "^1.0.1",
154 "react-modal-video": "^1.2.6",
155 "react-notifications": "^1.7.2",
156 "react-number-format": "^4.7.3",
157 "react-perfect-scrollbar": "^1.5.8",
158 "react-rangeslider": "^2.2.0",
159 "react-rating": "^2.0.5",
160 "react-rating-tooltip": "^1.1.6",
161 "react-redux": "^7.2.1",
162 "react-responsive-carousel": "^3.2.11",
163 "react-router-dom": "^5.2.0",
164 "react-script": "^2.0.5",
165 "react-scripts": "3.4.3",
166 "react-select": "^4.3.1",
167 "react-sparklines": "^1.7.0",
168 "react-star-ratings": "^2.3.0",
169 "react-super-responsive-table": "^5.2.0",
170 "react-switch": "^6.0.0",
171 "react-table": "^7.6.3",
172 "react-toastify": "^7.0.3",
173 "react-toastr": "^3.0.0",
174 "react-twitter-auth": "0.0.13",
175 "reactstrap": "^8.8.1",
176 "recharts": "^2.0.8",
177 "redux": "^4.0.5",
178 "redux-saga": "^1.1.3",
179 "reselect": "^4.0.0",
180 "sass": "^1.37.5",
181 "simplebar-react": "^2.3.0",
182 "styled": "^1.0.0",
183 "styled-components": "^5.2.1",
184 "toastr": "^2.1.4",
185 "typescript": "^4.0.2",
186 "universal-cookie": "^4.0.4"
187 },
188 "devDependencies": {
189 "@typescript-eslint/eslint-plugin": "^2.27.0",
190 "@typescript-eslint/parser": "^2.27.0",
191 "@typescript-eslint/typescript-estree": "^4.15.2",
192 "eslint-config-prettier": "^6.10.1",
193 "eslint-plugin-prettier": "^3.1.2",
194 "husky": "^4.2.5",
195 "lint-staged": "^10.1.3",
196 "prettier": "^1.19.1",
197 "react-test-renderer": "^16.13.1",
198 "redux-devtools-extension": "^2.13.8",
199 "redux-mock-store": "^1.5.4"
200 },
201 "scripts": {
202 "start": "react-scripts start",
203 "build": "react-scripts build && mv build ./deploy/build",
204 "build-local": "react-scripts build",
205 "test": "react-scripts test",
206 "eject": "react-scripts eject"
207 },
208 "eslintConfig": {
209 "extends": "react-app"
210 },
211 "husky": {
212 "hooks": {
213 "pre-commit": "lint-staged"
214 }
215 },
216 "lint-staged": {
217 "*.{js,ts,tsx}": [
218 "eslint --fix"
219 ]
220 },
221 "browserslist": {
222 "production": [
223 ">0.2%",
224 "not dead",
225 "not op_mini all"
226 ],
227 "development": [
228 "last 1 chrome version",
229 "last 1 firefox version",
230 "last 1 safari version"
231 ]
232 }
233}
234 - name: Fix up git URLs
235 run: echo -e '[url "https://github.com/"]\n insteadOf = "git://github.com/"' >> ~/.gitconfig
236git config --global url."https://github.com/".insteadOf git://github.com/
237
You can also use SSH, but GitHub Security reminds us that, as of March 15th, 2022, GitHub stopped accepting DSA keys. RSA keys uploaded after Nov 2, 2021 will work only with SHA-2 signatures.
The deprecated MACs, ciphers, and unencrypted Git protocol are permanently disabled.
So this (with the right key) would work:
1Command: git
2Arguments: ls-remote --tags --heads git://github.com/adobe-webplatform/eve.git
3Directory: /home/runner/work/stackstream-fe/stackstream-fe
4Output:
5fatal: remote error:
6 The unauthenticated git protocol on port 9418 is no longer supported.
7 - name: Installing modules
8 run: yarn install
9 steps:
10 - name: Checkout
11 uses: actions/checkout@v2
12
13 - id: vars
14 run: |
15 if [ '${{ github.ref }}' == 'refs/heads/master' ]; then echo "::set-output name=environment::prod_stackstream" ; echo "::set-output name=api-url::api" ; elif [ '${{ github.ref }}' == 'refs/heads/staging' ]; then echo "::set-output name=environment::staging_stackstream" ; echo "::set-output name=api-url::stagingapi" ; else echo "::set-output name=environment::dev_stackstream" ; echo "::set-output name=api-url::devapi" ; fi
16
17 - uses: pCYSl5EDgo/cat@master
18 id: slack
19 with:
20 path: .github/workflows/slack.txt
21
22 - name: Slack Start Notification
23 uses: 8398a7/action-slack@v3
24 env:
25 SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
26 ENVIRONMENT: '`${{ steps.vars.outputs.environment }}`'
27 COLOR: good
28 STATUS: '`Started`'
29 with:
30 status: custom
31 fields: workflow,job,commit,repo,ref,author,took
32 custom_payload: |
33 ${{ steps.slack.outputs.text }}
34
35 - name: Installing modules
36 env:
37 REACT_APP_API_URL: 'https://${{ steps.vars.outputs.api-url }}mergestack.com/api/v1'
38 run: yarn install
39
40 - name: Create Frontend Build
41 env:
42 REACT_APP_API_URL: 'https://${{ steps.vars.outputs.api-url }}mergestack.com/api/v1'
43 run: yarn build
44
45 - name: Deploy to Frontend Server DEV
46 if: ${{ contains(github.ref, 'dev') }}
47 uses: easingthemes/ssh-deploy@v2.1.5
48 env:
49 SSH_PRIVATE_KEY: ${{ secrets.DEV_KEY }}
50 ARGS: '-rltgoDzvO --delete'
51 SOURCE: 'deploy/'
52 REMOTE_HOST: ${{ secrets.DEV_HOST }}
53 REMOTE_USER: plyfolio-dev
54 TARGET: '/home/plyfolio-dev/${{ steps.vars.outputs.environment }}/fe/deploy'
55 {
56 "name": "stackstream-fe",
57 "version": "1.0.0",
58 "authors": [
59 "fayyaznofal@gmail.com"
60 ],
61 "private": true,
62 "dependencies": {
63 "@fortawesome/fontawesome-svg-core": "^1.2.34",
64 "@fortawesome/free-solid-svg-icons": "^5.15.2",
65 "@fortawesome/react-fontawesome": "^0.1.14",
66 "@fullcalendar/bootstrap": "^5.5.0",
67 "@fullcalendar/core": "^5.5.0",
68 "@fullcalendar/daygrid": "^5.5.0",
69 "@fullcalendar/interaction": "^5.5.0",
70 "@fullcalendar/react": "^5.5.0",
71 "@lourenci/react-kanban": "^2.1.0",
72 "@redux-saga/simple-saga-monitor": "^1.1.2",
73 "@testing-library/jest-dom": "^5.11.9",
74 "@testing-library/react": "^11.2.3",
75 "@testing-library/user-event": "^12.6.0",
76 "@toast-ui/react-chart": "^1.0.2",
77 "@types/jest": "^26.0.14",
78 "@types/node": "^14.10.3",
79 "@types/react": "^16.9.49",
80 "@types/react-dom": "^16.9.8",
81 "@vtaits/react-color-picker": "^0.1.1",
82 "apexcharts": "^3.23.1",
83 "availity-reactstrap-validation": "^2.7.0",
84 "axios": "^0.21.1",
85 "axios-mock-adapter": "^1.19.0",
86 "axios-progress-bar": "^1.2.0",
87 "bootstrap": "^5.0.0-beta2",
88 "chart.js": "^2.9.4",
89 "chartist": "^0.11.4",
90 "classnames": "^2.2.6",
91 "components": "^0.1.0",
92 "dotenv": "^8.2.0",
93 "draft-js": "^0.11.7",
94 "echarts": "^4.9.0",
95 "echarts-for-react": "^2.0.16",
96 "firebase": "^8.2.3",
97 "google-maps-react": "^2.0.6",
98 "history": "^4.10.1",
99 "i": "^0.3.6",
100 "i18next": "^19.8.4",
101 "i18next-browser-languagedetector": "^6.0.1",
102 "jsonwebtoken": "^8.5.1",
103 "leaflet": "^1.7.1",
104 "lodash": "^4.17.21",
105 "lodash.clonedeep": "^4.5.0",
106 "lodash.get": "^4.4.2",
107 "metismenujs": "^1.2.1",
108 "mkdirp": "^1.0.4",
109 "moment": "2.29.1",
110 "moment-timezone": "^0.5.32",
111 "nouislider-react": "^3.3.9",
112 "npm": "^7.6.3",
113 "prop-types": "^15.7.2",
114 "query-string": "^6.14.0",
115 "react": "^16.13.1",
116 "react-apexcharts": "^1.3.7",
117 "react-auth-code-input": "^1.0.0",
118 "react-avatar": "^3.10.0",
119 "react-bootstrap": "^1.5.0",
120 "react-bootstrap-editable": "^0.8.2",
121 "react-bootstrap-sweetalert": "^5.2.0",
122 "react-bootstrap-table-next": "^4.0.3",
123 "react-bootstrap-table2-editor": "^1.4.0",
124 "react-bootstrap-table2-paginator": "^2.1.2",
125 "react-bootstrap-table2-toolkit": "^2.1.3",
126 "react-chartist": "^0.14.3",
127 "react-chartjs-2": "^2.11.1",
128 "react-color": "^2.19.3",
129 "react-confirm-alert": "^2.7.0",
130 "react-content-loader": "^6.0.1",
131 "react-countdown": "^2.3.1",
132 "react-countup": "^4.3.3",
133 "react-cropper": "^2.1.4",
134 "react-data-table-component": "^6.11.8",
135 "react-date-picker": "^8.0.6",
136 "react-datepicker": "^3.4.1",
137 "react-dom": "^16.13.1",
138 "react-draft-wysiwyg": "^1.14.5",
139 "react-drag-listview": "^0.1.8",
140 "react-drawer": "^1.3.4",
141 "react-dropzone": "^11.2.4",
142 "react-dual-listbox": "^2.0.0",
143 "react-facebook-login": "^4.1.1",
144 "react-flatpickr": "^3.10.6",
145 "react-google-login": "^5.2.2",
146 "react-hook-form": "^7.15.2",
147 "react-i18next": "^11.8.5",
148 "react-icons": "^4.2.0",
149 "react-image-lightbox": "^5.1.1",
150 "react-input-mask": "^2.0.4",
151 "react-jvectormap": "^0.0.16",
152 "react-leaflet": "^3.0.5",
153 "react-meta-tags": "^1.0.1",
154 "react-modal-video": "^1.2.6",
155 "react-notifications": "^1.7.2",
156 "react-number-format": "^4.7.3",
157 "react-perfect-scrollbar": "^1.5.8",
158 "react-rangeslider": "^2.2.0",
159 "react-rating": "^2.0.5",
160 "react-rating-tooltip": "^1.1.6",
161 "react-redux": "^7.2.1",
162 "react-responsive-carousel": "^3.2.11",
163 "react-router-dom": "^5.2.0",
164 "react-script": "^2.0.5",
165 "react-scripts": "3.4.3",
166 "react-select": "^4.3.1",
167 "react-sparklines": "^1.7.0",
168 "react-star-ratings": "^2.3.0",
169 "react-super-responsive-table": "^5.2.0",
170 "react-switch": "^6.0.0",
171 "react-table": "^7.6.3",
172 "react-toastify": "^7.0.3",
173 "react-toastr": "^3.0.0",
174 "react-twitter-auth": "0.0.13",
175 "reactstrap": "^8.8.1",
176 "recharts": "^2.0.8",
177 "redux": "^4.0.5",
178 "redux-saga": "^1.1.3",
179 "reselect": "^4.0.0",
180 "sass": "^1.37.5",
181 "simplebar-react": "^2.3.0",
182 "styled": "^1.0.0",
183 "styled-components": "^5.2.1",
184 "toastr": "^2.1.4",
185 "typescript": "^4.0.2",
186 "universal-cookie": "^4.0.4"
187 },
188 "devDependencies": {
189 "@typescript-eslint/eslint-plugin": "^2.27.0",
190 "@typescript-eslint/parser": "^2.27.0",
191 "@typescript-eslint/typescript-estree": "^4.15.2",
192 "eslint-config-prettier": "^6.10.1",
193 "eslint-plugin-prettier": "^3.1.2",
194 "husky": "^4.2.5",
195 "lint-staged": "^10.1.3",
196 "prettier": "^1.19.1",
197 "react-test-renderer": "^16.13.1",
198 "redux-devtools-extension": "^2.13.8",
199 "redux-mock-store": "^1.5.4"
200 },
201 "scripts": {
202 "start": "react-scripts start",
203 "build": "react-scripts build && mv build ./deploy/build",
204 "build-local": "react-scripts build",
205 "test": "react-scripts test",
206 "eject": "react-scripts eject"
207 },
208 "eslintConfig": {
209 "extends": "react-app"
210 },
211 "husky": {
212 "hooks": {
213 "pre-commit": "lint-staged"
214 }
215 },
216 "lint-staged": {
217 "*.{js,ts,tsx}": [
218 "eslint --fix"
219 ]
220 },
221 "browserslist": {
222 "production": [
223 ">0.2%",
224 "not dead",
225 "not op_mini all"
226 ],
227 "development": [
228 "last 1 chrome version",
229 "last 1 firefox version",
230 "last 1 safari version"
231 ]
232 }
233}
234 - name: Fix up git URLs
235 run: echo -e '[url "https://github.com/"]\n insteadOf = "git://github.com/"' >> ~/.gitconfig
236git config --global url."https://github.com/".insteadOf git://github.com/
237git config --global url."git@github.com:".insteadOf git://github.com/
238
That will change any git://github.com/
(unencrypted Git protocol) into git@github.com:
(SSH URL).
QUESTION
Spring Cloud Config Server GitHub SHA-1 error
Asked 2022-Mar-22 at 03:13This is regarding a Spring Cloud Config Server hobby project (with @EnableConfigServer
).
Yesterday, the application could be started.
Today, the application failed to start because of a Git communication error.
From GitHub's official blog post, it is mentioned that SHA-1 is no longer supported starting from 15 March 2022. And that explains the results I'm getting these 2 days.
March 15, 2022
Changes made permanent.
