The very first time you log into a new host you will be asked to verify that the system is the one you intended to access.The remote system will send its host key to your client as part of their handshake and your client will ask you to verify the host key fingerprint before continuing the login process.The release of SSH Slaves plugin 1.15 fixes this by introducing a Host Key Verification strategy to SSH Agents.This new feature is designed to prevent man-in-the-middle attack as explained in the Jenkins Security Advisory 2017-03-20.The host key received on the initial connection will be automatically trusted.
[04/03/17 ] [SSH] Opening SSH connection to [AGENT_HOSTNAME]:22.Since the configuration file settings will override the default behaviour, you need to define also the default locations of the Open SSH-style known_hosts file, in case you want them all to be read. After this, only the SSH Tectia-related hostkey directories will be used.The Open SSH known_hosts file is never automatically updated by SSH Tectia Client.Key exchange was not finished, connection is closed. IOException: There was a problem while connecting to [AGENT_HOSTNAME]:22 [04/04/17 ] [SSH] Opening SSH connection to [AGENT_HOSTNAME]:22.
[04/04/17 ] [SSH] WARNING: The SSH key for this host does not match the key required in the connection configuration.
Note: The Man-in-the-middle attacks happens when a server pretend to be the remote Host, between you and the server you intend to connect to.