Karaf
  1. Karaf
  2. KARAF-1756

No SSH connection possible on Debian 6.0.5

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.2.9
    • Fix Version/s: 2.2.10, 2.3.0, 3.0.0
    • Component/s: karaf-os-integration
    • Labels:
      None
    • Environment:

      Debian 6.0.5 amd64, with package openjdk-6-jre (NO jdk)

      Description

      After installation of Karaf as a service, no SSH connection is possible:
      Output of ssh:

      # ssh -p 8101 -l karaf localhost
      no matching cipher found: client aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se server
      

      Output of karaf client:

      # bin/client
      client: JAVA_HOME not set; results may vary
      167 [NioProcessor-2] WARN org.apache.sshd.client.session.ClientSessionImpl - Exception caught
      java.lang.IllegalStateException: Unable to negociate key exchange for item 2
            at org.apache.sshd.common.session.AbstractSession.negociate(AbstractSession.java:903)
            at org.apache.sshd.client.session.ClientSessionImpl.doHandleMessage(ClientSessionImpl.java:291)
            at org.apache.sshd.client.session.ClientSessionImpl.handleMessage(ClientSessionImpl.java:253)
            at org.apache.sshd.common.session.AbstractSession.decode(AbstractSession.java:539)
            at org.apache.sshd.common.session.AbstractSession.messageReceived(AbstractSession.java:232)
            at org.apache.sshd.common.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:58)
            at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:716)
            at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434)
            at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:46)
            at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:796)
            at org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:119)
            at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434)
            at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:426)
            at org.apache.mina.core.polling.AbstractPollingIoProcessor.read(AbstractPollingIoProcessor.java:692)
            at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:645)
            at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:634)
            at org.apache.mina.core.polling.AbstractPollingIoProcessor.access$400(AbstractPollingIoProcessor.java:66)
            at org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:1078)
            at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
            at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
            at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
            at java.lang.Thread.run(Thread.java:636)
      Session is closed
      

        Issue Links

          Activity

          Hide
          Jean-Baptiste Onofré added a comment -

          Thanks for the update, I'm testing of the different platforms.

          Show
          Jean-Baptiste Onofré added a comment - Thanks for the update, I'm testing of the different platforms.
          Hide
          Krešimir Kovačević added a comment - - edited

          This will do the trick on linux, solaris and aix systems:

          Change:
          if [ `which readlink` ]; then

          to:
          if [ `command -v readlink` ]; then

          "command -v" is POSIX command and should return correct return codes.
          I have tried it on Ubuntu 12.04, RHEL 6.2, Solaris 10 and AIX 5.3.

          BR

          Show
          Krešimir Kovačević added a comment - - edited This will do the trick on linux, solaris and aix systems: Change: if [ `which readlink` ]; then to: if [ `command -v readlink` ]; then "command -v" is POSIX command and should return correct return codes. I have tried it on Ubuntu 12.04, RHEL 6.2, Solaris 10 and AIX 5.3. BR
          Hide
          Jean-Baptiste Onofré added a comment -

          Good point Dan, I switch back to absolute path test.

          Show
          Jean-Baptiste Onofré added a comment - Good point Dan, I switch back to absolute path test.
          Hide
          Dan Tran added a comment -

          `which readlink` fails on solaris 10 and its return 0, need to reopen this issue

          Show
          Dan Tran added a comment - `which readlink` fails on solaris 10 and its return 0, need to reopen this issue
          Hide
          Krešimir Kovačević added a comment -

          On trunk there is:
          if [ `whichlink readlink` ]; then

          instead of:
          if [ `which readlink` ]; then

          BR,

          kk
          Show
          Krešimir Kovačević added a comment - On trunk there is: if [ `whichlink readlink` ]; then instead of: if [ `which readlink` ]; then BR, kk
          Show
          Jean-Baptiste Onofré added a comment - Fixed on trunk: http://svn.apache.org/viewvc?view=revision&revision=1387147 Fixed on karaf-2.3.x: http://svn.apache.org/viewvc?view=revision&revision=1387140 Fixed on karaf-2.2.x: http://svn.apache.org/viewvc?view=revision&revision=1387150
          Hide
          Krešimir Kovačević added a comment -

          Line:
          if [ -x /bin/readlink ]; then

          should be:
          if [ `which readlink` ]; then

          This way path to readlink executable is not hardcoded and existance of readlink command and readlink file execution rights are checked.

          Show
          Krešimir Kovačević added a comment - Line: if [ -x /bin/readlink ]; then should be: if [ `which readlink` ]; then This way path to readlink executable is not hardcoded and existance of readlink command and readlink file execution rights are checked.
          Show
          Jean-Baptiste Onofré added a comment - Fixed on karaf-2.3.x: http://svn.apache.org/viewvc?view=revision&revision=1376350 Fixed on karaf-2.2.x: http://svn.apache.org/viewvc?view=revision&revision=1376351
          Show
          Jean-Baptiste Onofré added a comment - Fixed on trunk: http://svn.apache.org/viewvc?view=revision&revision=1376348
          Hide
          Raphael Majeed added a comment - - edited

          same problem as KARAF-1683.

          I solved this issue by using the following code in karaf-service:

          karaf-service
          if [ -x /bin/readlink ]; then
            [ -z $JAVA_HOME ] && [ -x /usr/bin/javac ] && export JAVA_HOME="$(readlink -f /usr/bin/javac | sed 's:/bin/javac::')"
            [ -z $JAVA_HOME ] && [ -x /usr/bin/java ] && export JAVA_HOME="$(readlink -f /usr/bin/java | sed 's:/bin/java::')"
          fi
          

          The solution of KARAF-1683 has two problems:
          1. [ -x readlink ] evaluates to false although the readlink command is available
          2. "$(readlink -f /usr/bin/javac | sed 's:/bin/javac::')" evaluates to "/usr" if javac is not available. Therefore the second command is not executed.

          Above code fixes both problems and solves the issue for me.

          Show
          Raphael Majeed added a comment - - edited same problem as KARAF-1683 . I solved this issue by using the following code in karaf-service: karaf-service if [ -x /bin/readlink ]; then [ -z $JAVA_HOME ] && [ -x /usr/bin/javac ] && export JAVA_HOME= "$(readlink -f /usr/bin/javac | sed 's:/bin/javac::')" [ -z $JAVA_HOME ] && [ -x /usr/bin/java ] && export JAVA_HOME= "$(readlink -f /usr/bin/java | sed 's:/bin/java::')" fi The solution of KARAF-1683 has two problems: 1. [ -x readlink ] evaluates to false although the readlink command is available 2. "$(readlink -f /usr/bin/javac | sed 's:/bin/javac::')" evaluates to "/usr" if javac is not available. Therefore the second command is not executed. Above code fixes both problems and solves the issue for me.

            People

            • Assignee:
              Jean-Baptiste Onofré
              Reporter:
              Raphael Majeed
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development