java.security.KeyException

Thu, 20 Aug 2015 05:10:29 -0700 

Hi!

I'm trying to configure rhev which uses SSHD-0.11.0 (I have tested with 0.14.0 
as well). It fails with java.security.KeyException when adding a host trough 
the rhev manager, which creates a SSH session to the host. See logs below. Does 
anyone have an idea on how to solve it? Using Linux SSH client works fine.

>From the logfiles of the SSH client:
2015-08-20 14:01:32,803 INFO  
[org.apache.sshd.client.session.ClientSessionImpl] (pool-13-thread-1) Client 
session created
2015-08-20 14:01:32,984 INFO  
[org.apache.sshd.client.session.ClientSessionImpl] (pool-13-thread-2) Server 
version string: SSH-2.0-OpenSSH_6.6.1
2015-08-20 14:01:32,988 INFO  
[org.apache.sshd.client.session.ClientSessionImpl] (pool-13-thread-3) Kex: 
server->client aes128-ctr hmac-sha2-256 none
2015-08-20 14:01:32,989 INFO  
[org.apache.sshd.client.session.ClientSessionImpl] (pool-13-thread-3) Kex: 
client->server aes128-ctr hmac-sha2-256 none
2015-08-20 14:01:32,989 WARN  
[org.apache.sshd.client.session.ClientSessionImpl] (pool-13-thread-3) Exception 
caught: java.security.ProviderException: java.security.KeyException
        at 
sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:146)
        at 
java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:704)
 [rt.jar:1.7.0_85]
        at org.apache.sshd.common.kex.ECDH.getE(ECDH.java:59)
        at 
org.apache.sshd.client.kex.AbstractDHGClient.init(AbstractDHGClient.java:78)
        at 
org.apache.sshd.common.session.AbstractSession.doHandleMessage(AbstractSession.java:359)
        at 
org.apache.sshd.common.session.AbstractSession.handleMessage(AbstractSession.java:295)
        at 
org.apache.sshd.client.session.ClientSessionImpl.handleMessage(ClientSessionImpl.java:266)
        at 
org.apache.sshd.common.session.AbstractSession.decode(AbstractSession.java:720)
        at 
org.apache.sshd.common.session.AbstractSession.messageReceived(AbstractSession.java:277)
        at 
org.apache.sshd.common.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:54)
        at 
org.apache.sshd.common.io.nio2.Nio2Session$1.completed(Nio2Session.java:188)
        at 
org.apache.sshd.common.io.nio2.Nio2Session$1.completed(Nio2Session.java:174)
        at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) 
[rt.jar:1.7.0_85]
        at sun.nio.ch.Invoker$2.run(Invoker.java:218) [rt.jar:1.7.0_85]
        at 
sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)
 [rt.jar:1.7.0_85]
        at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) 
[rt.jar:1.7.0_85]
        at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) 
[rt.jar:1.7.0_85]
        at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_85]
Caused by: java.security.KeyException
        at sun.security.ec.ECKeyPairGenerator.generateECKeyPair(Native Method)
        at 
sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:126)
        ... 17 more

