我司自动安装部署工具ideploy,使用ssh连接主机并部署业务。今天提供给一线安装规划后,安装报错,测试连接主机失败,而直接使用ssh是可以连接上主机的。查看问题错误堆栈如下:
- ERROR pool-4-thread-1 2015-06-15 14:28:59,852 [SSHTerminal] (connectToServer:275) The ssh is connect exception.Try 1 times.
- com.jcraft.jsch.JSchException: Algorithm negotiation fail
- at com.jcraft.jsch.Session.receive_kexinit(Session.java:520)
- at com.jcraft.jsch.Session.connect(Session.java:286)
- at com.huawei.breeze.ideploy.terminal.SSHTerminal.connectToServer(SSHTerminal.java:236)
- at com.huawei.breeze.ideploy.terminal.SSHTerminal.connect(SSHTerminal.java:151)
- at com.huawei.breeze.ideploy.terminal.SSHTerminal.checkConnect(SSHTerminal.java:105)
- at com.huawei.breeze.ideploy.terminal.UnixTerminal.executeNormal(UnixTerminal.java:950)
- at com.huawei.breeze.ideploy.terminal.UnixTerminal.executeForward(UnixTerminal.java:812)
- at com.huawei.breeze.ideploy.terminal.UnixTerminal.executeNormal(UnixTerminal.java:884)
- at com.huawei.breeze.ideploy.terminal.Terminal.execute(Terminal.java:195)
- at com.huawei.breeze.ideploy.host.HostCheckRunner.run(HostCheckRunner.java:84)
- at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
- at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
- at java.lang.Thread.run(Unknown Source)
一搜,发现不少人有同样的问题,http://*.com/questions/26424621/algorithm-negotiation-fail-ssh-in-jenkins,应该是ssh在6.7版本以后,对一些加密算法不支持,需要手动添加。查看问题单板ssh版本结果如下:
- user01@caiyun-aas02:~> ssh -V
- OpenSSH_6.8p1, OpenSSL 0.9.8j-fips 07 Jan 2009
运行正常的主机则如下:
- user01@caiyun-ndmc-db01:/> ssh -V
- OpenSSH_6.2p2, OpenSSL 0.9.8j-fips 07 Jan 2009
问题解决:在/etc/ssh/sshd_config最后添加一行加密算法,重启sshd,/etc/init.d/sshd restart,问题解决
2015-7-28,补充,遇到个sftp连接,代码报错的,用以上方法不行,同样修改和/usr/etc/sshd_config文件后,问题解决,记录一下。