search

cBackup / main

Releases, documentation and issue tracker
http://cbackup.me
GNU Affero General Public License v3.0
29 stars 17 forks source link

Algorithm negotiation fail #79

Open amithsr16 opened 2 years ago

amithsr16 commented 2 years ago

Not able to take backup of #Mellanox Switches . I checked few solutions where they recommended to update the algorithm in machine sshd_config file. But if I'm checking and trying to login from machine, able to access without any issue. This specific algorithm negotiation problem coming when I'm trying to take backup from the GUI.

Please suggest how to solve this. " Task backup, node 103: can't establish SSH connection. Schedule id: NONE Task name: backup Node id: 103 Worker id: 5 Exception: JSchException. Message: Algorithm negotiation fail Stack trace: com.jcraft.jsch.Session.receive_kexinit(Session.java:583) com.jcraft.jsch.Session.connect(Session.java:320) ssh.GeneralSsh.performJobs(GeneralSsh.java:385) ssh.GeneralSsh.execute(GeneralSsh.java:105) core.WorkerSsh.executeJobs(WorkerSsh.java:74) abstractions.AbstractWorker.call(AbstractWorker.java:89) abstractions.AbstractWorker.call(AbstractWorker.java:48) java.util.concurrent.FutureTask.run(FutureTask.java:266) java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) java.lang.Thread.run(Thread.java:748) "

amithsr16 commented 2 years ago

Anyone can suggest anything on reported issue, will be very helpful.

jakovm47 commented 1 year ago

Hello,

I did the SSH debugging on Huawei switch and the problem was different encryption negotiation algorithms between cBackup server (SSH client) and Huawei switch (SSH server). This was the output:

May 9 2023 11:44:33.508.9+02:00 Switch123 SSH/7/CHOOSE_KEX:Choose Kex algorithm:diffie-hellman-group-exchange-sha256. May 9 2023 11:44:33.508.10+02:00 Switch123 SSH/7/MATCH_PK_FAIL:No matching PK algorithm( client=ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, server=rsa-sha2-512,rsa-sha2-256,) ! May 9 2023 11:44:33.508.11+02:00 Switch123 SSH/7/KEX_FAIL:Kex negotiation failed. Can't find algorithms both supported! May 9 2023 11:44:33.508.12+02:00 Switch123 SSH/7/DISCONNECT:The connection is closed by SSH server, current FSM is SSH_Main_SSHProcess.

After enabling 'rsa' algorithm protocol on Huawei switch SSH negotiation suceeded and config backup was succesful.