client can't connect to Karaf

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

client can't connect to Karaf

Taro Fukunaga
I'm running a custom distro of Karaf 2.2.0 as a service on CentOS 5.5 64-bit. But when I try to run the client (just ./client) I get the following error:

504 [NioProcessor-2] WARN org.apache.sshd.client.session.ClientSessionImpl - Exception caught
java.lang.IllegalStateException: Unable to negociate key exchange for item 2
        at org.apache.sshd.common.session.AbstractSession.negociate(AbstractSession.java:886)
        at org.apache.sshd.client.session.ClientSessionImpl.doHandleMessage(ClientSessionImpl.java:236)
        at org.apache.sshd.client.session.ClientSessionImpl.handleMessage(ClientSessionImpl.java:198)
        at org.apache.sshd.common.session.AbstractSession.decode(AbstractSession.java:522)
        at org.apache.sshd.common.session.AbstractSession.messageReceived(AbstractSession.java:225)
        at org.apache.sshd.common.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:58)
        at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:716)

I noticed that a similar issue was reported in http://karaf.922171.n3.nabble.com/Strange-behaviour-with-SSH-td1306643.html

 so I tried to modify the client by specifying  -Djava.endorsed.dirs="%JAVA_HOME%/jre/lib/endorsed:%JAVA_HOME%/lib/endorsed:%KARAF_HOME%/lib/endorsed" -Djava.ext.dirs="%JAVA_HOME%/jre/lib/ext:%JAVA_HOME%/lib/ext:%KARAF_HOME%/lib/ext"  but I get a new error saying:

106 [NioProcessor-2] WARN org.apache.sshd.client.session.ClientSessionImpl - Exception caught
java.security.NoSuchAlgorithmException: DH KeyPairGenerator not available

I am able to connect to Karaf if I run it as a non-service, it's just running it as a service that is causing this problem. BTW my Java is 32 bit:

java version "1.6.0_22"
Java(TM) SE Runtime Environment (build 1.6.0_22-b04)
Java HotSpot(TM) Server VM (build 17.1-b03, mixed mode)

However I tried with 64 bit Java but the result is the same.

Does anyone have any suggestions on how to get the client to work?

Thanks.
Reply | Threaded
Open this post in threaded view
|

Re: client can't connect to Karaf

Taro Fukunaga
I think this has something to do with my SSH misconfiguration. If I try to ssh to karaf that is running as a service I get an error:

$ ssh 1.2.3.4 -l karaf -p 8101
no matching cipher found: client aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc server

Interestingly in /etc/ssh/ssh_config I have these ciphers commented out. Uncommenting these ciphers have no effect. Howwever, I think this error message gives a better clue as to what is really happening with my client.

And I have no problems ssh'ing to karaf when I just run ./server.

So now I think the problem is how do I configure karaf when run as a service to support the ciphers that the client expects. Do I need to specify the list of ciphers that the server supports somewhere?

Thanks.
Reply | Threaded
Open this post in threaded view
|

Re: client can't connect to Karaf

Taro Fukunaga
It turns out that my problem was the same one reported at http://karaf.922171.n3.nabble.com/Strange-behaviour-with-SSH-td1306643.html#a1393881 . It wasn't easy for me spot the difference and I thought this was already fixed in 2.2.0. The fix was just to remove the double quotes in karaf-wrapper.conf for wrapper.java.additional.7 and wrapper.java.additional.8.

Sorry for sending out so much email, I was just clueless for a while.