-
Bug
-
Resolution: Done
-
Medium
-
7.0.0, 7.0.1
Callhome device always has status "DISCONNECTED" after adding it to allowed devices
Steps to reproduce:
1. Adjust callhome device (netopeer2).
2. Run karaf and install required features `feature:install odl-netconf-topology odl-restconf-nb odl-netconf-callhome-ssh`
3. Send a GET request to verify if netopeer tried to connect to ODL.
curl --location --request GET 'http://{YOUR_IP}:8181/rests/data/odl-netconf-callhome-server:netconf-callhome-server' \ --header 'Authorization: Basic YWRtaW46YWRtaW4=' \ --header 'Content-Type: application/json' \ --header 'Cookie: JSESSIONID=node0usdbxxyocktbxkl63aowtjfr0.node0' \ --data-raw ''
status will be `FAILED_NOT_ALLOWED`
4. Use the host-key from the previous request's response and send a POST request to add this device to allowed-devices.
curl --location --request POST 'http://{YOUR_IP}:8181/rests/data/odl-netconf-callhome-server:netconf-callhome-server/allowed-devices' \ --header 'Authorization: Basic YWRtaW46YWRtaW4=' \ --header 'Content-Type: application/json' \ --header 'Cookie: JSESSIONID=node0usdbxxyocktbxkl63aowtjfr0.node0' \ --data-raw '{ "device": { "unique-id": "netopeer", "ssh-client-params": { "host-key": "AAAAB3NzaC1yc2EAAAADAQABAAABAQCwqz0kHv7iZdXSqYSaYTyvdtTayJ8Yqu3BhqLWQupsURWnkSJx8XUsUtwSOvTiEiNPCL8UOQaaWL3OLOyKqldCP9uZfSTd/47O27s7OTm10bKsLT3mTk21+bzLslPgWntxrFTZJzpG0HIjUf0WNYZwIE3HY8bZAYddDi38kS20oRrBjdWbC0XUxmyCVDh8oucegOLhHj12w9a5iBSEKosx0T63maIVr8M0IU7HnaQ1sp9/OBJmygI5r+EFWh7ao279W9v/pH5mMSHZnYIFthWpzpO0JMoksSXIktNBFkfAVjZr/+NvNj7tq8Xd6lILHrWBdeqY3kjTH7BiMoNjLa0N", "credentials" : { "username": "netconf", "passwords": [ "netconf" ] } } } }'
The status of the newly created allowed device will be as follows:
{ "odl-netconf-callhome-server:netconf-callhome-server": { "allowed-devices": { "device": [ { "unique-id": "netopeer", "device-status": "DISCONNECTED", "ssh-client-params": { "host-key": "AAAAB3NzaC1yc2EAAAADAQABAAABAQCwqz0kHv7iZdXSqYSaYTyvdtTayJ8Yqu3BhqLWQupsURWnkSJx8XUsUtwSOvTiEiNPCL8UOQaaWL3OLOyKqldCP9uZfSTd/47O27s7OTm10bKsLT3mTk21+bzLslPgWntxrFTZJzpG0HIjUf0WNYZwIE3HY8bZAYddDi38kS20oRrBjdWbC0XUxmyCVDh8oucegOLhHj12w9a5iBSEKosx0T63maIVr8M0IU7HnaQ1sp9/OBJmygI5r+EFWh7ao279W9v/pH5mMSHZnYIFthWpzpO0JMoksSXIktNBFkfAVjZr/+NvNj7tq8Xd6lILHrWBdeqY3kjTH7BiMoNjLa0N", "credentials": { "username": "netconf", "passwords": [ "netconf" ] } } }, { "unique-id": "172.17.0.2:54042", "device-status": "FAILED_NOT_ALLOWED", "ssh-client-params": { "host-key": "AAAAB3NzaC1yc2EAAAADAQABAAABAQCwqz0kHv7iZdXSqYSaYTyvdtTayJ8Yqu3BhqLWQupsURWnkSJx8XUsUtwSOvTiEiNPCL8UOQaaWL3OLOyKqldCP9uZfSTd/47O27s7OTm10bKsLT3mTk21+bzLslPgWntxrFTZJzpG0HIjUf0WNYZwIE3HY8bZAYddDi38kS20oRrBjdWbC0XUxmyCVDh8oucegOLhHj12w9a5iBSEKosx0T63maIVr8M0IU7HnaQ1sp9/OBJmygI5r+EFWh7ao279W9v/pH5mMSHZnYIFthWpzpO0JMoksSXIktNBFkfAVjZr/+NvNj7tq8Xd6lILHrWBdeqY3kjTH7BiMoNjLa0N" } } ] } } }
`topology-netconf` will be empty
Every two seconds, new messages will appear in the karaf.log as follows:
13:04:40.672 INFO [ssh-call-home-server-8] Repeating rejection of unlisted device with id of netopeer 13:04:40.672 INFO [ssh-call-home-server-8] No auth settings found. Connection from /172.17.0.2:34566 rejected. 13:04:40.673 WARN [ssh-call-home-server-8] exceptionCaught(TransportClientSession[ignored@/172.17.0.2:34566])[state=Opened] SshException: Server key did not validate 13:04:40.673 WARN [ssh-call-home-server-8] Session 264 encountered an error org.opendaylight.netconf.shaded.sshd.common.SshException: Server key did not validate at org.opendaylight.netconf.shaded.sshd.client.session.AbstractClientSession.checkKeys(AbstractClientSession.java:645) ~[?:?] at org.opendaylight.netconf.shaded.sshd.common.session.helpers.AbstractSession.handleKexMessage(AbstractSession.java:766) ~[?:?] at org.opendaylight.netconf.shaded.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:621) ~[?:?] at org.opendaylight.netconf.shaded.sshd.common.session.helpers.AbstractSession.lambda$handleMessage$0(AbstractSession.java:545) ~[?:?] at org.opendaylight.netconf.shaded.sshd.common.util.threads.ThreadUtils.runAsInternal(ThreadUtils.java:68) ~[?:?] at org.opendaylight.netconf.shaded.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:544) ~[?:?] at org.opendaylight.netconf.shaded.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1688) ~[?:?] at org.opendaylight.netconf.shaded.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:505) ~[?:?] at org.opendaylight.netconf.shaded.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:64) ~[?:?] at org.opendaylight.netconf.shaded.sshd.netty.NettyIoSession.channelRead(NettyIoSession.java:293) ~[?:?] at org.opendaylight.netconf.shaded.sshd.netty.NettyIoSession$Adapter.channelReadComplete(NettyIoSession.java:400) ~[?:?] at io.netty.channel.AbstractChannelHandlerContext.invokeChannelReadComplete(AbstractChannelHandlerContext.java:486) [bundleFile:4.1.104.Final] at io.netty.channel.AbstractChannelHandlerContext.invokeChannelReadComplete(AbstractChannelHandlerContext.java:463) [bundleFile:4.1.104.Final] at io.netty.channel.AbstractChannelHandlerContext.fireChannelReadComplete(AbstractChannelHandlerContext.java:456) [bundleFile:4.1.104.Final] at io.netty.channel.DefaultChannelPipeline$HeadContext.channelReadComplete(DefaultChannelPipeline.java:1415) [bundleFile:4.1.104.Final] at io.netty.channel.AbstractChannelHandlerContext.invokeChannelReadComplete(AbstractChannelHandlerContext.java:482) [bundleFile:4.1.104.Final] at io.netty.channel.AbstractChannelHandlerContext.invokeChannelReadComplete(AbstractChannelHandlerContext.java:463) [bundleFile:4.1.104.Final] at io.netty.channel.DefaultChannelPipeline.fireChannelReadComplete(DefaultChannelPipeline.java:925) [bundleFile:4.1.104.Final] at io.netty.channel.epoll.AbstractEpollStreamChannel$EpollStreamUnsafe.epollInReady(AbstractEpollStreamChannel.java:820) [bundleFile:4.1.104.Final] at io.netty.channel.epoll.EpollEventLoop.processReady(EpollEventLoop.java:509) [bundleFile:4.1.104.Final] at io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:407) [bundleFile:4.1.104.Final] at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:997) [bundleFile:4.1.104.Final] at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) [bundleFile:4.1.104.Final] at java.lang.Thread.run(Thread.java:840) [?:?] 13:04:40.674 INFO [ssh-call-home-server-8] Disconnecting(TransportClientSession[ignored@/172.17.0.2:34566]): SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE - Server key did not validate