>From the sshd logfile on the host:
Aug 20 12:01:32 localhost sshd[48181]: debug3: fd 5 is not O_NONBLOCK
Aug 20 12:01:32 localhost sshd[48181]: debug1: Forked child 54498.
Aug 20 12:01:32 localhost sshd[48181]: debug3: send_rexec_state: entering fd = 
8 config len 812
Aug 20 12:01:32 localhost sshd[48181]: debug3: ssh_msg_send: type 0
Aug 20 12:01:32 localhost sshd[48181]: debug3: send_rexec_state: done
Aug 20 12:01:32 localhost sshd[54498]: debug3: oom_adjust_restore
Aug 20 12:01:32 localhost sshd[54498]: Set /proc/self/oom_score_adj to 0
Aug 20 12:01:32 localhost sshd[54498]: debug1: rexec start in 5 out 5 newsock 5 
pipe 7 sock 8
Aug 20 12:01:32 localhost sshd[54498]: debug1: inetd sockets after dupping: 3, 3
Aug 20 12:01:32 localhost sshd[54498]: Connection from 10.3.50.23 port 38738 on 
10.3.50.22 port 22
Aug 20 12:01:32 localhost sshd[54498]: debug1: Client protocol version 2.0; 
client software version SSHD-CORE-0.11.0
Aug 20 12:01:32 localhost sshd[54498]: debug1: no match: SSHD-CORE-0.11.0
Aug 20 12:01:32 localhost sshd[54498]: debug1: Enabling compatibility mode for 
protocol 2.0
Aug 20 12:01:32 localhost sshd[54498]: debug1: Local version string 
SSH-2.0-OpenSSH_6.6.1
Aug 20 12:01:32 localhost sshd[54498]: debug2: fd 3 setting O_NONBLOCK
Aug 20 12:01:32 localhost sshd[54498]: debug3: ssh_sandbox_init: preparing 
rlimit sandbox
Aug 20 12:01:32 localhost sshd[54498]: debug2: Network child is on pid 54500
Aug 20 12:01:32 localhost sshd[54498]: debug3: preauth child monitor started
Aug 20 12:01:32 localhost sshd[54498]: debug1: SELinux support enabled [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug3: ssh_selinux_change_context: 
setting context from 'system_u:system_r:sshd_t:s0-s0:c0.c1023' to 
'system_u:system_r:sshd_net_t:s0-s0:c0.c1023' [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug3: privsep user:group 74:74 
[preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug1: permanently_set_uid: 74/74 
[preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug1: list_hostkey_types: 
ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug1: SSH2_MSG_KEXINIT received 
[preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit: 
[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
 [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit: 
ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit: 
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
 [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit: 
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
 [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit: 
[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
 [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit: 
[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
 [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit: 
none,[email protected] [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit: 
none,[email protected] [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit:  [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit:  [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit: 
first_kex_follows 0  [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit: reserved 0  
[preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit: 
ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1
 [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit: 
ssh-rsa,ssh-dss [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit: 
aes128-ctr,aes256-ctr,aes128-cbc,3des-cbc,blowfish-cbc,aes192-cbc,aes256-cbc 
[preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit: 
aes128-ctr,aes256-ctr,aes128-cbc,3des-cbc,blowfish-cbc,aes192-cbc,aes256-cbc 
[preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit: 
hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96 
[preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit: 
hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96 
[preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit: none [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit: none [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit:  [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit:  [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit: 
first_kex_follows 0  [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: kex_parse_kexinit: reserved 0  
[preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: mac_setup: setup hmac-sha2-256 
[preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug1: kex: client->server aes128-ctr 
hmac-sha2-256 none [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug2: mac_setup: setup hmac-sha2-256 
[preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug1: kex: server->client aes128-ctr 
hmac-sha2-256 none [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug1: kex: ecdh-sha2-nistp256 need=32 
dh_need=32 [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug3: mm_request_send entering: type 
120 [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug3: mm_request_receive_expect 
entering: type 121 [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug3: mm_request_receive entering 
[preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug3: mm_request_receive entering
Aug 20 12:01:32 localhost sshd[54498]: debug3: monitor_read: checking request 
120
Aug 20 12:01:32 localhost sshd[54498]: debug3: mm_request_send entering: type 
121
Aug 20 12:01:32 localhost sshd[54498]: debug1: kex: ecdh-sha2-nistp256 need=32 
dh_need=32 [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug3: mm_request_send entering: type 
120 [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug3: mm_request_receive_expect 
entering: type 121 [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug3: mm_request_receive entering 
[preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug3: mm_request_receive entering
Aug 20 12:01:32 localhost sshd[54498]: debug3: monitor_read: checking request 
120
Aug 20 12:01:32 localhost sshd[54498]: debug3: mm_request_send entering: type 
121
Aug 20 12:01:32 localhost sshd[54498]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT 
[preauth]
Aug 20 12:01:32 localhost sshd[54498]: Connection closed by 10.3.50.23 [preauth]
Aug 20 12:01:32 localhost sshd[54498]: debug1: do_cleanup [preauth]

BR,

Johan

Reply via email to