[#NETCONF-521] Netconf with Key auth does not work

2018-03-02T00:38:15,881 | WARN | sshd-SshClient[5dede481]-nio2-thread-2 | AcceptAllServerKeyVerifier | 155 - org.apache.sshd.core - 1.6.0 | Server at /10.30.170.85:830 presented unverified RSA key: SHA256:4JBIKB6++B4Qr/W1OITOQluaBl08omQ9SuAHvLic9RI 2018-03-02T00:38:16,348 | WARN | sshd-SshClient[5dede481]-nio2-thread-4 | AsyncSshHandler | 439 - org.opendaylight.netconf.netty-util - 1.4.0.SNAPSHOT | Unable to setup SSH connection on channel: [id: 0x94296797] org.apache.sshd.common.SshException: No more authentication methods available at org.apache.sshd.client.session.ClientUserAuthService.tryNext(ClientUserAuthService.java:314) ~[155:org.apache.sshd.core:1.6.0] at org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:251) ~[155:org.apache.sshd.core:1.6.0] at org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:198) ~[155:org.apache.sshd.core:1.6.0] at org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:566) ~[155:org.apache.sshd.core:1.6.0] at org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:499) ~[155:org.apache.sshd.core:1.6.0] at org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1413) ~[155:org.apache.sshd.core:1.6.0] at org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:460) ~[155:org.apache.sshd.core:1.6.0] at org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:66) ~[155:org.apache.sshd.core:1.6.0] at org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:284) ~[155:org.apache.sshd.core:1.6.0] at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:264) ~[155:org.apache.sshd.core:1.6.0] at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:261) ~[155:org.apache.sshd.core:1.6.0] at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38) ~[155:org.apache.sshd.core:1.6.0] at java.security.AccessController.doPrivileged(Native Method) ~[?:?] at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37) [155:org.apache.sshd.core:1.6.0] at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) [?:?] at sun.nio.ch.Invoker$2.run(Invoker.java:218) [?:?] at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112) [?:?] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:?] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:?] at java.lang.Thread.run(Thread.java:748) [?:?]

POST http://127.0.0.1:8181/restconf/operations/netconf-keystore:add-keystore-entry <input xmlns="urn:opendaylight:netconf:keystore"> <key-credential> <key-id>device-key</key-id> <private-key>MIIEpAIBAAKCAQEA1XU/F3AF8idl6+4807uonK5ZQ/F9lWfIiEXJjPLOoMgl2zQgqM4ojkgFCrwDP8KVXu ... MlQAzCDDXzDHkrgw==</private-key> <passphrase></passphrase> </key-credential> </input>

POST http://127.0.0.1:8181/restconf/operations/netconf-keystore:add-keystore-entry <input xmlns="urn:opendaylight:netconf:keystore"> <key-credential> <key-id>device-key</key-id> <private-key>-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEA1XU/F3AF8idl6+4807uonK5ZQ/F9lWfIiEXJjPLOoMgl2zQgqM4ojkgFCrwDP8KVXu ... MlQAzCDDXzDHkrgw==\n-----END RSA PRIVATE KEY-----</private-key> <passphrase></passphrase> </key-credential> </input>

