Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-49725

Windows SSH init broken, as of 2018-02-22

    Details

    • Similar Issues:

      Description

      GitHub has turned off support for TLS versions before 1.2, on all of https://github.com - https://githubengineering.com/crypto-removal-notice/

       

      The Azure VM Agents plugin hardcodes a URL on github.com in its Windows SSH init script, and downloads it using System.Web.WebClient - https://github.com/jenkinsci/azure-vm-agents-plugin/blob/0e57250114b29b14ae787928b6debeafbf9d67ff/src/main/resources/scripts/sshInit.ps1#L3

       

      Unless directed otherwise, PowerShell will always use TLS 1.0 - https://blog.pauby.com/post/force-powershell-to-use-tls-1-2/

       

      As a result, initialization of Windows SSH agents is 100% broken, as of yesterday, because the sshInit.ps1 script does not override the TLS version on WebClient to 1.2, causing the script to fail. This cannot be worked around, without a custom compile of the plugin with a fixed PowerShell script.

        Attachments

          Activity

          Hide
          zackliu Chenyang Liu added a comment -

          Thanks, we will fix it immediately. 

          Show
          zackliu Chenyang Liu added a comment - Thanks, we will fix it immediately. 
          Hide
          chenkennt Ken Chen added a comment -

          Fixed in v0.6.2

          Show
          chenkennt Ken Chen added a comment - Fixed in v0.6.2
          Hide
          oleg_nenashev Oleg Nenashev added a comment -

          Marking as Fixed according to the comment

          Show
          oleg_nenashev Oleg Nenashev added a comment - Marking as Fixed according to the comment

            People

            • Assignee:
              zackliu Chenyang Liu
              Reporter:
              directhex Jo Shields
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: