ch.ethz.ssh2连接远程服务器的时候报错:
java.io.IOException: Key exchange was not finished, connection is closed.
at ch.ethz.ssh2.transport.KexManager.getOrWaitForConnectionInfo(KexManager.java:75)
at ch.ethz.ssh2.transport.TransportManager.getConnectionInfo(TransportManager.java:169)
at ch.ethz.ssh2.Connection.connect(Connection.java:759)
at ch.ethz.ssh2.Connection.connect(Connection.java:628)
at com.act.datasmart.operators.utils.RemoteShellUtil.login(RemoteShellUtil.java:33)
at com.act.datasmart.operators.RemoteShellOperator.action(RemoteShellOperator.java:85)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
...
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.spark.deploy.JavaMainApplication.start(SparkApplication.scala:52)
at org.apache.spark.deploy.SparkSubmit.org$apache$spark$deploy$SparkSubmit$$runMain(SparkSubmit.scala:955)
at org.apache.spark.deploy.SparkSubmit.doRunMain$1(SparkSubmit.scala:180)
at org.apache.spark.deploy.SparkSubmit.submit(SparkSubmit.scala:203)
at org.apache.spark.deploy.SparkSubmit.doSubmit(SparkSubmit.scala:90)
at org.apache.spark.deploy.SparkSubmit$$anon$2.doSubmit(SparkSubmit.scala:1043)
at org.apache.spark.deploy.SparkSubmit$.main(SparkSubmit.scala:1052)
at org.apache.spark.deploy.SparkSubmit.main(SparkSubmit.scala)
Caused by: java.io.IOException: Cannot negotiate, proposals do not match.
at ch.ethz.ssh2.transport.ClientKexManager.handleMessage(ClientKexManager.java:123)
at ch.ethz.ssh2.transport.TransportManager.receiveLoop(TransportManager.java:572)
at ch.ethz.ssh2.transport.TransportManager$1.run(TransportManager.java:261)
at java.lang.Thread.run(Thread.java:748)
看到很多文章都是执行以下三步:
1、修改配置文件
vim /etc/ssh/sshd_config
2、修改KexAlgorithms参数
KexAlgorithms diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1,curve25519-sha256@libssh.org
3、重启服务
service sshd restart
但是实测发现KexAlgorithms只是其中一种原因,不一定能解决各位的问题,现在跟着代码看是哪些原因导致。
1、找到ch.ethz.ssh2.transport.KexManager类,其中有个方法mergeKexParameters,这个就是匹配服务端客户端两边相关参数通用的算法,底层调用getFirstMatch去比较二者相同的算法。
定位到以下三个地方
其中kex_algo比较的是KexAlgorithms参数的值,定位到其init方法,发现ch.ethz.ssh2默认支持的kex算法是"diffie-hellman-group-exchange-sha1", “diffie-hellman-group14-sha1”, “diffie-hellman-group1-sha1”,所以sshd_config里KexAlgorithms参数需要有其中之一。
同理,定位到HostKeyAlgorithms默认支持"ssh-rsa",“ssh-dss”,
可在sshd_config里加上
HostKeyAlgorithms +ssh-dss,ssh-rsa
mac_algorithms_client_to_server默认值为"hmac-sha1-96”, “hmac-sha1”, “hmac-md5-96”, "hmac-md5”,
所以sshd_config里MACs参数至少得包含其中一种