Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

no matching cipher found. Their offer: , fatal: Could not read from remote repository

Swapnil Hete
Swapnil Hete March 15, 2023

Bamboo version: 5.9.4 

OS : [root@phoenix240862 .ssh]# cat /etc/redhat-release
Red Hat Enterprise Linux release 8.6 (Ootpa)

[root@phoenix240862 .ssh]# sshd -version
unknown option -- v
OpenSSH_8.0p1, OpenSSL 1.1.1k FIPS 25 Mar 2021

while cloning git repository in bamboo getting below error

com.atlassian.bamboo.repository.RepositoryException: java.lang.RuntimeException: com.atlassian.bamboo.repository.RepositoryException: com.atlassian.bamboo.plugins.git.GitCommandException: command /usr/bin/git ls-remote ssh://e452c039-1bf3-4468-8fb0-c7bdb8584722@127.0.0.1:35255/iotbca/infra/iot-infra.git failed with code 128. Working directory was [.]., stderr:
[Unable to negotiate with 127.0.0.1 port 35255: no matching cipher found. Their offer: , fatal: Could not read from remote repository., , Please make sure you have the correct access rights, and the repository exists.]

Screenshot 2023-03-15 at 2.30.27 PM.png

Answer
Watch
Like Be the first to like this
666 views

2 answers

1 accepted

0 votes
Answer accepted
Swapnil Hete
Swapnil Hete March 29, 2023

Thanks Nicolas and Edurado.

I was able to fix it as below.

As I was using very old version of bamboo  5.9.4 , I switched agent startup with lower version of java i.e JDK 1.8.0_91. This helped to fixed cipher issue. 

Reply
0 votes
Eduardo Alvarenga
Eduardo Alvarenga
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 15, 2023

Hello @Swapnil Hete

There is a mismatch between your SSH client-allowed ciphers and those the server allows you to use. This usually happens when the SSH server and client have a huge gap between their versions. From the reported OpenSSH version, I then assume your Bamboo release is older.

Try applying the workaround listed on this bug and let us know the results:

Thank you,

Eduardo Alvarenga
Atlassian Support APAC

--please don't forget to Accept the answer if the reply is helpful-- 

View More Comments
Swapnil Hete
Swapnil Hete March 15, 2023

Hi @Eduardo Alvarenga 
I am following BAM-21832 as you suggested.

What is file location ~./ssh_config

Is it ?

1. /root/.ssh/config or 2./etc/ssh/ssh_config

 

Also, Yes looks like its openssh-server issue.  I am trying OL7 VM as agent instead of OL8 as guided by @Nicolas Grossi today in a call.

Thanks you for checking this issue.

Like
Eduardo Alvarenga
Eduardo Alvarenga
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 15, 2023

Hello @Swapnil Hete 

The SSH config can be either on:

  • <user_home>/.ssh/config - On a per-user basis. <user_home> refers to the $HOME folder of the the user account that runs the Bamboo service
  • /etc/ssh/config - On a global basis (all users will use that setting)

You need to add that setting on the Agent, meaning a Remote Agent or on the Bamboo Server if you are using a local agent.

Cheers,

Eduardo Alvarenga
Atlassian Support APAC

--please don't forget to Accept the answer if the reply is helpful-- 

Like
Swapnil Hete
Swapnil Hete March 15, 2023

I tried to set as /root/.ssh/config. Because my bamboo agent is running as root

But getting below error for new config

[root@mumbai246658 .ssh]# hostname
mumbai246658
[root@mumbai246658 .ssh]# pwd
/root/.ssh
[root@mumbai246658 .ssh]# cat /root/.ssh/config
Host 127.0.0.1
HostkeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa
[root@mumbai246658 .ssh]# sshd -V
unknown option -- V
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
usage: sshd [-46DdeiqTt] [-C connection_spec] [-c host_cert_file]
[-E log_file] [-f config_file] [-g login_grace_time]
[-h host_key_file] [-o option] [-p port] [-u len]
[root@mumbai246658 .ssh]# /usr/bin/git ls-remote ssh://4f33fad2-850c-4f2c-bd95-daee1086499c@127.0.0.1:44697/iotbca/infra/iot-infra.git
/root/.ssh/config: line 3: Bad configuration option: pubkeyacceptedalgorithms
/root/.ssh/config: terminating, 1 bad configuration options
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

 

Like
Eduardo Alvarenga
Eduardo Alvarenga
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 15, 2023

It is not necessary to add that property when using OpenSSH 7.4 as it already defaults to ssh-rsa.

Your Bamboo server also needs that property to reach the remote repository. Perhaps that's where you need to focus.

As you are running a really outdated version of Bamboo (5.9.4), you may have to play with other undocumented SSH settings to allow newer OpenSSH versions to interact with the old Apache-SSHD version that runs on Bamboo.

We recommend you plan an upgrade of Bamboo as soon as possible.

Eduardo Alvarenga
Atlassian Support APAC

--please don't forget to Accept the answer if the reply is helpful--

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bamboo
Bamboo
TAGS
AUG Leaders

Atlassian Community Events

    See all events