We’ll permanently stop accepting DSA keys. RSA keys uploaded after the cut-off point above will work only with SHA-2 signatures (but again, RSA keys uploaded before this date will continue to work with SHA-1). The deprecated MACs, ciphers, and unencrypted Git protocol will be permanently disabled.
Even if I didn't delete the existing SSH key, it still failed to start today. But anyway, now the only key under the "Deploy keys" section of the repository settings is an SSH key that was added after the March 15, 2022 cut off date.
Dependency versions
Dependency Management:
Dependency | Version |
---|---|
spring-cloud-dependencies | Hoxton.SR12 |
Dependency:
Dependency | Version |
---|---|
spring-cloud-config-server | (Managed) |
Spring application configurations
application.yml
:
1spring:
2 cloud:
3 config:
4 server:
5 git:
6 ignore-local-ssh-settings: true
7 uri: git@github.com:xxx/xxx.git
8 private-key: |
9 -----BEGIN RSA PRIVATE KEY-----
10 (omitted)
11 -----END RSA PRIVATE KEY-----
12
Additional information
The involved repo is a GitHub private repo configured with an SSH key under the "Deploy keys" settings section.
I have been generating the SSH key pairs according to the Spring Cloud Config official documentation.
Error
From the console log, I see:
ERROR: You're using an RSA key with SHA-1, which is no longer allowed. Please use a newer client or a different key type. Please see https://github.blog/2021-09-01-improving-git-protocol-security-github/ for more information.
This comes from JGit as a org.eclipse.jgit.errors.NoRemoteRepositoryException
.
Question and my attempt to fix the issue
I tried upgrading the Spring Cloud dependency management version to the latest available in Maven repository, i.e. 2021.0.1
, as it uses a newer version of JGit.
However, I'm still facing the same error.
If I just switch to GitLab with the exact same configurations, it just works regardless of the Spring Cloud dependency version and the JGit version.
What else can I do if I want to use GitHub?
ANSWER
Answered 2022-Mar-16 at 14:07I have a same problem.
See https://github.com/spring-cloud/spring-cloud-config/issues/2061
For right now, I have a dirty workaround: use https uri, username and password(maybe personal secret token).
1spring:
2 cloud:
3 config:
4 server:
5 git:
6 ignore-local-ssh-settings: true
7 uri: git@github.com:xxx/xxx.git
8 private-key: |
9 -----BEGIN RSA PRIVATE KEY-----
10 (omitted)
11 -----END RSA PRIVATE KEY-----
12spring:
13 cloud:
14 config:
15 server:
16 git:
17 uri: https://github.com/org/repo
18 username: ...
19 password: ...
20
QUESTION
Eclipse/Git: "You're using an RSA key with SHA-1, which is no longer allowed. Please use a newer client or a different key type."
Asked 2022-Mar-18 at 13:27I created a public key in Git using ssh-keygen
which was successfully created as .ssh/id_rsa.pub
.
I then uploaded it to GitHub in my SSH Keys, and "Authorized" its SSO feature. Everything is uploaded now.
When cloning a repository in Eclipse, I get the following message
ANSWER
Answered 2022-Mar-18 at 13:27I had to generate an ECDSA key, not an RSA key. Not sure why, but none of the RSA options worked for me, including the default.
1ssh-keygen -t ecdsa -b 256 -m PEM
2
I got this from https://stackoverflow.com/a/71502531/1005607
Then I uploaded it to GitHub (after deleting my old key first), updated my Eclipse SSH2 private key to point to id_ecdsa
. Now I can clone repositories.
QUESTION
Connection reset when using jsch to connect to an sftp server hosted in azure
Asked 2022-Feb-18 at 18:21we are currently working with a cloud product that uses JSCH internally to connect to external sftp sources. Im investigating an connection reset exception that we are getting when trying to connect to azure sftp.
Using wireshark i determined that the problem occurs after we send the Client: Key Exchange Init. Establishing the same connection with filezilla we dont have this issue.
comparing the packages from jsch and filezilla i didn't see an obivious issue, but im not an expert on the ssh protocol. im gonna post both requests below if somebody could give me any pointers it would be greatly appreciated.
Request with JSCH (not working)
Request with Filezilla (working)
Response with Filezilla (working)
See below for the log output:
1INFO: Connecting to ***** port 22
2INFO: Connection established
3INFO: Remote version string: SSH-2.0-AzureSSH_1.0.0
4INFO: Local version string: SSH-2.0-JSCH-0.1.54
5INFO: CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
6INFO: CheckKexes: diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
7INFO: CheckSignatures: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
8INFO: SSH_MSG_KEXINIT sent
9INFO: Disconnecting from **** port 22
10com.jcraft.jsch.JSchException: Session.connect: java.net.SocketException: Connection reset
11
EDIT: following jameses suggestion i got the same result, connection closed but the client request only had the supported algos as payload. So i tried to replicate the FileZilla request by setting the jsch config regardless if jsch actually supports the algo, i just wanted to see if there is any respone.
But for some reason the connection still gets terminated
ANSWER
Answered 2022-Feb-03 at 08:09i wanted to post a quick update for anybody that is having the same issue, i opened a similiar question on the microsoft q&a site and looks like it's an issue on the azure side that they are working on fixing for GA Microsoft Q&A
QUESTION
nexus-staging-maven-plugin: maven deploy failed: An API incompatibility was encountered while executing
Asked 2022-Feb-11 at 22:39This worked fine for me be building under Java 8. Now under Java 17.01 I get this when I do mvn deploy.
mvn install works fine. I tried 3.6.3 and 3.8.4 and updated (I think) all my plugins to the newest versions.
Any ideas?
1[ERROR] Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy (injected-nexus-deploy) on project persism: Execution injected-nexus-deploy of goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:de
2ploy failed: An API incompatibility was encountered while executing org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
3
4
5[ERROR] import: Entry[import from realm ClassRealm[maven.api, parent: null]]
6[ERROR]
7[ERROR] -----------------------------------------------------
8[ERROR] : Unable to make field private final java.util.Comparator java.util.TreeMap.comparator accessible: module java.base does not "opens java.util" to unnamed module @149f5761
9[ERROR] -> [Help 1]
10org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy (injected-nexus-deploy) on project persism: Execution injected-nexus-deploy of goal org.sona
11type.plugins:nexus-staging-maven-plugin:1.6.8:deploy failed: An API incompatibility was encountered while executing org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
12
13Caused by: org.apache.maven.plugin.PluginExecutionException: Execution injected-nexus-deploy of goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy failed: An API incompatibility was encountered while executing org.son
14atype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
15
POM:
1[ERROR] Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy (injected-nexus-deploy) on project persism: Execution injected-nexus-deploy of goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:de
2ploy failed: An API incompatibility was encountered while executing org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
3
4
5[ERROR] import: Entry[import from realm ClassRealm[maven.api, parent: null]]
6[ERROR]
7[ERROR] -----------------------------------------------------
8[ERROR] : Unable to make field private final java.util.Comparator java.util.TreeMap.comparator accessible: module java.base does not "opens java.util" to unnamed module @149f5761
9[ERROR] -> [Help 1]
10org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy (injected-nexus-deploy) on project persism: Execution injected-nexus-deploy of goal org.sona
11type.plugins:nexus-staging-maven-plugin:1.6.8:deploy failed: An API incompatibility was encountered while executing org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
12
13Caused by: org.apache.maven.plugin.PluginExecutionException: Execution injected-nexus-deploy of goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy failed: An API incompatibility was encountered while executing org.son
14atype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
15<?xml version="1.0" encoding="UTF-8"?>
16<project xmlns="http://maven.apache.org/POM/4.0.0"
17 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
18 xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
19 <modelVersion>4.0.0</modelVersion>
20
21 <groupId>io.github.sproket</groupId>
22 <artifactId>persism</artifactId>
23 <version>2.0.0</version>
24 <packaging>jar</packaging>
25
26
27 <build>
28 <sourceDirectory>./src</sourceDirectory>
29 <testSourceDirectory>./test</testSourceDirectory>
30 <testResources>
31 <testResource>
32 <directory>./test</directory>
33 <!-- <includes>-->
34 <!-- <include>*.*</include>-->
35 <!-- </includes>-->
36 </testResource>
37 </testResources>
38 <plugins>
39 <plugin>
40 <groupId>org.apache.maven.plugins</groupId>
41 <artifactId>maven-compiler-plugin</artifactId>
42 <version>3.8.1</version>
43 <!-- MSSQL does not seem to able to connect with 16 -->
44 <configuration>
45 <source>17</source>
46 <target>17</target>
47<!-- <compilerArgs>-->
48<!-- <arg>-parameters</arg>-->
49<!-- </compilerArgs>-->
50 </configuration>
51 </plugin>
52
53 <plugin>
54 <groupId>org.apache.maven.plugins</groupId>
55 <artifactId>maven-jar-plugin</artifactId>
56 <version>3.2.0</version>
57 <configuration>
58 <archive>
59 <manifestEntries>
60 <Automatic-Module-Name>sproket.github.io.persism</Automatic-Module-Name>
61 </manifestEntries>
62 </archive>
63 </configuration>
64 </plugin>
65
66 <plugin>
67 <groupId>org.apache.maven.plugins</groupId>
68 <artifactId>maven-source-plugin</artifactId>
69 <version>3.2.1</version>
70 <executions>
71 <execution>
72 <id>attach-sources</id>
73 <goals>
74 <goal>jar-no-fork</goal>
75 </goals>
76 </execution>
77 </executions>
78 </plugin>
79 <plugin>
80 <groupId>org.apache.maven.plugins</groupId>
81 <artifactId>maven-javadoc-plugin</artifactId>
82 <version>3.2.0</version>
83 <configuration>
84 <excludePackageNames>net.sf.persism.log*;net.sf.persism.logging.*</excludePackageNames>
85 <source>17</source>
86 </configuration>
87 <executions>
88 <execution>
89 <id>attach-javadocs</id>
90 <goals>
91 <goal>jar</goal>
92 </goals>
93 </execution>
94 </executions>
95 </plugin>
96 <plugin>
97 <artifactId>maven-surefire-plugin</artifactId>
98 <version>3.0.0-M5</version>
99 <configuration>
100 <excludedGroups>net.sf.persism.categories.ExternalDB,net.sf.persism.categories.TestContainerDB
101 </excludedGroups>
102 </configuration>
103 </plugin>
104 <plugin>
105 <groupId>org.sonatype.plugins</groupId>
106 <artifactId>nexus-staging-maven-plugin</artifactId>
107 <version>1.6.8</version>
108 <extensions>true</extensions>
109 <configuration>
110 <serverId>ossrh</serverId>
111 <nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>
112 <autoReleaseAfterClose>true</autoReleaseAfterClose>
113 </configuration>
114 </plugin>
115
116 </plugins>
117 </build>
118
119 <name>persism</name>
120 <description>A zero ceremony ORM for Java</description>
121 <url>https://github.com/sproket/Persism</url>
122
123 <properties>
124 <java.version>17</java.version>
125 <maven.compiler.release>17</maven.compiler.release>
126 <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
127 </properties>
128
129 <licenses>
130 <license>
131 <name>BSD-3-Clause License</name>
132 <url>https://github.com/sproket/Persism/blob/master/license.txt</url>
133 </license>
134 </licenses>
135
136 <developers>
137 <developer>
138 <name>Dan Howard</name>
139 <email>--------------------------</email>
140 <organization>io.github</organization>
141 <organizationUrl>https://sproket.github.io/Persism/</organizationUrl>
142 </developer>
143 </developers>
144
145 <distributionManagement>
146 <snapshotRepository>
147 <id>ossrh</id>
148 <url>https://s01.oss.sonatype.org/content/repositories/snapshots</url>
149 </snapshotRepository>
150 <repository>
151 <id>ossrh</id>
152 <url>https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/</url>
153 </repository>
154 </distributionManagement>
155
156 <scm>
157 <connection>scm:git:git://github.com/sproket/Persism.git</connection>
158 <developerConnection>scm:git:ssh://github.com/sproket/Persism.git</developerConnection>
159 <url>https://github.com/sproket/Persism</url>
160 </scm>
161
162 <profiles>
163 <profile>
164 <id>include-test-containers-db</id>
165 <activation>
166 <activeByDefault>false</activeByDefault>
167 </activation>
168 <build>
169 <plugins>
170 <plugin>
171 <artifactId>maven-surefire-plugin</artifactId>
172 <version>3.0.0-M5</version>
173 <configuration>
174 <excludedGroups>net.sf.persism.categories.ExternalDB</excludedGroups>
175 </configuration>
176 </plugin>
177 </plugins>
178 </build>
179 </profile>
