I am facing following issue on my jenkins master node:
using GIT_SSH to set credentials Jenkins user connection to bitbucket server with ssh key from XXXXXXX
Verifying host key using known hosts file
git fetch --tags --progress ssh://git@git.XX.XX/XXXX/XXXXXXXX.git +refs/heads/:refs/remotes/origin/ # timeout=10
ERROR: Error cloning remote repo ‘origin’
hudson.plugins.git.GitException: Command “git fetch --tags --progress sh://git@git.XX.XX/XXXX/XXXXXXXX.git +refs/heads/:refs/remotes/origin/” returned status code 128:
stderr: ssh_exchange_identification: Connection closed by remote host
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Problem is being visible only on MASTER node, on agent node all seems to work fine. Configuration of both hosts are same, the same version of sshd (Openssh 7.4), the same version of OS (RedHat 7.9) . I have tried different jenkins versions from 2.346.3-1.1 to 2.361.
Strange thing is that directly from OS I can run the command without any issues, repo is being cloned (the same that is throwing and error on jenkins).
I have checked all keys in known_hosts, jenkins user public keys, key configuration on Jenkins GUI, access key on Bitbucket etc. All seems to be correct (and as cloning from OS works then it has to be ok).
My git-plugin version: 4.13.0
My git-client version: 3.13.0
I have also tried solution from: [JENKINS-69149] Git client "accept new host key" breaks SSH auth from OpenSSH 7.5 and earlier - Jenkins Jira
- Use the “Manually provided keys” host key verification strategy. I’ve attached host keys for several popular providers at the end of this comment → DO NOT WORK
- Use the “Known hosts file” host key verification strategy and provide a known_hosts file on the agents with values for the required hosts → DO NOT WORK
- Enable JGit and use JGit instead of command line git on those older OpenSSH versions → CAN NOT BE IMPLEMENTED
- Switch the repository URL’s in job definitions from ssh protocol to https protocol and provide a username / password credential for the clone instead of a private key credential → LAST RESORT SOLUTION, IF NO OTHER SOLUTION THEN WILL TRY THIS
- Use the “No verification” host key verification strategy (not recommended) → --> DO NOT WORK, even if I switch to that I am having the same error message
In addition I can tell that strange thing is that above is happening even if I set verifiaction strategy to NO VERIFICATION.