sohutv
添加机器后cachecloud开始报错 Caused by: java.io.IOException: Cannot negotiate, proposals do not match.
java.io.IOException: There was a problem while connecting to 192.168.79.131:22 at ch.ethz.ssh2.Connection.connect(Connection.java:699) at com.sohu.cache.ssh.SSHTemplate$1.execute(SSHTemplate.java:102) at com.sohu.cache.util.IdempotentConfirmer.run(IdempotentConfirmer.java:27) at com.sohu.cache.ssh.SSHTemplate.getConnection(SSHTemplate.java:122) at com.sohu.cache.ssh.SSHTemplate.execute(SSHTemplate.java:50) at com.sohu.cache.ssh.SSHUtil.getMachineInfo(SSHUtil.java:73) at com.sohu.cache.machine.impl.MachineCenterImpl.collectMachineInfo(MachineCenterImpl.java:144) at com.sohu.cache.machine.impl.MachineCenterImpl$1.execute(MachineCenterImpl.java:118) at com.sohu.cache.machine.impl.MachineCenterImpl$1.execute(MachineCenterImpl.java:115) at com.sohu.cache.async.KeyCallable.call(KeyCallable.java:22) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:750) Caused by: java.io.IOException: Key exchange was not finished, connection is closed. at ch.ethz.ssh2.transport.KexManager.getOrWaitForConnectionInfo(KexManager.java:91) at ch.ethz.ssh2.transport.TransportManager.getConnectionInfo(TransportManager.java:229) at ch.ethz.ssh2.Connection.connect(Connection.java:655) ... 13 common frames omitted Caused by: java.io.IOException: Cannot negotiate, proposals do not match. at ch.ethz.ssh2.transport.KexManager.handleMessage(KexManager.java:412) at ch.ethz.ssh2.transport.TransportManager.receiveLoop(TransportManager.java:753) at ch.ethz.ssh2.transport.TransportManager$1.run(TransportManager.java:468) ... 1 common frames omitted 环境:cachecloud -3.2 虚拟机:CentOS Stream release 9
可以按照网上解决方式,修改一下KexAlgorithms。 https://github.com/sohutv/cachecloud/issues/302
这是因为cachecloud还在使用已经不安全的SHA-1算法导致的。高版本SSH已经因为安全原因已经排除了SHA-1算法。所以当cachecloud是使用SHA-1的密钥交换算法和主机密钥算法来SSH通信服务器时,就会因为协商失败,导致草错:Cannot negotiate, proposals do not match
两个办法:
- 修改cachecloud,使用安全的SHA-2(sha-256/sha-384)算法
- 修改服务器,重新启用不安全的SHA-1算法
sshd -T 就可以看到当前SSH service支持的各种算法...
