我司自動安裝部署工具ideploy,使用ssh連接主機並部署業務。今天提供給一線安裝規划后,安裝報錯,測試連接主機失敗,而直接使用ssh是可以連接上主機的。查看問題錯誤堆棧如下:
- ERROR pool-4-thread-1 2015-06-15 14:28:59,852 [SSHTerminal] (connectToServer:275) The ssh is connect exception.Try 1 times.
- com.jcraft.jsch.JSchException: Algorithm negotiation fail
- at com.jcraft.jsch.Session.receive_kexinit(Session.java:520)
- at com.jcraft.jsch.Session.connect(Session.java:286)
- at com.huawei.breeze.ideploy.terminal.SSHTerminal.connectToServer(SSHTerminal.java:236)
- at com.huawei.breeze.ideploy.terminal.SSHTerminal.connect(SSHTerminal.java:151)
- at com.huawei.breeze.ideploy.terminal.SSHTerminal.checkConnect(SSHTerminal.java:105)
- at com.huawei.breeze.ideploy.terminal.UnixTerminal.executeNormal(UnixTerminal.java:950)
- at com.huawei.breeze.ideploy.terminal.UnixTerminal.executeForward(UnixTerminal.java:812)
- at com.huawei.breeze.ideploy.terminal.UnixTerminal.executeNormal(UnixTerminal.java:884)
- at com.huawei.breeze.ideploy.terminal.Terminal.execute(Terminal.java:195)
- at com.huawei.breeze.ideploy.host.HostCheckRunner.run(HostCheckRunner.java:84)
- at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
- at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
- at java.lang.Thread.run(Unknown Source)
一搜,發現不少人有同樣的問題,http://stackoverflow.com/questions/26424621/algorithm-negotiation-fail-ssh-in-jenkins,應該是ssh在6.7版本以后,對一些加密算法不支持,需要手動添加。查看問題單板ssh版本結果如下:
- user01@caiyun-aas02:~> ssh -V
- OpenSSH_6.8p1, OpenSSL 0.9.8j-fips 07 Jan 2009
運行正常的主機則如下:
- user01@caiyun-ndmc-db01:/> ssh -V
- OpenSSH_6.2p2, OpenSSL 0.9.8j-fips 07 Jan 2009
問題解決:在/etc/ssh/sshd_config最后添加一行加密算法,重啟sshd,/etc/init.d/sshd restart,問題解決
2015-7-28,補充,遇到個sftp連接,代碼報錯的,用以上方法不行,同樣修改和/usr/etc/sshd_config文件后,問題解決,記錄一下。