running an old version of bamboo server 5.14.5. Today Github stopped allowing SHA-1.
Logs are now full of bellow error and can not build.
ERROR: You're using an RSA key with SHA-1, which is no longer allowed. Please use a newer client or a different key type.
and catalina.out contain.
2022-01-11 16:07:53,744 WARN [sshd-SshClient[7c628a8b]-nio2-thread-4] [BambooTrustedKeyServerKeyVerifier] Server at github.com/126.96.36.199:22 presented unverified EC key: SHA256:...............
We are assuming this is because of some old java lib, which version do we need to upgrade to? Does 8.x versions also have these problems ?
it's probably not ur key that is wrong if it's sha256. It's the hashing algorithm(SHA-1) used by bamboo ssh proxy.
I got this reply from Atlassian
Bamboo versions previous to v8.04 use an older SSH proxy SHA to access Bitbucket. This was updated in v8.04 to use a newer algorithm, so I believe upgrading to 8.0.5 or later will resolve this issue.
Ok good - so this is official answer we and anyone else who stumbles onto this thread about (especially since support ticket responses are slow right now).
Before March 15th we all need to upgrade to Bamboo 8.0.4 or later to ensure the proxy layer can support SHA2 (I suspected it was doing some sort of proxy with what I saw in the logs but nothing was documented, good to hear confirmation!)
We are also facing this issue and would appreciate a response on this issue too, but here is what I have found.
GitHub Security Bulletin: https://github.blog/2021-09-01-improving-git-protocol-security-github/#when-are-these-changes-effective
GitHub is conducting a test where they disable old keys for RSA/DSA (SHA1) to get people aware they need to update their key before March 15th where it will be blocked for good.
What is interesting is our key is SHA2! The key works from the command line, but within Bamboo it fails with the error message above.
I hope to hear 7.x or 8.x fixes this because we are long overdue for an upgrade (we are on 6.8.x) and will get that process moving once we have confirmation on what version to upgrade to.
Hi, If you are running self-managed environments and looking to adopt modern infrastructure, Bamboo Data Center can now be deployed in a Kubernetes cluster. By leveraging Kubernetes, you can easily...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events