180
181 <profile>
182 <id>exclude-test-containers-db</id>
183 <activation>
184 <activeByDefault>false</activeByDefault>
185 </activation>
186 <build>
187 <plugins>
188 <plugin>
189 <artifactId>maven-surefire-plugin</artifactId>
190 <version>3.0.0-M5</version>
191 <configuration>
192 <excludedGroups>net.sf.persism.categories.TestContainerDB</excludedGroups>
193 </configuration>
194 </plugin>
195 </plugins>
196 </build>
197 </profile>
198
199 <profile>
200 <id>release</id>
201 <build>
202 <plugins>
203 <plugin>
204 <groupId>org.apache.maven.plugins</groupId>
205 <artifactId>maven-jar-plugin</artifactId>
206 <version>3.2.0</version>
207 <configuration>
208 <archive>
209 <manifestEntries>
210 <Automatic-Module-Name>sproket.github.io.persism</Automatic-Module-Name>
211 </manifestEntries>
212 </archive>
213 </configuration>
214 </plugin>
215 <plugin>
216 <groupId>org.apache.maven.plugins</groupId>
217 <artifactId>maven-source-plugin</artifactId>
218 <version>3.2.1</version>
219 <executions>
220 <execution>
221 <id>attach-sources</id>
222 <goals>
223 <goal>jar-no-fork</goal>
224 </goals>
225 </execution>
226 </executions>
227 </plugin>
228 <plugin>
229 <groupId>org.apache.maven.plugins</groupId>
230 <artifactId>maven-javadoc-plugin</artifactId>
231 <version>3.2.0</version>
232 <executions>
233 <execution>
234 <id>attach-javadocs</id>
235 <goals>
236 <goal>jar</goal>
237 </goals>
238 <configuration>
239 <release>17</release>
240 </configuration>
241 </execution>
242 </executions>
243 </plugin>
244 <plugin>
245 <groupId>org.apache.maven.plugins</groupId>
246 <artifactId>maven-gpg-plugin</artifactId>
247 <version>3.0.1</version>
248 <executions>
249 <execution>
250 <id>sign-artifacts</id>
251 <phase>verify</phase>
252 <goals>
253 <goal>sign</goal>
254 </goals>
255 </execution>
256 </executions>
257 </plugin>
258 </plugins>
259 </build>
260 </profile>
261 </profiles>
262
263
264 <dependencies>
265 <dependency>
266 <groupId>junit</groupId>
267 <artifactId>junit</artifactId>
268 <version>4.13.2</version>
269 <scope>test</scope>
270 </dependency>
271 <dependency>
272 <groupId>com.carrotsearch</groupId>
273 <artifactId>junit-benchmarks</artifactId>
274 <version>0.7.2</version>
275 <scope>test</scope>
276 </dependency>
277 <dependency>
278 <groupId>org.testcontainers</groupId>
279 <artifactId>testcontainers</artifactId>
280 <version>1.15.2</version>
281 <scope>test</scope>
282 </dependency>
283 <dependency>
284 <groupId>ch.qos.logback</groupId>
285 <artifactId>logback-classic</artifactId>
286 <version>1.2.7</version>
287 <scope>provided</scope>
288 </dependency>
289
290 <dependency>
291 <groupId>log4j</groupId>
292 <artifactId>log4j</artifactId>
293 <version>1.2.17</version>
294 <scope>provided</scope>
295 </dependency>
296
297 <dependency>
298 <groupId>org.apache.logging.log4j</groupId>
299 <artifactId>log4j-api</artifactId>
300 <version>2.14.1</version>
301 <scope>provided</scope>
302 </dependency>
303 <dependency>
304 <groupId>org.apache.logging.log4j</groupId>
305 <artifactId>log4j-core</artifactId>
306 <version>2.14.1</version>
307 <scope>provided</scope>
308 </dependency>
309
310
311 <dependency>
312 <groupId>commons-dbcp</groupId>
313 <artifactId>commons-dbcp</artifactId>
314 <version>1.4</version>
315 <scope>test</scope>
316 </dependency>
317
318 <dependency>
319 <groupId>org.firebirdsql.jdbc</groupId>
320 <artifactId>jaybird</artifactId>
321 <version>4.0.2.java8</version>
322 <scope>test</scope>
323 </dependency>
324
325 <dependency>
326 <groupId>org.firebirdsql</groupId>
327 <artifactId>firebird-testcontainers-java</artifactId>
328 <version>1.1.0</version>
329 <scope>test</scope>
330 </dependency>
331
332 <dependency>
333 <groupId>com.h2database</groupId>
334 <artifactId>h2</artifactId>
335 <version>1.4.200</version>
336 <scope>test</scope>
337 </dependency>
338
339 <dependency>
340 <!-- using older version as 2.5.1 collides with ucanaccess -->
341 <groupId>org.hsqldb</groupId>
342 <artifactId>hsqldb</artifactId>
343 <version>2.5.1</version>
344 <scope>test</scope>
345 <!-- <classifier>debug</classifier>-->
346 </dependency>
347
348 <dependency>
349 <groupId>org.apache.derby</groupId>
350 <artifactId>derby</artifactId>
351 <version>10.8.2.2</version>
352 <scope>test</scope>
353 </dependency>
354
355 <!-- OR -Djdk.tls.client.protocols=TLSv1 -->
356 <dependency>
357 <groupId>com.microsoft.sqlserver</groupId>
358 <artifactId>mssql-jdbc</artifactId>
359 <version>8.4.1.jre8</version>
360 <scope>test</scope>
361 </dependency>
362
363 <dependency>
364 <groupId>org.testcontainers</groupId>
365 <artifactId>mssqlserver</artifactId>
366 <version>1.15.2</version>
367 <scope>test</scope>
368 </dependency>
369
370 <dependency>
371 <groupId>mysql</groupId>
372 <artifactId>mysql-connector-java</artifactId>
373 <version>8.0.23</version>
374 <scope>test</scope>
375 </dependency>
376
377 <dependency>
378 <groupId>org.testcontainers</groupId>
379 <artifactId>mysql</artifactId>
380 <version>1.15.2</version>
381 <scope>test</scope>
382 </dependency>
383
384 <dependency>
385 <groupId>net.sourceforge.jtds</groupId>
386 <artifactId>jtds</artifactId>
387 <version>1.3.1</version>
388 <scope>test</scope>
389 </dependency>
390
391 <dependency>
392 <groupId>com.oracle.database.jdbc</groupId>
393 <artifactId>ojdbc8</artifactId>
394 <version>21.3.0.0</version>
395 <scope>test</scope>
396 </dependency>
397
398 <!-- <dependency>-->
399 <!-- <groupId>com.oracle</groupId>-->
400 <!-- <artifactId>ojdbc6</artifactId>-->
401 <!-- <version>11.2.0.4</version>-->
402 <!-- <scope>test</scope>-->
403 <!-- </dependency>-->
404
405 <dependency>
406 <groupId>org.postgresql</groupId>
407 <artifactId>postgresql</artifactId>
408 <version>9.2-1004-jdbc41</version>
409 <scope>test</scope>
410 </dependency>
411 <dependency>
412 <groupId>org.testcontainers</groupId>
413 <artifactId>postgresql</artifactId>
414 <version>1.15.2</version>
415 <scope>test</scope>
416 </dependency>
417
418 <dependency>
419 <groupId>org.xerial</groupId>
420 <artifactId>sqlite-jdbc</artifactId>
421 <version>3.34.0</version>
422 <scope>test</scope>
423 </dependency>
424
425 <dependency>
426 <groupId>net.sf.ucanaccess</groupId>
427 <artifactId>ucanaccess</artifactId>
428 <version>5.0.1</version>
429 <scope>test</scope>
430 </dependency>
431
432 <dependency>
433 <groupId>com.ibm.informix</groupId>
434 <artifactId>informix-jdbc-complete</artifactId>
435 <version>4.50.4.1</version>
436 <scope>test</scope>
437 </dependency>
438
439 <dependency>
440 <groupId>com.toddfast.typeconverter</groupId>
441 <artifactId>typeconverter</artifactId>
442 <version>1.0</version>
443 <scope>test</scope>
444 </dependency>
445
446 <dependency>
447 <groupId>org.reflections</groupId>
448 <artifactId>reflections</artifactId>
449 <version>0.9.11</version>
450 <scope>test</scope>
451 </dependency>
452
453 <!-- https://mvnrepository.com/artifact/javax.persistence/javax.persistence-api -->
454 <dependency>
455 <groupId>javax.persistence</groupId>
456 <artifactId>javax.persistence-api</artifactId>
457 <version>2.2</version>
458 <scope>test</scope>
459 </dependency>
460
461
462 <!-- https://mvnrepository.com/artifact/org.codehaus.mojo/cobertura-maven-plugin -->
463 <!-- DOES NOT WORK with JAVA 8 + -->
464 <!-- <dependency>-->
465 <!-- <groupId>org.codehaus.mojo</groupId>-->
466 <!-- <artifactId>cobertura-maven-plugin</artifactId>-->
467 <!-- <version>2.7</version>-->
468 <!-- <scope>test</scope>-->
469 <!-- <exclusions>-->
470 <!-- <exclusion>-->
471 <!-- <groupId>com.sun</groupId>-->
472 <!-- <artifactId>tools</artifactId>-->
473 <!-- </exclusion>-->
474 <!-- </exclusions>-->
475 <!-- </dependency>-->
476
477
478 </dependencies>
479
480</project>
481
ANSWER
Answered 2022-Feb-11 at 22:39Update: Version 1.6.9 has been released and should fix this issue! 🎉
This is actually a known bug, which is now open for quite a while: OSSRH-66257. There are two known workarounds:
1. Open ModulesAs a workaround, use --add-opens
to give the library causing the problem access to the required classes:
1[ERROR] Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy (injected-nexus-deploy) on project persism: Execution injected-nexus-deploy of goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:de
2ploy failed: An API incompatibility was encountered while executing org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
3
4
5[ERROR] import: Entry[import from realm ClassRealm[maven.api, parent: null]]
6[ERROR]
7[ERROR] -----------------------------------------------------
8[ERROR] : Unable to make field private final java.util.Comparator java.util.TreeMap.comparator accessible: module java.base does not "opens java.util" to unnamed module @149f5761
9[ERROR] -> [Help 1]
10org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy (injected-nexus-deploy) on project persism: Execution injected-nexus-deploy of goal org.sona
11type.plugins:nexus-staging-maven-plugin:1.6.8:deploy failed: An API incompatibility was encountered while executing org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
12
13Caused by: org.apache.maven.plugin.PluginExecutionException: Execution injected-nexus-deploy of goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy failed: An API incompatibility was encountered while executing org.son
14atype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
15<?xml version="1.0" encoding="UTF-8"?>
16<project xmlns="http://maven.apache.org/POM/4.0.0"
17 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
18 xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
19 <modelVersion>4.0.0</modelVersion>
20
21 <groupId>io.github.sproket</groupId>
22 <artifactId>persism</artifactId>
23 <version>2.0.0</version>
24 <packaging>jar</packaging>
25
26
27 <build>
28 <sourceDirectory>./src</sourceDirectory>
29 <testSourceDirectory>./test</testSourceDirectory>
30 <testResources>
31 <testResource>
32 <directory>./test</directory>
33 <!-- <includes>-->
34 <!-- <include>*.*</include>-->
35 <!-- </includes>-->
36 </testResource>
37 </testResources>
38 <plugins>
39 <plugin>
40 <groupId>org.apache.maven.plugins</groupId>
41 <artifactId>maven-compiler-plugin</artifactId>
42 <version>3.8.1</version>
43 <!-- MSSQL does not seem to able to connect with 16 -->
44 <configuration>
45 <source>17</source>
46 <target>17</target>
47<!-- <compilerArgs>-->
48<!-- <arg>-parameters</arg>-->
49<!-- </compilerArgs>-->
50 </configuration>
51 </plugin>
52
53 <plugin>
54 <groupId>org.apache.maven.plugins</groupId>
55 <artifactId>maven-jar-plugin</artifactId>
56 <version>3.2.0</version>
57 <configuration>
58 <archive>
59 <manifestEntries>
60 <Automatic-Module-Name>sproket.github.io.persism</Automatic-Module-Name>
61 </manifestEntries>
62 </archive>
63 </configuration>
64 </plugin>
65
66 <plugin>
67 <groupId>org.apache.maven.plugins</groupId>
68 <artifactId>maven-source-plugin</artifactId>
69 <version>3.2.1</version>
70 <executions>
71 <execution>
72 <id>attach-sources</id>
73 <goals>
74 <goal>jar-no-fork</goal>
75 </goals>
76 </execution>
77 </executions>
78 </plugin>
79 <plugin>
80 <groupId>org.apache.maven.plugins</groupId>
81 <artifactId>maven-javadoc-plugin</artifactId>
82 <version>3.2.0</version>
83 <configuration>
84 <excludePackageNames>net.sf.persism.log*;net.sf.persism.logging.*</excludePackageNames>
85 <source>17</source>
86 </configuration>
87 <executions>
88 <execution>
89 <id>attach-javadocs</id>
90 <goals>
91 <goal>jar</goal>
92 </goals>
93 </execution>
94 </executions>
95 </plugin>
96 <plugin>
97 <artifactId>maven-surefire-plugin</artifactId>
98 <version>3.0.0-M5</version>
99 <configuration>
100 <excludedGroups>net.sf.persism.categories.ExternalDB,net.sf.persism.categories.TestContainerDB
101 </excludedGroups>
102 </configuration>
103 </plugin>
104 <plugin>
105 <groupId>org.sonatype.plugins</groupId>
106 <artifactId>nexus-staging-maven-plugin</artifactId>
107 <version>1.6.8</version>
108 <extensions>true</extensions>
109 <configuration>
110 <serverId>ossrh</serverId>
111 <nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>
112 <autoReleaseAfterClose>true</autoReleaseAfterClose>
113 </configuration>
114 </plugin>
115
116 </plugins>
117 </build>
118
119 <name>persism</name>
120 <description>A zero ceremony ORM for Java</description>
121 <url>https://github.com/sproket/Persism</url>
122
123 <properties>
124 <java.version>17</java.version>
125 <maven.compiler.release>17</maven.compiler.release>
126 <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
127 </properties>
128
129 <licenses>
130 <license>
131 <name>BSD-3-Clause License</name>
132 <url>https://github.com/sproket/Persism/blob/master/license.txt</url>
133 </license>
134 </licenses>
135
136 <developers>
137 <developer>
138 <name>Dan Howard</name>
139 <email>--------------------------</email>
140 <organization>io.github</organization>
141 <organizationUrl>https://sproket.github.io/Persism/</organizationUrl>
142 </developer>
143 </developers>
144
145 <distributionManagement>
146 <snapshotRepository>
147 <id>ossrh</id>
148 <url>https://s01.oss.sonatype.org/content/repositories/snapshots</url>
