[ODLPARENT-33] ssh problems lead to netconf connector problems and bin/client failures Created: 19/May/16  Updated: 24/Jan/18  Resolved: 24/Aug/16

Status: Resolved
Project: odlparent
Component/s: General
Affects Version/s: None
Fix Version/s: None

Type: Bug
Reporter: Peter Gubka Assignee: Unassigned
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All

External issue ID: 5923

 Description   

https://jenkins.opendaylight.org/bgpcep/job/bgpcep-csit-1node-userfeatures-only-boron/

the problems i ma hitting are the following ones:
1) bin/client is not able to connect to karaf
[odl@tobereplaced distribution-karaf-0.5.0-SNAPSHOT]$ ./bin/client -u karaf
client: JAVA_HOME not set; results may vary
Logging in as karaf
453 [sshd-SshClient[694f9431]-nio2-thread-1] WARN org.apache.sshd.client.session.ClientSessionImpl - Exception caught
java.security.NoSuchAlgorithmException: EC KeyPairGenerator not available
at java.security.KeyPairGenerator.getInstance(KeyPairGenerator.java:218)
at org.apache.sshd.common.util.SecurityUtils.getKeyPairGenerator(SecurityUtils.java:155)
at org.apache.sshd.common.kex.ECDH.<init>(ECDH.java:51)
at org.apache.sshd.client.kex.ECDHP256.getDH(ECDHP256.java:48)
at org.apache.sshd.client.kex.AbstractDHGClient.init(AbstractDHGClient.java:71)
at org.apache.sshd.common.session.AbstractSession.doHandleMessage(AbstractSession.java:390)
at org.apache.sshd.common.session.AbstractSession.handleMessage(AbstractSession.java:326)
at org.apache.sshd.client.session.ClientSessionImpl.handleMessage(ClientSessionImpl.java:306)
at org.apache.sshd.common.session.AbstractSession.decode(AbstractSession.java:780)
at org.apache.sshd.common.session.AbstractSession.messageReceived(AbstractSession.java:308)
at org.apache.sshd.common.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:54)
at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:184)
at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:170)
at org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30)
at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)
at sun.nio.ch.Invoker.invokeDirect(Invoker.java:157)
at sun.nio.ch.UnixAsynchronousSocketChannelImpl.implRead(UnixAsynchronousSocketChannelImpl.java:553)
at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:276)
at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:297)
at java.nio.channels.AsynchronousSocketChannel.read(AsynchronousSocketChannel.java:420)
at org.apache.sshd.common.io.nio2.Nio2Session.startReading(Nio2Session.java:170)
at org.apache.sshd.common.io.nio2.Nio2Connector$1.onCompleted(Nio2Connector.java:60)
at org.apache.sshd.common.io.nio2.Nio2Connector$1.onCompleted(Nio2Connector.java:53)
at org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30)
at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)
at sun.nio.ch.Invoker$2.run(Invoker.java:218)
at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Authentication failed
[odl@tobereplaced distribution-karaf-0.5.0-SNAPSHOT]$

i use
java -version
openjdk version "1.8.0_51"
OpenJDK Runtime Environment (build 1.8.0_51-b16) OpenJDK 64-Bit Server VM (build 25.51-b03, mixed mode)

2) i am unable to configure e.g. bgp peer via netconf connector, because i receive 404 every time i want to use it.

I believe this 2 things are related together.
POssibly https://bugs.opendaylight.org/show_bug.cgi?id=5917 is something similar.

 Comments   
Comment by Robert Varga [ 19/May/16 ]

Seems to be karaf-related.

Comment by Peter Gubka [ 26/May/16 ]

https://lists.opendaylight.org/pipermail/integration-dev/2016-May/006767.html

Comment by Michael Vorburger [ 30/May/16 ]

I've researched this a moment, and found other people having similar issues - it seems to have something to do with exact JDK version and installed JCE providers..

Curiously, I'm not able to easily reproduce this problem locally - are you? E.g. when trying to reproduce this using a Karaf built by https://wiki.opendaylight.org/view/OpenDaylight_Controller:MD-SAL:Startup_Project_Archetype as well as a distribution-karaf-0.4.1-Beryllium-SR1 DL'd about 2 months ago, then "./bin/client" works for me. This is on OpenJDK Runtime Environment (build 1.8.0_91-8u91-b14-0ubuntu4~16.04.1-b14). I doubt an upgrade of OpenJDK from 1.8.0_51 to a 1.8.0_91 helps, but maybe worth a try? What OS are you seeing this on BTW? (NOTE https://github.com/ojdkbuild/ojdkbuild). BTW mine says this, looks like by default it accepts any connection (huh?):

Logging in as karaf
377 [sshd-SshClient[7b3300e5]-nio2-thread-2] WARN org.apache.sshd.client.keyverifier.AcceptAllServerKeyVerifier - Server at [/0.0.0.0:8101, RSA, 70:5a:ba:43:83:a5:83:2a:46:92:db:1e:c3:6b:f1:c3] presented unverified {} key: {}

Or... is this problem specific and only happens when you.. perhaps put your public key SSH into Karaf? Or first enable security, somehow? Are there any specific set up steps / configurations you have taken which we should know about in order to try to reproduce this?

PS: I don't see what this 1) error ("NoSuchAlgorithmException: EC KeyPairGenerator not available") could have anything to do with 2) 404.. unless you see the same exception in the log when you access that HTTP, I would suspect these are unrelated.

Comment by Ryan Goulding [ 12/Jul/16 ]

Peter,

Can you please provide more environmental information surrounding how to reproduce this? If not, I am tempted to say we resolve this as invalid... it appears to be related to your build environment. That said, we are happy to make recommendations surrounding what works best for ODL environment setup.

Regards,
Ryan

Comment by Michael Vorburger [ 12/Jul/16 ]

Luis Gomez knows more about this, see email thread "Re: [integration-dev] bin/client advice", and https://issues.apache.org/jira/browse/KARAF-4502 ..

Comment by Ryan Goulding [ 12/Jul/16 ]

Okay JCE related. Thanks Michael... looks like if we upgrade to karaf 3.0.7 we could kill this bug too. Setting to confirmed.

Comment by Peter Gubka [ 13/Jul/16 ]

(In reply to Ryan Goulding from comment #4)
> Peter,
>
> Can you please provide more environmental information surrounding how to
> reproduce this? If not, I am tempted to say we resolve this as invalid...
> it appears to be related to your build environment. That said, we are happy
> to make recommendations surrounding what works best for ODL environment
> setup.
>
> Regards,
> Ryan

Hi.
lets mark it as invalid.
Peter

Comment by Ryan Goulding [ 09/Aug/16 ]

https://git.opendaylight.org/gerrit/#/c/40818/

Comment by Vratko Polak [ 24/Aug/16 ]

Re-opening as this appeared on Boron autorelease builds (not snapshots, frustrating).

https://logs.opendaylight.org/releng/jenkins092/integration-distribution-offline-boron/10/_console-output.log.gz

Comment by Vratko Polak [ 24/Aug/16 ]

Oops, sorry. Turns out that build is from before Karaf upgrade to 3.0.7 was merged.

Generated at Wed Feb 07 20:27:26 UTC 2024 using Jira 8.20.10#820010-sha1:ace47f9899e9ee25d7157d59aa17ab06aee30d3d.