2018-03-07T08:02:42,690 | WARN  | opendaylight-cluster-data-notification-dispatcher-279 | DatastoreBackedPublicKeyAuth     | 301 - org.opendaylight.netconf.sal-netconf-connector - 1.7.0.SNAPSHOT | Unable to decode private key, id=device-key
java.io.IOException: -----END RSA PRIVATE KEY not found
	at org.bouncycastle.util.io.pem.PemReader.loadObject(Unknown Source) [10:bcprov:1.58.0]
	at org.bouncycastle.util.io.pem.PemReader.readPemObject(Unknown Source) [10:bcprov:1.58.0]
	at org.bouncycastle.openssl.PEMParser.readObject(Unknown Source) [11:bcpkix:1.58.0]
	at org.opendaylight.aaa.encrypt.PKIUtil.doDecodePrivateKey(PKIUtil.java:215) [187:org.opendaylight.aaa.encrypt-service:0.7.0.SNAPSHOT]
	at org.opendaylight.aaa.encrypt.PKIUtil.decodePrivateKey(PKIUtil.java:202) [187:org.opendaylight.aaa.encrypt-service:0.7.0.SNAPSHOT]
	at org.opendaylight.netconf.sal.connect.netconf.auth.DatastoreBackedPublicKeyAuth.tryToSetKeyPair(DatastoreBackedPublicKeyAuth.java:74) [301:org.opendaylight.netconf.sal-netconf-connector:1.7.0.SNAPSHOT]
	at org.opendaylight.netconf.sal.connect.netconf.auth.DatastoreBackedPublicKeyAuth.<init>(DatastoreBackedPublicKeyAuth.java:46) [301:org.opendaylight.netconf.sal-netconf-connector:1.7.0.SNAPSHOT]
	at org.opendaylight.netconf.topology.AbstractNetconfTopology.getHandlerFromCredentials(AbstractNetconfTopology.java:483) [117:netconf-topology-config:1.4.0.SNAPSHOT]
	at org.opendaylight.netconf.topology.AbstractNetconfTopology.getClientConfig(AbstractNetconfTopology.java:448) [117:netconf-topology-config:1.4.0.SNAPSHOT]
	at org.opendaylight.netconf.topology.AbstractNetconfTopology.setupConnection(AbstractNetconfTopology.java:242) [117:netconf-topology-config:1.4.0.SNAPSHOT]
	at org.opendaylight.netconf.topology.AbstractNetconfTopology.connectNode(AbstractNetconfTopology.java:212) [117:netconf-topology-config:1.4.0.SNAPSHOT]
	at org.opendaylight.netconf.topology.impl.NetconfTopologyImpl.onDataTreeChanged(NetconfTopologyImpl.java:126) [117:netconf-topology-config:1.4.0.SNAPSHOT]
	at org.opendaylight.controller.md.sal.binding.impl.BindingDOMDataTreeChangeListenerAdapter.onDataTreeChanged(BindingDOMDataTreeChangeListenerAdapter.java:41) [211:org.opendaylight.controller.sal-binding-broker-impl:1.7.0.SNAPSHOT]
	at org.opendaylight.controller.cluster.datastore.DataTreeChangeListenerActor.dataChanged(DataTreeChangeListenerActor.java:67) [224:org.opendaylight.controller.sal-distributed-datastore:1.7.0.SNAPSHOT]
	at org.opendaylight.controller.cluster.datastore.DataTreeChangeListenerActor.handleReceive(DataTreeChangeListenerActor.java:41) [224:org.opendaylight.controller.sal-distributed-datastore:1.7.0.SNAPSHOT]
	at org.opendaylight.controller.cluster.common.actor.AbstractUntypedActor.onReceive(AbstractUntypedActor.java:38) [217:org.opendaylight.controller.sal-clustering-commons:1.7.0.SNAPSHOT]
	at akka.actor.UntypedActor$$anonfun$receive$1.applyOrElse(UntypedActor.scala:166) [83:com.typesafe.akka.actor:2.5.4]
	at akka.actor.Actor.aroundReceive(Actor.scala:514) [83:com.typesafe.akka.actor:2.5.4]
	at akka.actor.Actor.aroundReceive$(Actor.scala:512) [83:com.typesafe.akka.actor:2.5.4]
	at akka.actor.UntypedActor.aroundReceive(UntypedActor.scala:96) [83:com.typesafe.akka.actor:2.5.4]
	at akka.actor.ActorCell.receiveMessage(ActorCell.scala:527) [83:com.typesafe.akka.actor:2.5.4]
	at akka.actor.ActorCell.invoke(ActorCell.scala:496) [83:com.typesafe.akka.actor:2.5.4]
	at akka.dispatch.Mailbox.processMailbox(Mailbox.scala:257) [83:com.typesafe.akka.actor:2.5.4]
	at akka.dispatch.Mailbox.run(Mailbox.scala:224) [83:com.typesafe.akka.actor:2.5.4]
	at akka.dispatch.Mailbox.exec(Mailbox.scala:234) [83:com.typesafe.akka.actor:2.5.4]
	at akka.dispatch.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260) [83:com.typesafe.akka.actor:2.5.4]
	at akka.dispatch.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339) [83:com.typesafe.akka.actor:2.5.4]
	at akka.dispatch.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979) [83:com.typesafe.akka.actor:2.5.4]
	at akka.dispatch.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107) [83:com.typesafe.akka.actor:2.5.4]
2

[NETCONF-521] Netconf with Key auth does not work Created: 02/Mar/18 Updated: 08/Mar/18 Resolved: 08/Mar/18
Status:	Resolved
Project:	netconf
Component/s:	netconf
Affects Version/s:	Oxygen
Fix Version/s:	Oxygen

[NETCONF-521] Netconf with Key auth does not work Created: 02/Mar/18 Updated: 08/Mar/18 Resolved: 08/Mar/18