149 </snapshotRepository>
150 <repository>
151 <id>ossrh</id>
152 <url>https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/</url>
153 </repository>
154 </distributionManagement>
155
156 <scm>
157 <connection>scm:git:git://github.com/sproket/Persism.git</connection>
158 <developerConnection>scm:git:ssh://github.com/sproket/Persism.git</developerConnection>
159 <url>https://github.com/sproket/Persism</url>
160 </scm>
161
162 <profiles>
163 <profile>
164 <id>include-test-containers-db</id>
165 <activation>
166 <activeByDefault>false</activeByDefault>
167 </activation>
168 <build>
169 <plugins>
170 <plugin>
171 <artifactId>maven-surefire-plugin</artifactId>
172 <version>3.0.0-M5</version>
173 <configuration>
174 <excludedGroups>net.sf.persism.categories.ExternalDB</excludedGroups>
175 </configuration>
176 </plugin>
177 </plugins>
178 </build>
179 </profile>
180
181 <profile>
182 <id>exclude-test-containers-db</id>
183 <activation>
184 <activeByDefault>false</activeByDefault>
185 </activation>
186 <build>
187 <plugins>
188 <plugin>
189 <artifactId>maven-surefire-plugin</artifactId>
190 <version>3.0.0-M5</version>
191 <configuration>
192 <excludedGroups>net.sf.persism.categories.TestContainerDB</excludedGroups>
193 </configuration>
194 </plugin>
195 </plugins>
196 </build>
197 </profile>
198
199 <profile>
200 <id>release</id>
201 <build>
202 <plugins>
203 <plugin>
204 <groupId>org.apache.maven.plugins</groupId>
205 <artifactId>maven-jar-plugin</artifactId>
206 <version>3.2.0</version>
207 <configuration>
208 <archive>
209 <manifestEntries>
210 <Automatic-Module-Name>sproket.github.io.persism</Automatic-Module-Name>
211 </manifestEntries>
212 </archive>
213 </configuration>
214 </plugin>
215 <plugin>
216 <groupId>org.apache.maven.plugins</groupId>
217 <artifactId>maven-source-plugin</artifactId>
218 <version>3.2.1</version>
219 <executions>
220 <execution>
221 <id>attach-sources</id>
222 <goals>
223 <goal>jar-no-fork</goal>
224 </goals>
225 </execution>
226 </executions>
227 </plugin>
228 <plugin>
229 <groupId>org.apache.maven.plugins</groupId>
230 <artifactId>maven-javadoc-plugin</artifactId>
231 <version>3.2.0</version>
232 <executions>
233 <execution>
234 <id>attach-javadocs</id>
235 <goals>
236 <goal>jar</goal>
237 </goals>
238 <configuration>
239 <release>17</release>
240 </configuration>
241 </execution>
242 </executions>
243 </plugin>
244 <plugin>
245 <groupId>org.apache.maven.plugins</groupId>
246 <artifactId>maven-gpg-plugin</artifactId>
247 <version>3.0.1</version>
248 <executions>
249 <execution>
250 <id>sign-artifacts</id>
251 <phase>verify</phase>
252 <goals>
253 <goal>sign</goal>
254 </goals>
255 </execution>
256 </executions>
257 </plugin>
258 </plugins>
259 </build>
260 </profile>
261 </profiles>
262
263
264 <dependencies>
265 <dependency>
266 <groupId>junit</groupId>
267 <artifactId>junit</artifactId>
268 <version>4.13.2</version>
269 <scope>test</scope>
270 </dependency>
271 <dependency>
272 <groupId>com.carrotsearch</groupId>
273 <artifactId>junit-benchmarks</artifactId>
274 <version>0.7.2</version>
275 <scope>test</scope>
276 </dependency>
277 <dependency>
278 <groupId>org.testcontainers</groupId>
279 <artifactId>testcontainers</artifactId>
280 <version>1.15.2</version>
281 <scope>test</scope>
282 </dependency>
283 <dependency>
284 <groupId>ch.qos.logback</groupId>
285 <artifactId>logback-classic</artifactId>
286 <version>1.2.7</version>
287 <scope>provided</scope>
288 </dependency>
289
290 <dependency>
291 <groupId>log4j</groupId>
292 <artifactId>log4j</artifactId>
293 <version>1.2.17</version>
294 <scope>provided</scope>
295 </dependency>
296
297 <dependency>
298 <groupId>org.apache.logging.log4j</groupId>
299 <artifactId>log4j-api</artifactId>
300 <version>2.14.1</version>
301 <scope>provided</scope>
302 </dependency>
303 <dependency>
304 <groupId>org.apache.logging.log4j</groupId>
305 <artifactId>log4j-core</artifactId>
306 <version>2.14.1</version>
307 <scope>provided</scope>
308 </dependency>
309
310
311 <dependency>
312 <groupId>commons-dbcp</groupId>
313 <artifactId>commons-dbcp</artifactId>
314 <version>1.4</version>
315 <scope>test</scope>
316 </dependency>
317
318 <dependency>
319 <groupId>org.firebirdsql.jdbc</groupId>
320 <artifactId>jaybird</artifactId>
321 <version>4.0.2.java8</version>
322 <scope>test</scope>
323 </dependency>
324
325 <dependency>
326 <groupId>org.firebirdsql</groupId>
327 <artifactId>firebird-testcontainers-java</artifactId>
328 <version>1.1.0</version>
329 <scope>test</scope>
330 </dependency>
331
332 <dependency>
333 <groupId>com.h2database</groupId>
334 <artifactId>h2</artifactId>
335 <version>1.4.200</version>
336 <scope>test</scope>
337 </dependency>
338
339 <dependency>
340 <!-- using older version as 2.5.1 collides with ucanaccess -->
341 <groupId>org.hsqldb</groupId>
342 <artifactId>hsqldb</artifactId>
343 <version>2.5.1</version>
344 <scope>test</scope>
345 <!-- <classifier>debug</classifier>-->
346 </dependency>
347
348 <dependency>
349 <groupId>org.apache.derby</groupId>
350 <artifactId>derby</artifactId>
351 <version>10.8.2.2</version>
352 <scope>test</scope>
353 </dependency>
354
355 <!-- OR -Djdk.tls.client.protocols=TLSv1 -->
356 <dependency>
357 <groupId>com.microsoft.sqlserver</groupId>
358 <artifactId>mssql-jdbc</artifactId>
359 <version>8.4.1.jre8</version>
360 <scope>test</scope>
361 </dependency>
362
363 <dependency>
364 <groupId>org.testcontainers</groupId>
365 <artifactId>mssqlserver</artifactId>
366 <version>1.15.2</version>
367 <scope>test</scope>
368 </dependency>
369
370 <dependency>
371 <groupId>mysql</groupId>
372 <artifactId>mysql-connector-java</artifactId>
373 <version>8.0.23</version>
374 <scope>test</scope>
375 </dependency>
376
377 <dependency>
378 <groupId>org.testcontainers</groupId>
379 <artifactId>mysql</artifactId>
380 <version>1.15.2</version>
381 <scope>test</scope>
382 </dependency>
383
384 <dependency>
385 <groupId>net.sourceforge.jtds</groupId>
386 <artifactId>jtds</artifactId>
387 <version>1.3.1</version>
388 <scope>test</scope>
389 </dependency>
390
391 <dependency>
392 <groupId>com.oracle.database.jdbc</groupId>
393 <artifactId>ojdbc8</artifactId>
394 <version>21.3.0.0</version>
395 <scope>test</scope>
396 </dependency>
397
398 <!-- <dependency>-->
399 <!-- <groupId>com.oracle</groupId>-->
400 <!-- <artifactId>ojdbc6</artifactId>-->
401 <!-- <version>11.2.0.4</version>-->
402 <!-- <scope>test</scope>-->
403 <!-- </dependency>-->
404
405 <dependency>
406 <groupId>org.postgresql</groupId>
407 <artifactId>postgresql</artifactId>
408 <version>9.2-1004-jdbc41</version>
409 <scope>test</scope>
410 </dependency>
411 <dependency>
412 <groupId>org.testcontainers</groupId>
413 <artifactId>postgresql</artifactId>
414 <version>1.15.2</version>
415 <scope>test</scope>
416 </dependency>
417
418 <dependency>
419 <groupId>org.xerial</groupId>
420 <artifactId>sqlite-jdbc</artifactId>
421 <version>3.34.0</version>
422 <scope>test</scope>
423 </dependency>
424
425 <dependency>
426 <groupId>net.sf.ucanaccess</groupId>
427 <artifactId>ucanaccess</artifactId>
428 <version>5.0.1</version>
429 <scope>test</scope>
430 </dependency>
431
432 <dependency>
433 <groupId>com.ibm.informix</groupId>
434 <artifactId>informix-jdbc-complete</artifactId>
435 <version>4.50.4.1</version>
436 <scope>test</scope>
437 </dependency>
438
439 <dependency>
440 <groupId>com.toddfast.typeconverter</groupId>
441 <artifactId>typeconverter</artifactId>
442 <version>1.0</version>
443 <scope>test</scope>
444 </dependency>
445
446 <dependency>
447 <groupId>org.reflections</groupId>
448 <artifactId>reflections</artifactId>
449 <version>0.9.11</version>
450 <scope>test</scope>
451 </dependency>
452
453 <!-- https://mvnrepository.com/artifact/javax.persistence/javax.persistence-api -->
454 <dependency>
455 <groupId>javax.persistence</groupId>
456 <artifactId>javax.persistence-api</artifactId>
457 <version>2.2</version>
458 <scope>test</scope>
459 </dependency>
460
461
462 <!-- https://mvnrepository.com/artifact/org.codehaus.mojo/cobertura-maven-plugin -->
463 <!-- DOES NOT WORK with JAVA 8 + -->
464 <!-- <dependency>-->
465 <!-- <groupId>org.codehaus.mojo</groupId>-->
466 <!-- <artifactId>cobertura-maven-plugin</artifactId>-->
467 <!-- <version>2.7</version>-->
468 <!-- <scope>test</scope>-->
469 <!-- <exclusions>-->
470 <!-- <exclusion>-->
471 <!-- <groupId>com.sun</groupId>-->
472 <!-- <artifactId>tools</artifactId>-->
473 <!-- </exclusion>-->
474 <!-- </exclusions>-->
475 <!-- </dependency>-->
476
477
478 </dependencies>
479
480</project>
481export MAVEN_OPTS="--add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.lang.reflect=ALL-UNNAMED --add-opens=java.base/java.text=ALL-UNNAMED --add-opens=java.desktop/java.awt.font=ALL-UNNAMED"
482mvn deploy
483
Or you can update the library that causes the problem:
1[ERROR] Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy (injected-nexus-deploy) on project persism: Execution injected-nexus-deploy of goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:de
2ploy failed: An API incompatibility was encountered while executing org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
3
4
5[ERROR] import: Entry[import from realm ClassRealm[maven.api, parent: null]]
6[ERROR]
7[ERROR] -----------------------------------------------------
8[ERROR] : Unable to make field private final java.util.Comparator java.util.TreeMap.comparator accessible: module java.base does not "opens java.util" to unnamed module @149f5761
9[ERROR] -> [Help 1]
10org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy (injected-nexus-deploy) on project persism: Execution injected-nexus-deploy of goal org.sona
11type.plugins:nexus-staging-maven-plugin:1.6.8:deploy failed: An API incompatibility was encountered while executing org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
12
13Caused by: org.apache.maven.plugin.PluginExecutionException: Execution injected-nexus-deploy of goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy failed: An API incompatibility was encountered while executing org.son
14atype.plugins:nexus-staging-maven-plugin:1.6.8:deploy: java.lang.ExceptionInInitializerError: null
15<?xml version="1.0" encoding="UTF-8"?>
16<project xmlns="http://maven.apache.org/POM/4.0.0"
17 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
18 xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
19 <modelVersion>4.0.0</modelVersion>
20
21 <groupId>io.github.sproket</groupId>
22 <artifactId>persism</artifactId>
23 <version>2.0.0</version>
24 <packaging>jar</packaging>
25
26
27 <build>
28 <sourceDirectory>./src</sourceDirectory>
29 <testSourceDirectory>./test</testSourceDirectory>
30 <testResources>
31 <testResource>
32 <directory>./test</directory>
33 <!-- <includes>-->
34 <!-- <include>*.*</include>-->
35 <!-- </includes>-->
36 </testResource>
37 </testResources>
38 <plugins>
39 <plugin>
40 <groupId>org.apache.maven.plugins</groupId>
41 <artifactId>maven-compiler-plugin</artifactId>
42 <version>3.8.1</version>
43 <!-- MSSQL does not seem to able to connect with 16 -->
44 <configuration>
45 <source>17</source>
46 <target>17</target>
47<!-- <compilerArgs>-->
48<!-- <arg>-parameters</arg>-->
49<!-- </compilerArgs>-->
50 </configuration>
51 </plugin>
52
53 <plugin>
54 <groupId>org.apache.maven.plugins</groupId>
55 <artifactId>maven-jar-plugin</artifactId>
56 <version>3.2.0</version>
57 <configuration>
58 <archive>
59 <manifestEntries>
60 <Automatic-Module-Name>sproket.github.io.persism</Automatic-Module-Name>
61 </manifestEntries>
62 </archive>
63 </configuration>
64 </plugin>
65
66 <plugin>
67 <groupId>org.apache.maven.plugins</groupId>
68 <artifactId>maven-source-plugin</artifactId>
69 <version>3.2.1</version>
70 <executions>
71 <execution>
72 <id>attach-sources</id>
73 <goals>
74 <goal>jar-no-fork</goal>
75 </goals>
76 </execution>
77 </executions>
78 </plugin>
79 <plugin>
80 <groupId>org.apache.maven.plugins</groupId>
81 <artifactId>maven-javadoc-plugin</artifactId>
82 <version>3.2.0</version>
83 <configuration>
84 <excludePackageNames>net.sf.persism.log*;net.sf.persism.logging.*</excludePackageNames>
85 <source>17</source>
86 </configuration>
87 <executions>
88 <execution>
89 <id>attach-javadocs</id>
90 <goals>
91 <goal>jar</goal>
92 </goals>
93 </execution>
94 </executions>
95 </plugin>
96 <plugin>
97 <artifactId>maven-surefire-plugin</artifactId>
98 <version>3.0.0-M5</version>
99 <configuration>
100 <excludedGroups>net.sf.persism.categories.ExternalDB,net.sf.persism.categories.TestContainerDB
101 </excludedGroups>
102 </configuration>
103 </plugin>
104 <plugin>
105 <groupId>org.sonatype.plugins</groupId>
106 <artifactId>nexus-staging-maven-plugin</artifactId>
107 <version>1.6.8</version>
108 <extensions>true</extensions>
109 <configuration>
110 <serverId>ossrh</serverId>
111 <nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>
112 <autoReleaseAfterClose>true</autoReleaseAfterClose>
113 </configuration>
114 </plugin>
115
116 </plugins>
117 </build>
118
119 <name>persism</name>
120 <description>A zero ceremony ORM for Java</description>
121 <url>https://github.com/sproket/Persism</url>
122
123 <properties>
124 <java.version>17</java.version>
125 <maven.compiler.release>17</maven.compiler.release>
126 <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
127 </properties>
128
129 <licenses>
130 <license>
131 <name>BSD-3-Clause License</name>
132 <url>https://github.com/sproket/Persism/blob/master/license.txt</url>
133 </license>
134 </licenses>
135
136 <developers>
137 <developer>
138 <name>Dan Howard</name>
139 <email>--------------------------</email>
140 <organization>io.github</organization>
141 <organizationUrl>https://sproket.github.io/Persism/</organizationUrl>
142 </developer>
143 </developers>
144
145 <distributionManagement>
146 <snapshotRepository>
147 <id>ossrh</id>
148 <url>https://s01.oss.sonatype.org/content/repositories/snapshots</url>
149 </snapshotRepository>
150 <repository>
151 <id>ossrh</id>
152 <url>https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/</url>
153 </repository>
154 </distributionManagement>
155
156 <scm>
157 <connection>scm:git:git://github.com/sproket/Persism.git</connection>
158 <developerConnection>scm:git:ssh://github.com/sproket/Persism.git</developerConnection>
159 <url>https://github.com/sproket/Persism</url>
160 </scm>
161
162 <profiles>
163 <profile>
164 <id>include-test-containers-db</id>
165 <activation>
166 <activeByDefault>false</activeByDefault>
167 </activation>
168 <build>
169 <plugins>
170 <plugin>
171 <artifactId>maven-surefire-plugin</artifactId>
172 <version>3.0.0-M5</version>
173 <configuration>
174 <excludedGroups>net.sf.persism.categories.ExternalDB</excludedGroups>
175 </configuration>
176 </plugin>
177 </plugins>
178 </build>
179 </profile>
180
181 <profile>
182 <id>exclude-test-containers-db</id>
183 <activation>
184 <activeByDefault>false</activeByDefault>
185 </activation>
186 <build>
187 <plugins>
188 <plugin>
189 <artifactId>maven-surefire-plugin</artifactId>
190 <version>3.0.0-M5</version>
191 <configuration>
192 <excludedGroups>net.sf.persism.categories.TestContainerDB</excludedGroups>
193 </configuration>
194 </plugin>
195 </plugins>
196 </build>
197 </profile>
198
199 <profile>
200 <id>release</id>
201 <build>
202 <plugins>
203 <plugin>
204 <groupId>org.apache.maven.plugins</groupId>
205 <artifactId>maven-jar-plugin</artifactId>
206 <version>3.2.0</version>
207 <configuration>
208 <archive>
209 <manifestEntries>
210 <Automatic-Module-Name>sproket.github.io.persism</Automatic-Module-Name>
211 </manifestEntries>
212 </archive>
213 </configuration>
214 </plugin>
215 <plugin>
216 <groupId>org.apache.maven.plugins</groupId>
217 <artifactId>maven-source-plugin</artifactId>
218 <version>3.2.1</version>
219 <executions>
220 <execution>
221 <id>attach-sources</id>
222 <goals>
223 <goal>jar-no-fork</goal>
224 </goals>
225 </execution>
226 </executions>
227 </plugin>
228 <plugin>
229 <groupId>org.apache.maven.plugins</groupId>
230 <artifactId>maven-javadoc-plugin</artifactId>
231 <version>3.2.0</version>
232 <executions>
233 <execution>
234 <id>attach-javadocs</id>
235 <goals>
236 <goal>jar</goal>
237 </goals>
238 <configuration>
239 <release>17</release>
240 </configuration>
241 </execution>
242 </executions>
243 </plugin>
244 <plugin>
245 <groupId>org.apache.maven.plugins</groupId>
246 <artifactId>maven-gpg-plugin</artifactId>
247 <version>3.0.1</version>
248 <executions>
249 <execution>
250 <id>sign-artifacts</id>
251 <phase>verify</phase>
252 <goals>
253 <goal>sign</goal>
254 </goals>
255 </execution>
256 </executions>
257 </plugin>
258 </plugins>
259 </build>
260 </profile>
261 </profiles>
262
263
264 <dependencies>
265 <dependency>
266 <groupId>junit</groupId>
267 <artifactId>junit</artifactId>
268 <version>4.13.2</version>
269 <scope>test</scope>
270 </dependency>
271 <dependency>
272 <groupId>com.carrotsearch</groupId>
273 <artifactId>junit-benchmarks</artifactId>
274 <version>0.7.2</version>
275 <scope>test</scope>
276 </dependency>
277 <dependency>
278 <groupId>org.testcontainers</groupId>
279 <artifactId>testcontainers</artifactId>
280 <version>1.15.2</version>
281 <scope>test</scope>
282 </dependency>
283 <dependency>
284 <groupId>ch.qos.logback</groupId>
285 <artifactId>logback-classic</artifactId>
286 <version>1.2.7</version>
287 <scope>provided</scope>
288 </dependency>
289
290 <dependency>
291 <groupId>log4j</groupId>
292 <artifactId>log4j</artifactId>
293 <version>1.2.17</version>
294 <scope>provided</scope>
295 </dependency>
296
297 <dependency>
298 <groupId>org.apache.logging.log4j</groupId>
299 <artifactId>log4j-api</artifactId>
300 <version>2.14.1</version>
301 <scope>provided</scope>
302 </dependency>
303 <dependency>
304 <groupId>org.apache.logging.log4j</groupId>
305 <artifactId>log4j-core</artifactId>
306 <version>2.14.1</version>
307 <scope>provided</scope>
308 </dependency>
309
310
311 <dependency>
312 <groupId>commons-dbcp</groupId>
313 <artifactId>commons-dbcp</artifactId>
314 <version>1.4</version>
315 <scope>test</scope>
316 </dependency>
317
318 <dependency>
319 <groupId>org.firebirdsql.jdbc</groupId>
320 <artifactId>jaybird</artifactId>
321 <version>4.0.2.java8</version>
322 <scope>test</scope>
323 </dependency>
324
325 <dependency>
326 <groupId>org.firebirdsql</groupId>
327 <artifactId>firebird-testcontainers-java</artifactId>
328 <version>1.1.0</version>
329 <scope>test</scope>
330 </dependency>
331
332 <dependency>
333 <groupId>com.h2database</groupId>
334 <artifactId>h2</artifactId>
335 <version>1.4.200</version>
336 <scope>test</scope>
337 </dependency>
338
339 <dependency>
340 <!-- using older version as 2.5.1 collides with ucanaccess -->
341 <groupId>org.hsqldb</groupId>
342 <artifactId>hsqldb</artifactId>
343 <version>2.5.1</version>
344 <scope>test</scope>
345 <!-- <classifier>debug</classifier>-->
346 </dependency>
347
348 <dependency>
349 <groupId>org.apache.derby</groupId>
350 <artifactId>derby</artifactId>
351 <version>10.8.2.2</version>
352 <scope>test</scope>
353 </dependency>
354
355 <!-- OR -Djdk.tls.client.protocols=TLSv1 -->
356 <dependency>
357 <groupId>com.microsoft.sqlserver</groupId>
358 <artifactId>mssql-jdbc</artifactId>
359 <version>8.4.1.jre8</version>
360 <scope>test</scope>
361 </dependency>
362
363 <dependency>
364 <groupId>org.testcontainers</groupId>
365 <artifactId>mssqlserver</artifactId>
366 <version>1.15.2</version>
367 <scope>test</scope>
368 </dependency>
369
370 <dependency>
371 <groupId>mysql</groupId>
372 <artifactId>mysql-connector-java</artifactId>
373 <version>8.0.23</version>
374 <scope>test</scope>
375 </dependency>
376
377 <dependency>
378 <groupId>org.testcontainers</groupId>
379 <artifactId>mysql</artifactId>
380 <version>1.15.2</version>
381 <scope>test</scope>
382 </dependency>
383
384 <dependency>
385 <groupId>net.sourceforge.jtds</groupId>
386 <artifactId>jtds</artifactId>
387 <version>1.3.1</version>
388 <scope>test</scope>
389 </dependency>
390
391 <dependency>
392 <groupId>com.oracle.database.jdbc</groupId>
393 <artifactId>ojdbc8</artifactId>
394 <version>21.3.0.0</version>
395 <scope>test</scope>
396 </dependency>
397
398 <!-- <dependency>-->
399 <!-- <groupId>com.oracle</groupId>-->
400 <!-- <artifactId>ojdbc6</artifactId>-->
401 <!-- <version>11.2.0.4</version>-->
402 <!-- <scope>test</scope>-->
403 <!-- </dependency>-->
404
405 <dependency>
406 <groupId>org.postgresql</groupId>
407 <artifactId>postgresql</artifactId>
408 <version>9.2-1004-jdbc41</version>
409 <scope>test</scope>
410 </dependency>
411 <dependency>
412 <groupId>org.testcontainers</groupId>
413 <artifactId>postgresql</artifactId>
414 <version>1.15.2</version>
415 <scope>test</scope>
416 </dependency>
417
418 <dependency>
419 <groupId>org.xerial</groupId>
420 <artifactId>sqlite-jdbc</artifactId>
421 <version>3.34.0</version>
422 <scope>test</scope>
423 </dependency>
424
425 <dependency>
426 <groupId>net.sf.ucanaccess</groupId>
427 <artifactId>ucanaccess</artifactId>
428 <version>5.0.1</version>
429 <scope>test</scope>
430 </dependency>
431
432 <dependency>
433 <groupId>com.ibm.informix</groupId>
434 <artifactId>informix-jdbc-complete</artifactId>
435 <version>4.50.4.1</version>
436 <scope>test</scope>
437 </dependency>
438
439 <dependency>
440 <groupId>com.toddfast.typeconverter</groupId>
441 <artifactId>typeconverter</artifactId>
442 <version>1.0</version>
443 <scope>test</scope>
444 </dependency>
445
446 <dependency>
447 <groupId>org.reflections</groupId>
448 <artifactId>reflections</artifactId>
449 <version>0.9.11</version>
450 <scope>test</scope>
451 </dependency>
452
453 <!-- https://mvnrepository.com/artifact/javax.persistence/javax.persistence-api -->
454 <dependency>
455 <groupId>javax.persistence</groupId>
456 <artifactId>javax.persistence-api</artifactId>
457 <version>2.2</version>
458 <scope>test</scope>
459 </dependency>
460
461
462 <!-- https://mvnrepository.com/artifact/org.codehaus.mojo/cobertura-maven-plugin -->
463 <!-- DOES NOT WORK with JAVA 8 + -->
464 <!-- <dependency>-->
465 <!-- <groupId>org.codehaus.mojo</groupId>-->
466 <!-- <artifactId>cobertura-maven-plugin</artifactId>-->
467 <!-- <version>2.7</version>-->
468 <!-- <scope>test</scope>-->
469 <!-- <exclusions>-->
470 <!-- <exclusion>-->
471 <!-- <groupId>com.sun</groupId>-->
472 <!-- <artifactId>tools</artifactId>-->
473 <!-- </exclusion>-->
474 <!-- </exclusions>-->
475 <!-- </dependency>-->
476
477
478 </dependencies>
479
480</project>
481export MAVEN_OPTS="--add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.lang.reflect=ALL-UNNAMED --add-opens=java.base/java.text=ALL-UNNAMED --add-opens=java.desktop/java.awt.font=ALL-UNNAMED"
482mvn deploy
483<plugin>
484 <groupId>org.sonatype.plugins</groupId>
485 <artifactId>nexus-staging-maven-plugin</artifactId>
486 <version>1.6.8</version>
487 <extensions>true</extensions>
488 <configuration>
489 <serverId>ossrh</serverId>
490 <nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>
491 <autoReleaseAfterClose>true</autoReleaseAfterClose>
492 </configuration>
493 <dependencies>
494 <dependency>
495 <groupId>com.thoughtworks.xstream</groupId>
496 <artifactId>xstream</artifactId>
497 <version>1.4.15</version> <!-- apparently this needs to be exactly this version -->
498 </dependency>
499 </dependencies>
500</plugin>
501
QUESTION
Having difficulty to get SSH with a Yubikey working with macOS monterey
Asked 2022-Feb-06 at 01:52I'm following the FIDO U2F instructions on https://developers.yubico.com/SSH/ on macOS Monterey with openSSH 8.6 and run into the following issue:
1~ ssh-keygen -t ecdsa-sk -f ~/.ssh/id_ecdsa_sk
2Generating public/private ecdsa-sk key pair.
3You may need to touch your authenticator to authorize key generation.
4Key enrollment failed: unknown or unsupported key type
5
Anyone know what I'm missing here?
ANSWER
Answered 2022-Feb-06 at 01:52Use Homebrew's OpenSSH
1~ ssh-keygen -t ecdsa-sk -f ~/.ssh/id_ecdsa_sk
2Generating public/private ecdsa-sk key pair.
3You may need to touch your authenticator to authorize key generation.
4Key enrollment failed: unknown or unsupported key type
5$ brew install openssh
6
Once installed, you have to override the one in your PATH by putting the openssh folder at the beginning of your PATH
in your rc
file like this
1~ ssh-keygen -t ecdsa-sk -f ~/.ssh/id_ecdsa_sk
2Generating public/private ecdsa-sk key pair.
3You may need to touch your authenticator to authorize key generation.
4Key enrollment failed: unknown or unsupported key type
5$ brew install openssh
6$ export PATH=$(brew --prefix openssh)/bin:$PATH
7
Once you've done that and you've source
d your rc
file you should be able to generate your key
Tested on macOS Monterey and OpenSSH_8.8p1, OpenSSL 1.1.1l
QUESTION
Git Bash - ssh connection issue
Asked 2022-Jan-25 at 07:13Environment:
1OS: Windows-10
2Git Bash Version: 2.33.1
3OpenSSH_8.8p1, OpenSSL 1.1.1l 24 Aug 2021
4$ which ssh
5 /usr/bin/ssh
6
SSH connection to Gerrit Error:-
1OS: Windows-10
2Git Bash Version: 2.33.1
3OpenSSH_8.8p1, OpenSSL 1.1.1l 24 Aug 2021
4$ which ssh
5 /usr/bin/ssh
6$ ssh -p 29418 user@gerrit.example.com
7
8Unable to negotiate with gerrit.example.com port 29418: no matching host key type found. Their offer: ssh-rsa,ssh-dss
9
In Git-2.32.0
ssh connection to gerrit works. Is there any restriction enabled in latest git version?
ANSWER
Answered 2022-Jan-25 at 07:13Git For Windows 2.33.1 comes with OpenSSH 8.8 which disables RSA signatures using the SHA-1 hash algorithm by default.
For most users, this change should be invisible and there is no need to replace ssh-rsa keys.
OpenSSH has supported RFC8332 RSA/SHA-256/512 signatures since release 7.2 and existing ssh-rsa keys will automatically use the stronger algorithm where possible.Incompatibility is more likely when connecting to older SSH implementations that have not been upgraded or have not closely tracked improvements in the SSH protocol.
For these cases, it may be necessary to selectively re-enable RSA/SHA1 to allow connection and/or user authentication via the HostkeyAlgorithms and PubkeyAcceptedAlgorithms options.
For example, the following stanza in ~/.ssh/config will enable RSA/SHA1 for host and user authentication for a single destination host:
1OS: Windows-10
2Git Bash Version: 2.33.1
3OpenSSH_8.8p1, OpenSSL 1.1.1l 24 Aug 2021
4$ which ssh
5 /usr/bin/ssh
6$ ssh -p 29418 user@gerrit.example.com
7
8Unable to negotiate with gerrit.example.com port 29418: no matching host key type found. Their offer: ssh-rsa,ssh-dss
9Host old-host
10 HostkeyAlgorithms +ssh-rsa
11 PubkeyAcceptedAlgorithms +ssh-rsa
12
Note: Git for Windows 2.34.0 does not bring any new element/evolution on the SSH front.
Stefan Prodan (DX @weaveworks, creator of http://flagger.app and maintainer of http://fluxcd.io) mentions in this tweet:
GitHub has changed its host keys 💥
If you're using @fluxcd please see here how to update the known hosts keys on your Kubernetes clusters.
Stefan refers to fluxcd/flux2
discussion 2097:
GitHub has changed its SSH host keys from RSA to ECDSA!
To fix the key mismatch error, you have two options:
- Update the
known_hosts
in the flux-system secret with the ecdsa-sha2-nistp25 value:
github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg=
- Or rotate the SSH keys with flux boostrap like so:
- delete the deploy key secret from your cluster
kubectl -n flux-system delete secret flux-system
- rerun
flux bootstrap github
with the same arguments as beforeFlux will generate the secret with ecdsa-sha2 SSH key and Host key
More details on
fluxcd/source-controller
#490
Note: since Jan. 2022, the GitHub SSH Host key are available through a metadata endpoint api.github.com/meta
.
That includes the github.com ecdsa-sha2-nistp256
value.
QUESTION
Paramiko authentication fails with "Agreed upon 'rsa-sha2-512' pubkey algorithm" (and "unsupported public key algorithm: rsa-sha2-512" in sshd log)
Asked 2022-Jan-13 at 14:49I have a Python 3 application running on CentOS Linux 7.7 executing SSH commands against remote hosts. It works properly but today I encountered an odd error executing a command against a "new" remote server (server based on RHEL 6.10):
encountered RSA key, expected OPENSSH key
Executing the same command from the system shell (using the same private key of course) works perfectly fine.
On the remote server I discovered in /var/log/secure
that when SSH connection and commands are issued from the source server with Python (using Paramiko) sshd complains about unsupported public key algorithm:
userauth_pubkey: unsupported public key algorithm: rsa-sha2-512
Note that target servers with higher RHEL/CentOS like 7.x don't encounter the issue.
It seems like Paramiko picks/offers the wrong algorithm when negotiating with the remote server when on the contrary SSH shell performs the negotiation properly in the context of this "old" target server. How to get the Python program to work as expected?
Python code
1import paramiko
2import logging
3
4ssh_user = "my_user"
5ssh_keypath = "/path/to/.ssh/my_key.rsa"
6server = "server.tld"
7
8ssh_client = paramiko.SSHClient()
9ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
10ssh_client.connect(server,port=22,username=ssh_user, key_filename=ssh_keypath)
11
12# SSH command
13cmd = "echo TEST : $(hostname)"
14
15stdin, stdout, stderr = ssh_client.exec_command(cmd, get_pty=True)
16exit_code = stdout.channel.recv_exit_status()
17
18cmd_raw_output = stdout.readlines()
19out = "".join(cmd_raw_output)
20out_msg = out.strip()
21
22# Ouput (logger code omitted)
23logger.debug(out_msg)
24
25if ssh_client is not None:
26 ssh_client.close()
27
Shell command equivalent
1import paramiko
2import logging
3
4ssh_user = "my_user"
5ssh_keypath = "/path/to/.ssh/my_key.rsa"
6server = "server.tld"
7
8ssh_client = paramiko.SSHClient()
9ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
10ssh_client.connect(server,port=22,username=ssh_user, key_filename=ssh_keypath)
11
12# SSH command
13cmd = "echo TEST : $(hostname)"
14
15stdin, stdout, stderr = ssh_client.exec_command(cmd, get_pty=True)
16exit_code = stdout.channel.recv_exit_status()
17
18cmd_raw_output = stdout.readlines()
19out = "".join(cmd_raw_output)
20out_msg = out.strip()
21
22# Ouput (logger code omitted)
23logger.debug(out_msg)
24
25if ssh_client is not None:
26 ssh_client.close()
27ssh -i /path/to/.ssh/my_key.rsa my_user@server.tld "echo TEST : $(hostname)"
28
Paramiko logs (DEBUG)
1import paramiko
2import logging
3
4ssh_user = "my_user"
5ssh_keypath = "/path/to/.ssh/my_key.rsa"
6server = "server.tld"
7
8ssh_client = paramiko.SSHClient()
9ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
10ssh_client.connect(server,port=22,username=ssh_user, key_filename=ssh_keypath)
11
12# SSH command
13cmd = "echo TEST : $(hostname)"
14
15stdin, stdout, stderr = ssh_client.exec_command(cmd, get_pty=True)
16exit_code = stdout.channel.recv_exit_status()
17
18cmd_raw_output = stdout.readlines()
19out = "".join(cmd_raw_output)
20out_msg = out.strip()
21
22# Ouput (logger code omitted)
23logger.debug(out_msg)
24
25if ssh_client is not None:
26 ssh_client.close()
27ssh -i /path/to/.ssh/my_key.rsa my_user@server.tld "echo TEST : $(hostname)"
28DEB [YYYYmmdd-HH:MM:30.475] thr=1 paramiko.transport: starting thread (client mode): 0xf6054ac8
29DEB [YYYYmmdd-HH:MM:30.476] thr=1 paramiko.transport: Local version/idstring: SSH-2.0-paramiko_2.9.1
30DEB [YYYYmmdd-HH:MM:30.490] thr=1 paramiko.transport: Remote version/idstring: SSH-2.0-OpenSSH_5.3
31INF [YYYYmmdd-HH:MM:30.490] thr=1 paramiko.transport: Connected (version 2.0, client OpenSSH_5.3)
32DEB [YYYYmmdd-HH:MM:30.498] thr=1 paramiko.transport: === Key exchange possibilities ===
33DEB [YYYYmmdd-HH:MM:30.498] thr=1 paramiko.transport: kex algos: diffie-hellman-group-exchange-sha256, diffie-hellman-group-exchange-sha1, diffie-hellman-group14-sha1, diffie-hellman-group1-sha1
34DEB [YYYYmmdd-HH:MM:30.498] thr=1 paramiko.transport: server key: ssh-rsa, ssh-dss
35DEB [YYYYmmdd-HH:MM:30.498] thr=1 paramiko.transport: client encrypt: aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se
36DEB [YYYYmmdd-HH:MM:30.498] thr=1 paramiko.transport: server encrypt: aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se
37DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: client mac: hmac-md5, hmac-sha1, umac-64@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-ripemd160, hmac-ripemd160@openssh.com, hmac-sha1-96, hmac-md5-96
38DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: server mac: hmac-md5, hmac-sha1, umac-64@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-ripemd160, hmac-ripemd160@openssh.com, hmac-sha1-96, hmac-md5-96
39DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: client compress: none, zlib@openssh.com
40DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: server compress: none, zlib@openssh.com
41DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: client lang: <none>
42DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: server lang: <none>.
43DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: kex follows: False
44DEB [YYYYmmdd-HH:MM:30.500] thr=1 paramiko.transport: === Key exchange agreements ===
45DEB [YYYYmmdd-HH:MM:30.500] thr=1 paramiko.transport: Kex: diffie-hellman-group-exchange-sha256
46DEB [YYYYmmdd-HH:MM:30.500] thr=1 paramiko.transport: HostKey: ssh-rsa
47DEB [YYYYmmdd-HH:MM:30.500] thr=1 paramiko.transport: Cipher: aes128-ctr
48DEB [YYYYmmdd-HH:MM:30.500] thr=1 paramiko.transport: MAC: hmac-sha2-256
49DEB [YYYYmmdd-HH:MM:30.501] thr=1 paramiko.transport: Compression: none
50DEB [YYYYmmdd-HH:MM:30.501] thr=1 paramiko.transport: === End of kex handshake ===
51DEB [YYYYmmdd-HH:MM:30.548] thr=1 paramiko.transport: Got server p (2048 bits)
52DEB [YYYYmmdd-HH:MM:30.666] thr=1 paramiko.transport: kex engine KexGexSHA256 specified hash_algo <built-in function openssl_sha256>
53DEB [YYYYmmdd-HH:MM:30.667] thr=1 paramiko.transport: Switch to new keys ...
54DEB [YYYYmmdd-HH:MM:30.669] thr=2 paramiko.transport: Adding ssh-rsa host key for server.tld: b'caea********************.'
55DEB [YYYYmmdd-HH:MM:30.674] thr=2 paramiko.transport: Trying discovered key b'b49c********************' in /path/to/.ssh/my_key.rsa
56DEB [YYYYmmdd-HH:MM:30.722] thr=1 paramiko.transport: userauth is OK
57DEB [YYYYmmdd-HH:MM:30.722] thr=1 paramiko.transport: Finalizing pubkey algorithm for key of type 'ssh-rsa'
58DEB [YYYYmmdd-HH:MM:30.722] thr=1 paramiko.transport: Our pubkey algorithm list: ['rsa-sha2-512', 'rsa-sha2-256', 'ssh-rsa']
59DEB [YYYYmmdd-HH:MM:30.723] thr=1 paramiko.transport: Server-side algorithm list: ['']
60DEB [YYYYmmdd-HH:MM:30.723] thr=1 paramiko.transport: Agreed upon 'rsa-sha2-512' pubkey algorithm
61INF [YYYYmmdd-HH:MM:30.735] thr=1 paramiko.transport: Authentication (publickey) failed.
62DEB [YYYYmmdd-HH:MM:30.739] thr=2 paramiko.transport: Trying SSH agent key b'9d37********************'
63DEB [YYYYmmdd-HH:MM:30.747] thr=1 paramiko.transport: userauth is OK.
64DEB [YYYYmmdd-HH:MM:30.748] thr=1 paramiko.transport: Finalizing pubkey algorithm for key of type 'ssh-rsa'
65DEB [YYYYmmdd-HH:MM:30.748] thr=1 paramiko.transport: Our pubkey algorithm list: ['rsa-sha2-512', 'rsa-sha2-256', 'ssh-rsa']
66DEB [YYYYmmdd-HH:MM:30.748] thr=1 paramiko.transport: Server-side algorithm list: ['']
67DEB [YYYYmmdd-HH:MM:30.748] thr=1 paramiko.transport: Agreed upon 'rsa-sha2-512' pubkey algorithm
68INF [YYYYmmdd-HH:MM:30.868] thr=1 paramiko.transport: Authentication (publickey) failed...
69
Shell command logs
1import paramiko
2import logging
3
4ssh_user = "my_user"
5ssh_keypath = "/path/to/.ssh/my_key.rsa"
6server = "server.tld"
7
8ssh_client = paramiko.SSHClient()
9ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
10ssh_client.connect(server,port=22,username=ssh_user, key_filename=ssh_keypath)
11
12# SSH command
13cmd = "echo TEST : $(hostname)"
14
15stdin, stdout, stderr = ssh_client.exec_command(cmd, get_pty=True)
16exit_code = stdout.channel.recv_exit_status()
17
18cmd_raw_output = stdout.readlines()
19out = "".join(cmd_raw_output)
20out_msg = out.strip()
21
22# Ouput (logger code omitted)
23logger.debug(out_msg)
24
25if ssh_client is not None:
26 ssh_client.close()
27ssh -i /path/to/.ssh/my_key.rsa my_user@server.tld "echo TEST : $(hostname)"
28DEB [YYYYmmdd-HH:MM:30.475] thr=1 paramiko.transport: starting thread (client mode): 0xf6054ac8
29DEB [YYYYmmdd-HH:MM:30.476] thr=1 paramiko.transport: Local version/idstring: SSH-2.0-paramiko_2.9.1
30DEB [YYYYmmdd-HH:MM:30.490] thr=1 paramiko.transport: Remote version/idstring: SSH-2.0-OpenSSH_5.3
31INF [YYYYmmdd-HH:MM:30.490] thr=1 paramiko.transport: Connected (version 2.0, client OpenSSH_5.3)
32DEB [YYYYmmdd-HH:MM:30.498] thr=1 paramiko.transport: === Key exchange possibilities ===
33DEB [YYYYmmdd-HH:MM:30.498] thr=1 paramiko.transport: kex algos: diffie-hellman-group-exchange-sha256, diffie-hellman-group-exchange-sha1, diffie-hellman-group14-sha1, diffie-hellman-group1-sha1
34DEB [YYYYmmdd-HH:MM:30.498] thr=1 paramiko.transport: server key: ssh-rsa, ssh-dss
35DEB [YYYYmmdd-HH:MM:30.498] thr=1 paramiko.transport: client encrypt: aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se
36DEB [YYYYmmdd-HH:MM:30.498] thr=1 paramiko.transport: server encrypt: aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se
37DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: client mac: hmac-md5, hmac-sha1, umac-64@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-ripemd160, hmac-ripemd160@openssh.com, hmac-sha1-96, hmac-md5-96
38DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: server mac: hmac-md5, hmac-sha1, umac-64@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-ripemd160, hmac-ripemd160@openssh.com, hmac-sha1-96, hmac-md5-96
39DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: client compress: none, zlib@openssh.com
40DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: server compress: none, zlib@openssh.com
41DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: client lang: <none>
42DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: server lang: <none>.
43DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: kex follows: False
44DEB [YYYYmmdd-HH:MM:30.500] thr=1 paramiko.transport: === Key exchange agreements ===
45DEB [YYYYmmdd-HH:MM:30.500] thr=1 paramiko.transport: Kex: diffie-hellman-group-exchange-sha256
46DEB [YYYYmmdd-HH:MM:30.500] thr=1 paramiko.transport: HostKey: ssh-rsa
47DEB [YYYYmmdd-HH:MM:30.500] thr=1 paramiko.transport: Cipher: aes128-ctr
48DEB [YYYYmmdd-HH:MM:30.500] thr=1 paramiko.transport: MAC: hmac-sha2-256
49DEB [YYYYmmdd-HH:MM:30.501] thr=1 paramiko.transport: Compression: none
50DEB [YYYYmmdd-HH:MM:30.501] thr=1 paramiko.transport: === End of kex handshake ===
51DEB [YYYYmmdd-HH:MM:30.548] thr=1 paramiko.transport: Got server p (2048 bits)
52DEB [YYYYmmdd-HH:MM:30.666] thr=1 paramiko.transport: kex engine KexGexSHA256 specified hash_algo <built-in function openssl_sha256>
53DEB [YYYYmmdd-HH:MM:30.667] thr=1 paramiko.transport: Switch to new keys ...
54DEB [YYYYmmdd-HH:MM:30.669] thr=2 paramiko.transport: Adding ssh-rsa host key for server.tld: b'caea********************.'
55DEB [YYYYmmdd-HH:MM:30.674] thr=2 paramiko.transport: Trying discovered key b'b49c********************' in /path/to/.ssh/my_key.rsa
56DEB [YYYYmmdd-HH:MM:30.722] thr=1 paramiko.transport: userauth is OK
57DEB [YYYYmmdd-HH:MM:30.722] thr=1 paramiko.transport: Finalizing pubkey algorithm for key of type 'ssh-rsa'
58DEB [YYYYmmdd-HH:MM:30.722] thr=1 paramiko.transport: Our pubkey algorithm list: ['rsa-sha2-512', 'rsa-sha2-256', 'ssh-rsa']
59DEB [YYYYmmdd-HH:MM:30.723] thr=1 paramiko.transport: Server-side algorithm list: ['']
60DEB [YYYYmmdd-HH:MM:30.723] thr=1 paramiko.transport: Agreed upon 'rsa-sha2-512' pubkey algorithm
61INF [YYYYmmdd-HH:MM:30.735] thr=1 paramiko.transport: Authentication (publickey) failed.
62DEB [YYYYmmdd-HH:MM:30.739] thr=2 paramiko.transport: Trying SSH agent key b'9d37********************'
63DEB [YYYYmmdd-HH:MM:30.747] thr=1 paramiko.transport: userauth is OK.
64DEB [YYYYmmdd-HH:MM:30.748] thr=1 paramiko.transport: Finalizing pubkey algorithm for key of type 'ssh-rsa'
65DEB [YYYYmmdd-HH:MM:30.748] thr=1 paramiko.transport: Our pubkey algorithm list: ['rsa-sha2-512', 'rsa-sha2-256', 'ssh-rsa']
66DEB [YYYYmmdd-HH:MM:30.748] thr=1 paramiko.transport: Server-side algorithm list: ['']
67DEB [YYYYmmdd-HH:MM:30.748] thr=1 paramiko.transport: Agreed upon 'rsa-sha2-512' pubkey algorithm
68INF [YYYYmmdd-HH:MM:30.868] thr=1 paramiko.transport: Authentication (publickey) failed...
69OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
70debug1: Reading configuration data /etc/ssh/ssh_config
71debug1: /etc/ssh/ssh_config line 58: Applying options for *
72debug2: resolving "server.tld" port 22
73debug2: ssh_connect_direct: needpriv 0
74debug1: Connecting to server.tld [server.tld] port 22.
75debug1: Connection established.
76debug1: permanently_set_uid: 0/0
77debug1: key_load_public: No such file or directory
78debug1: identity file /path/to/.ssh/my_key.rsa type -1
79debug1: key_load_public: No such file or directory
80debug1: identity file /path/to/.ssh/my_key.rsa-cert type -1
81debug1: Enabling compatibility mode for protocol 2.0
82debug1: Local version string SSH-2.0-OpenSSH_7.4
83debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
84debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
85debug2: fd 3 setting O_NONBLOCK
86debug1: Authenticating to server.tld:22 as 'my_user'
87debug3: hostkeys_foreach: reading file "/path/to/.ssh/known_hosts"
88debug3: record_hostkey: found key type RSA in file /path/to/.ssh/known_hosts:82
89debug3: load_hostkeys: loaded 1 keys from server.tld
90debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
91debug3: send packet: type 20
92debug1: SSH2_MSG_KEXINIT sent
93debug3: receive packet: type 20
94debug1: SSH2_MSG_KEXINIT received
95debug2: local client KEXINIT proposal
96debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c
97debug2: host key algorithms: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-dss
98debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
99debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
100debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
101debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
102debug2: compression ctos: none,zlib@openssh.com,zlib
103debug2: compression stoc: none,zlib@openssh.com,zlib
104debug2: languages ctos:
105debug2: languages stoc:
106debug2: first_kex_follows 0
107debug2: reserved 0
108debug2: peer server KEXINIT proposal
109debug2: KEX algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
110debug2: host key algorithms: ssh-rsa,ssh-dss
111debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
112debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
113debug2: MACs ctos: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
114debug2: MACs stoc: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
115debug2: compression ctos: none,zlib@openssh.com
116debug2: compression stoc: none,zlib@openssh.com
117debug2: languages ctos:
118debug2: languages stoc:
119debug2: first_kex_follows 0
120debug2: reserved 0
121debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
122debug1: kex: host key algorithm: ssh-rsa
123debug1: kex: server->client cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
124debug1: kex: client->server cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
125debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
126debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
127debug3: send packet: type 34
128debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
129debug3: receive packet: type 31
130debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
131debug2: bits set: 1502/3072
132debug3: send packet: type 32
133debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
134debug3: receive packet: type 33
135debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
136debug1: Server host key: ssh-.:**************************************************
137debug3: hostkeys_foreach: reading file "/path/to/.ssh/known_hosts"
138debug3: record_hostkey: found key type RSA in file /path/to/.ssh/known_hosts:8..2
139debug3: load_hostkeys: loaded 1 keys from server.tld
140debug1: Host 'server.tld' is known and matches the RSA host key.
141debug1: Found key in /path/to/.ssh/known_hosts:82
142debug2: bits set: 1562/3072
143debug3: send packet: type 21
144debug2: set_newkeys: mode 1
145debug1: rekey after 4294967296 blocks
146debug1: SSH2_MSG_NEWKEYS sent
147debug1: expecting SSH2_MSG_NEWKEYS
148debug3: receive packet: type 21
149debug1: SSH2_MSG_NEWKEYS received
150debug2: set_newkeys: mode 0
151debug1: rekey after 4294967296 blocks
152debug2: key: <foo> (0x55bcf6d1d320), agent
153debug2: key: /path/to/.ssh/my_key.rsa ((nil)), explicit
154debug3: send packet: type 5
155debug3: receive packet: type 6
156debug2: service_accept: ssh-userauth
157debug1: SSH2_MSG_SERVICE_ACCEPT received
158debug3: send packet: type 50
159debug3: receive packet: type 51
160debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
161debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password
162debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
163debug3: authmethod_lookup gssapi-keyex
164debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive,password
165debug3: authmethod_is_enabled gssapi-keyex
166debug1: Next authentication method: gssapi-keyex
167debug1: No valid Key exchange context
168debug2: we did not send a packet, disable method
169debug3: authmethod_lookup gssapi-with-mic
170debug3: remaining preferred: publickey,keyboard-interactive,password
171debug3: authmethod_is_enabled gssapi-with-mic
172debug1: Next authentication method: gssapi-with-mic
173debug1: Unspecified GSS failure. Minor code may provide more information
174No Kerberos credentials available (default cache: KEYRING:persistent:0)
175
176debug1: Unspecified GSS failure. Minor code may provide more information
177No Kerberos credentials available (default cache: KEYRING:persistent:0)
178
179debug2: we did not send a packet, disable method
180debug3: authmethod_lookup publickey
181debug3: remaining preferred: keyboard-interactive,password
182debug3: authmethod_is_enabled publickey
183debug1: Next authentication method: publickey
184debug1: Offering RSA public key: <foo>
185debug3: send_pubkey_test
186debug3: send packet: type 50
187debug2: we sent a publickey packet, wait for reply
188debug3: receive packet: type 51
189debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
190debug1: Trying private key: /path/to/.ssh/my_key.rsa
191debug3: sign_and_send_pubkey: RSA SHA256:**********************************
192debug3: send packet: type 50
193debug2: we sent a publickey packet, wait for reply
194debug3: receive packet: type 52
195debug1: Authentication succeeded (publickey).
196Authenticated to server.tld ([server.tld]:22).
197debug1: channel 0: new [client-session]
198debug3: ssh_session2_open: channel_new: 0
199debug2: channel 0: send open
200debug3: send packet: type 90
201debug1: Requesting no-more-sessions@openssh.com
202debug3: send packet: type 80
203debug1: Entering interactive session.
204debug1: pledge: network
205debug3: receive packet: type 91
206debug2: callback start
207debug2: fd 3 setting TCP_NODELAY
208debug3: ssh_packet_set_tos: set IP_TOS 0x08
209debug2: client_session2_setup: id 0
210debug1: Sending environment.
211debug3: Ignored env XDG_SESSION_ID
212debug3: Ignored env HOSTNAME
213debug3: Ignored env SELINUX_ROLE_REQUESTED
214debug3: Ignored env TERM
215debug3: Ignored env SHELL
216debug3: Ignored env HISTSIZE
217debug3: Ignored env SSH_CLIENT
218debug3: Ignored env SELINUX_USE_CURRENT_RANGE
219debug3: Ignored env SSH_TTY
220debug3: Ignored env CDPATH
221debug3: Ignored env USER
222debug3: Ignored env LS_COLORS
223debug3: Ignored env SSH_AUTH_SOCK
224debug3: Ignored env MAIL
225debug3: Ignored env PATH
226debug3: Ignored env PWD
227debug1: Sending env LANG = xx_XX.UTF-8
228debug2: channel 0: request env confirm 0
229debug3: send packet: type 98
230debug3: Ignored env SELINUX_LEVEL_REQUESTED
231debug3: Ignored env HISTCONTROL
232debug3: Ignored env SHLVL
233debug3: Ignored env HOME
234debug3: Ignored env LOGNAME
235debug3: Ignored env SSH_CONNECTION
236debug3: Ignored env LESSOPEN
237debug3: Ignored env XDG_RUNTIME_DIR
238debug3: Ignored env _
239debug1: Sending command: echo TEST : $(hostname)
240debug2: channel 0: request exec confirm 1
241debug3: send packet: type 98
242debug2: callback done
243debug2: channel 0: open confirm rwindow 0 rmax 32768
244debug2: channel 0: rcvd adjust 2097152
245debug3: receive packet: type 99
246debug2: channel_input_status_confirm: type 99 id 0
247debug2: exec request accepted on channel 0
248TEST : server.tld
249debug3: receive packet: type 96
250debug2: channel 0: rcvd eof
251debug2: channel 0: output open -> drain
252debug2: channel 0: obuf empty
253debug2: channel 0: close_write
254debug2: channel 0: output drain -> closed
255debug3: receive packet: type 98
256debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
257debug3: receive packet: type 98
258debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
259debug2: channel 0: rcvd eow
260debug2: channel 0: close_read
261debug2: channel 0: input open -> closed
262debug3: receive packet: type 97
263debug2: channel 0: rcvd close
264debug3: channel 0: will not send data after close
265debug2: channel 0: almost dead
266debug2: channel 0: gc: notify user
267debug2: channel 0: gc: user detached
268debug2: channel 0: send close
269debug3: send packet: type 97
270debug2: channel 0: is dead
271debug2: channel 0: garbage collecting
272debug1: channel 0: free: client-session, nchannels 1
273debug3: channel 0: status: The following connections are open:
274 #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)
275
276debug3: send packet: type 1
277Transferred: sent 3264, received 2656 bytes, in 0.0 seconds.
278Bytes per second: sent 92349.8, received 75147.4
279debug1: Exit status 0
280.
281
ANSWER
Answered 2022-Jan-13 at 14:49Imo, it's a bug in Paramiko. It does not handle correctly absence of server-sig-algs
extension on the server side.
Try disabling rsa-sha2-*
on Paramiko side altogether:
1import paramiko
2import logging
3
4ssh_user = "my_user"
5ssh_keypath = "/path/to/.ssh/my_key.rsa"
6server = "server.tld"
7
8ssh_client = paramiko.SSHClient()
9ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
10ssh_client.connect(server,port=22,username=ssh_user, key_filename=ssh_keypath)
11
12# SSH command
13cmd = "echo TEST : $(hostname)"
14
15stdin, stdout, stderr = ssh_client.exec_command(cmd, get_pty=True)
16exit_code = stdout.channel.recv_exit_status()
17
18cmd_raw_output = stdout.readlines()
19out = "".join(cmd_raw_output)
20out_msg = out.strip()
21
22# Ouput (logger code omitted)
23logger.debug(out_msg)
24
25if ssh_client is not None:
26 ssh_client.close()
27ssh -i /path/to/.ssh/my_key.rsa my_user@server.tld "echo TEST : $(hostname)"
28DEB [YYYYmmdd-HH:MM:30.475] thr=1 paramiko.transport: starting thread (client mode): 0xf6054ac8
29DEB [YYYYmmdd-HH:MM:30.476] thr=1 paramiko.transport: Local version/idstring: SSH-2.0-paramiko_2.9.1
30DEB [YYYYmmdd-HH:MM:30.490] thr=1 paramiko.transport: Remote version/idstring: SSH-2.0-OpenSSH_5.3
31INF [YYYYmmdd-HH:MM:30.490] thr=1 paramiko.transport: Connected (version 2.0, client OpenSSH_5.3)
32DEB [YYYYmmdd-HH:MM:30.498] thr=1 paramiko.transport: === Key exchange possibilities ===
33DEB [YYYYmmdd-HH:MM:30.498] thr=1 paramiko.transport: kex algos: diffie-hellman-group-exchange-sha256, diffie-hellman-group-exchange-sha1, diffie-hellman-group14-sha1, diffie-hellman-group1-sha1
34DEB [YYYYmmdd-HH:MM:30.498] thr=1 paramiko.transport: server key: ssh-rsa, ssh-dss
35DEB [YYYYmmdd-HH:MM:30.498] thr=1 paramiko.transport: client encrypt: aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se
36DEB [YYYYmmdd-HH:MM:30.498] thr=1 paramiko.transport: server encrypt: aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se
37DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: client mac: hmac-md5, hmac-sha1, umac-64@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-ripemd160, hmac-ripemd160@openssh.com, hmac-sha1-96, hmac-md5-96
38DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: server mac: hmac-md5, hmac-sha1, umac-64@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-ripemd160, hmac-ripemd160@openssh.com, hmac-sha1-96, hmac-md5-96
39DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: client compress: none, zlib@openssh.com
40DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: server compress: none, zlib@openssh.com
41DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: client lang: <none>
42DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: server lang: <none>.
43DEB [YYYYmmdd-HH:MM:30.499] thr=1 paramiko.transport: kex follows: False
44DEB [YYYYmmdd-HH:MM:30.500] thr=1 paramiko.transport: === Key exchange agreements ===
45DEB [YYYYmmdd-HH:MM:30.500] thr=1 paramiko.transport: Kex: diffie-hellman-group-exchange-sha256
46DEB [YYYYmmdd-HH:MM:30.500] thr=1 paramiko.transport: HostKey: ssh-rsa
47DEB [YYYYmmdd-HH:MM:30.500] thr=1 paramiko.transport: Cipher: aes128-ctr
48DEB [YYYYmmdd-HH:MM:30.500] thr=1 paramiko.transport: MAC: hmac-sha2-256
49DEB [YYYYmmdd-HH:MM:30.501] thr=1 paramiko.transport: Compression: none
50DEB [YYYYmmdd-HH:MM:30.501] thr=1 paramiko.transport: === End of kex handshake ===
51DEB [YYYYmmdd-HH:MM:30.548] thr=1 paramiko.transport: Got server p (2048 bits)
52DEB [YYYYmmdd-HH:MM:30.666] thr=1 paramiko.transport: kex engine KexGexSHA256 specified hash_algo <built-in function openssl_sha256>
53DEB [YYYYmmdd-HH:MM:30.667] thr=1 paramiko.transport: Switch to new keys ...
54DEB [YYYYmmdd-HH:MM:30.669] thr=2 paramiko.transport: Adding ssh-rsa host key for server.tld: b'caea********************.'
55DEB [YYYYmmdd-HH:MM:30.674] thr=2 paramiko.transport: Trying discovered key b'b49c********************' in /path/to/.ssh/my_key.rsa
56DEB [YYYYmmdd-HH:MM:30.722] thr=1 paramiko.transport: userauth is OK
57DEB [YYYYmmdd-HH:MM:30.722] thr=1 paramiko.transport: Finalizing pubkey algorithm for key of type 'ssh-rsa'
58DEB [YYYYmmdd-HH:MM:30.722] thr=1 paramiko.transport: Our pubkey algorithm list: ['rsa-sha2-512', 'rsa-sha2-256', 'ssh-rsa']
59DEB [YYYYmmdd-HH:MM:30.723] thr=1 paramiko.transport: Server-side algorithm list: ['']
60DEB [YYYYmmdd-HH:MM:30.723] thr=1 paramiko.transport: Agreed upon 'rsa-sha2-512' pubkey algorithm
61INF [YYYYmmdd-HH:MM:30.735] thr=1 paramiko.transport: Authentication (publickey) failed.
62DEB [YYYYmmdd-HH:MM:30.739] thr=2 paramiko.transport: Trying SSH agent key b'9d37********************'
63DEB [YYYYmmdd-HH:MM:30.747] thr=1 paramiko.transport: userauth is OK.
64DEB [YYYYmmdd-HH:MM:30.748] thr=1 paramiko.transport: Finalizing pubkey algorithm for key of type 'ssh-rsa'
65DEB [YYYYmmdd-HH:MM:30.748] thr=1 paramiko.transport: Our pubkey algorithm list: ['rsa-sha2-512', 'rsa-sha2-256', 'ssh-rsa']
66DEB [YYYYmmdd-HH:MM:30.748] thr=1 paramiko.transport: Server-side algorithm list: ['']
67DEB [YYYYmmdd-HH:MM:30.748] thr=1 paramiko.transport: Agreed upon 'rsa-sha2-512' pubkey algorithm
68INF [YYYYmmdd-HH:MM:30.868] thr=1 paramiko.transport: Authentication (publickey) failed...
69OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
70debug1: Reading configuration data /etc/ssh/ssh_config
71debug1: /etc/ssh/ssh_config line 58: Applying options for *
72debug2: resolving "server.tld" port 22
73debug2: ssh_connect_direct: needpriv 0
74debug1: Connecting to server.tld [server.tld] port 22.
75debug1: Connection established.
76debug1: permanently_set_uid: 0/0
77debug1: key_load_public: No such file or directory
78debug1: identity file /path/to/.ssh/my_key.rsa type -1
79debug1: key_load_public: No such file or directory
80debug1: identity file /path/to/.ssh/my_key.rsa-cert type -1
81debug1: Enabling compatibility mode for protocol 2.0
82debug1: Local version string SSH-2.0-OpenSSH_7.4
83debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
84debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
85debug2: fd 3 setting O_NONBLOCK
86debug1: Authenticating to server.tld:22 as 'my_user'
87debug3: hostkeys_foreach: reading file "/path/to/.ssh/known_hosts"
88debug3: record_hostkey: found key type RSA in file /path/to/.ssh/known_hosts:82
89debug3: load_hostkeys: loaded 1 keys from server.tld
90debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
91debug3: send packet: type 20
92debug1: SSH2_MSG_KEXINIT sent
93debug3: receive packet: type 20
94debug1: SSH2_MSG_KEXINIT received
95debug2: local client KEXINIT proposal
96debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c
97debug2: host key algorithms: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-dss
98debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
99debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
100debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
101debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
102debug2: compression ctos: none,zlib@openssh.com,zlib
103debug2: compression stoc: none,zlib@openssh.com,zlib
104debug2: languages ctos:
105debug2: languages stoc:
106debug2: first_kex_follows 0
107debug2: reserved 0
108debug2: peer server KEXINIT proposal
109debug2: KEX algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
110debug2: host key algorithms: ssh-rsa,ssh-dss
111debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
112debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
113debug2: MACs ctos: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
114debug2: MACs stoc: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
115debug2: compression ctos: none,zlib@openssh.com
116debug2: compression stoc: none,zlib@openssh.com
117debug2: languages ctos:
118debug2: languages stoc:
119debug2: first_kex_follows 0
120debug2: reserved 0
121debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
122debug1: kex: host key algorithm: ssh-rsa
123debug1: kex: server->client cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
124debug1: kex: client->server cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
125debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
126debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
127debug3: send packet: type 34
128debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
129debug3: receive packet: type 31
130debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
131debug2: bits set: 1502/3072
132debug3: send packet: type 32
133debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
134debug3: receive packet: type 33
135debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
136debug1: Server host key: ssh-.:**************************************************
137debug3: hostkeys_foreach: reading file "/path/to/.ssh/known_hosts"
138debug3: record_hostkey: found key type RSA in file /path/to/.ssh/known_hosts:8..2
139debug3: load_hostkeys: loaded 1 keys from server.tld
140debug1: Host 'server.tld' is known and matches the RSA host key.
141debug1: Found key in /path/to/.ssh/known_hosts:82
142debug2: bits set: 1562/3072
143debug3: send packet: type 21
144debug2: set_newkeys: mode 1
145debug1: rekey after 4294967296 blocks
146debug1: SSH2_MSG_NEWKEYS sent
147debug1: expecting SSH2_MSG_NEWKEYS
148debug3: receive packet: type 21
149debug1: SSH2_MSG_NEWKEYS received
150debug2: set_newkeys: mode 0
151debug1: rekey after 4294967296 blocks
152debug2: key: <foo> (0x55bcf6d1d320), agent
153debug2: key: /path/to/.ssh/my_key.rsa ((nil)), explicit
154debug3: send packet: type 5
155debug3: receive packet: type 6
156debug2: service_accept: ssh-userauth
157debug1: SSH2_MSG_SERVICE_ACCEPT received
158debug3: send packet: type 50
159debug3: receive packet: type 51
160debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
161debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password
162debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
163debug3: authmethod_lookup gssapi-keyex
164debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive,password
165debug3: authmethod_is_enabled gssapi-keyex
166debug1: Next authentication method: gssapi-keyex
167debug1: No valid Key exchange context
168debug2: we did not send a packet, disable method
169debug3: authmethod_lookup gssapi-with-mic
170debug3: remaining preferred: publickey,keyboard-interactive,password
171debug3: authmethod_is_enabled gssapi-with-mic
172debug1: Next authentication method: gssapi-with-mic
173debug1: Unspecified GSS failure. Minor code may provide more information
174No Kerberos credentials available (default cache: KEYRING:persistent:0)
175
176debug1: Unspecified GSS failure. Minor code may provide more information
177No Kerberos credentials available (default cache: KEYRING:persistent:0)
178
179debug2: we did not send a packet, disable method
180debug3: authmethod_lookup publickey
181debug3: remaining preferred: keyboard-interactive,password
182debug3: authmethod_is_enabled publickey
183debug1: Next authentication method: publickey
184debug1: Offering RSA public key: <foo>
185debug3: send_pubkey_test
186debug3: send packet: type 50
187debug2: we sent a publickey packet, wait for reply
188debug3: receive packet: type 51
189debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
190debug1: Trying private key: /path/to/.ssh/my_key.rsa
191debug3: sign_and_send_pubkey: RSA SHA256:**********************************
192debug3: send packet: type 50
193debug2: we sent a publickey packet, wait for reply
194debug3: receive packet: type 52
195debug1: Authentication succeeded (publickey).
196Authenticated to server.tld ([server.tld]:22).
197debug1: channel 0: new [client-session]
198debug3: ssh_session2_open: channel_new: 0
199debug2: channel 0: send open
200debug3: send packet: type 90
201debug1: Requesting no-more-sessions@openssh.com
202debug3: send packet: type 80
203debug1: Entering interactive session.
204debug1: pledge: network
205debug3: receive packet: type 91
206debug2: callback start
207debug2: fd 3 setting TCP_NODELAY
208debug3: ssh_packet_set_tos: set IP_TOS 0x08
209debug2: client_session2_setup: id 0
210debug1: Sending environment.
211debug3: Ignored env XDG_SESSION_ID
212debug3: Ignored env HOSTNAME
213debug3: Ignored env SELINUX_ROLE_REQUESTED
214debug3: Ignored env TERM
215debug3: Ignored env SHELL
216debug3: Ignored env HISTSIZE
217debug3: Ignored env SSH_CLIENT
218debug3: Ignored env SELINUX_USE_CURRENT_RANGE
219debug3: Ignored env SSH_TTY
220debug3: Ignored env CDPATH
221debug3: Ignored env USER
222debug3: Ignored env LS_COLORS
223debug3: Ignored env SSH_AUTH_SOCK
224debug3: Ignored env MAIL
225debug3: Ignored env PATH
226debug3: Ignored env PWD
227debug1: Sending env LANG = xx_XX.UTF-8
228debug2: channel 0: request env confirm 0
229debug3: send packet: type 98
230debug3: Ignored env SELINUX_LEVEL_REQUESTED
231debug3: Ignored env HISTCONTROL
232debug3: Ignored env SHLVL
233debug3: Ignored env HOME
234debug3: Ignored env LOGNAME
235debug3: Ignored env SSH_CONNECTION
236debug3: Ignored env LESSOPEN
237debug3: Ignored env XDG_RUNTIME_DIR
238debug3: Ignored env _
239debug1: Sending command: echo TEST : $(hostname)
240debug2: channel 0: request exec confirm 1
241debug3: send packet: type 98
242debug2: callback done
243debug2: channel 0: open confirm rwindow 0 rmax 32768
244debug2: channel 0: rcvd adjust 2097152
245debug3: receive packet: type 99
246debug2: channel_input_status_confirm: type 99 id 0
247debug2: exec request accepted on channel 0
248TEST : server.tld
249debug3: receive packet: type 96
250debug2: channel 0: rcvd eof
251debug2: channel 0: output open -> drain
252debug2: channel 0: obuf empty
253debug2: channel 0: close_write
254debug2: channel 0: output drain -> closed
255debug3: receive packet: type 98
256debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
257debug3: receive packet: type 98
258debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
259debug2: channel 0: rcvd eow
260debug2: channel 0: close_read
261debug2: channel 0: input open -> closed
262debug3: receive packet: type 97
263debug2: channel 0: rcvd close
264debug3: channel 0: will not send data after close
265debug2: channel 0: almost dead
266debug2: channel 0: gc: notify user
267debug2: channel 0: gc: user detached
268debug2: channel 0: send close
269debug3: send packet: type 97
270debug2: channel 0: is dead
271debug2: channel 0: garbage collecting
272debug1: channel 0: free: client-session, nchannels 1
273debug3: channel 0: status: The following connections are open:
274 #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)
275
276debug3: send packet: type 1
277Transferred: sent 3264, received 2656 bytes, in 0.0 seconds.
278Bytes per second: sent 92349.8, received 75147.4
279debug1: Exit status 0
280.
281ssh_client.connect(
282 server, username=ssh_user, key_filename=ssh_keypath,
283 disabled_algorithms=dict(pubkeys=["rsa-sha2-512", "rsa-sha2-256"]))
284
(note that there's no need to specify port=22
, as that's the default)
I've found related Paramiko issue:
RSA key auth failing from paramiko 2.9.x client to dropbear server
Though it refers to Paramiko 2.9.0 change log, which seems to imply that the behavior is deliberate:
When the server does not send
server-sig-algs
, Paramiko will attempt the first algorithm in the above list. Clients connecting to legacy servers should thus usedisabled_algorithms
to turn off SHA2.
Since 2.9.2, Paramiko will say:
DEB [20220113-14:46:13.882] thr=1 paramiko.transport: Server did not send a server-sig-algs list; defaulting to our first preferred algo ('rsa-sha2-512')
DEB [20220113-14:46:13.882] thr=1 paramiko.transport: NOTE: you may use the 'disabled_algorithms' SSHClient/Transport init kwarg to disable that or other algorithms if your server does not support them!
Obligatory warning: Do not use AutoAddPolicy
– You are losing a protection against MITM attacks by doing so. For a correct solution, see Paramiko "Unknown Server".
Your code for waiting for command to complete and reading its output is flawed too. See Wait to finish command executed with Python Paramiko. And for most purposes, the get_pty=True
is not a good idea either.
Community Discussions contain sources that include Stack Exchange Network
Tutorials and Learning Resources in SSH
Tutorials and Learning Resources are not available at this moment for SSH