search

netfishers-onl / Netshot

Network Configuration and Compliance Management
http://www.netfishers.onl/netshot
240 stars 57 forks source link

fortigate backup stopped working. #301

Closed pizu closed 5 months ago

pizu commented 5 months ago

java.io.IOException: Algorithm negotiation fail at onl.netfishers.netshot.device.access.Ssh.connect(Ssh.java:304) at onl.netfishers.netshot.device.script.CliScript.connectRun(CliScript.java:253) at onl.netfishers.netshot.device.script.CliScript.connectRun(CliScript.java:205) at onl.netfishers.netshot.work.tasks.TakeSnapshotTask.run(TakeSnapshotTask.java:211) at onl.netfishers.netshot.work.TaskJob.execute(TaskJob.java:94) at org.quartz.core.JobRunShell.run(JobRunShell.java:202) at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:573) Caused by: com.jcraft.jsch.JSchException: Algorithm negotiation fail at com.jcraft.jsch.Session.receive_kexinit(Session.java:593) at com.jcraft.jsch.Session.connect(Session.java:323) at onl.netfishers.netshot.device.access.Ssh.connect(Ssh.java:297) ... 6 common frames omitted 2024-03-26 14:54:00,388 ERROR [QuartzScheduler_Worker-2] TakeSnapshotTask: Task 2632384. Error while taking the snapshot. java.io.IOException: Couldn't open either SSH or Telnet socket with the device. at onl.netfishers.netshot.device.script.CliScript.connectRun(CliScript.java:474) at onl.netfishers.netshot.device.script.CliScript.connectRun(CliScript.java:205) at onl.netfishers.netshot.work.tasks.TakeSnapshotTask.run(TakeSnapshotTask.java:211) at onl.netfishers.netshot.work.TaskJob.execute(TaskJob.java:94) at org.quartz.core.JobRunShell.run(JobRunShell.java:202) at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:573) 2024-03-26 14:54:00,396 WARN [QuartzScheduler_Worker-2] TaskJob: End of task 2632384.

pizu commented 5 months ago

issue seems to have started when we upgraded the fortigate on the 7.2 versions.

fortigate with 6.4 and 7.0 are working.

pizu commented 5 months ago

I think this is related to #300

pizu commented 5 months ago

debug mode:

2024-03-26 15:05:44,584 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: Connecting to 172.16.60.115 port 22 2024-03-26 15:05:44,586 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: Connection established 2024-03-26 15:05:44,591 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: Remote version string: SSH-2.0-E_FJX_8QIu5p_Pq 2024-03-26 15:05:44,591 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: Local version string: SSH-2.0-JSCH-null 2024-03-26 15:05:44,591 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: CheckCiphers: chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256 2024-03-26 15:05:44,596 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: CheckMacs: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha2-512 2024-03-26 15:05:44,597 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: CheckKexes: diffie-hellman-group14-sha1,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521 2024-03-26 15:05:44,865 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: CheckSignatures: rsa-sha2-256,rsa-sha2-512,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-ed448 2024-03-26 15:05:44,867 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: ssh-ed25519 is not available. 2024-03-26 15:05:44,867 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: ssh-ed448 is not available. 2024-03-26 15:05:44,867 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: SSH_MSG_KEXINIT sent 2024-03-26 15:05:44,867 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: SSH_MSG_KEXINIT received 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: server: diffie-hellman-group-exchange-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: server: ssh-ed25519 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: server: chacha20-poly1305@openssh.com,aes256-ctr,aes256-gcm@openssh.com 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: server: chacha20-poly1305@openssh.com,aes256-ctr,aes256-gcm@openssh.com 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: server: hmac-sha2-256,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-512-etm@openssh.com 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: server: hmac-sha2-256,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-512-etm@openssh.com 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: server: none,zlib@openssh.com 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: server: none,zlib@openssh.com 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: server: 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: server: 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: client: diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: client: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-256,rsa-sha2-512,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: client: aes128-gcm@openssh.com,aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-gcm@openssh.com,aes256-ctr,aes256-cbc 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: client: aes128-gcm@openssh.com,aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-gcm@openssh.com,aes256-ctr,aes256-cbc 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: client: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha1-96,hmac-md5-96 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: client: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha1-96,hmac-md5-96 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: client: none 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: client: none 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: client: 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: client: 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: Disconnecting from 172.16.60.115 port 22

pizu commented 5 months ago

Sorted with the latest version.

On Tue, 26 Mar 2024, 15:08 pizu, @.***> wrote:

debug mode:

2024-03-26 15:05:44,584 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: Connecting to 172.16.60.115 port 22 2024-03-26 15:05:44,586 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: Connection established 2024-03-26 15:05:44,591 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: Remote version string: SSH-2.0-E_FJX_8QIu5p_Pq 2024-03-26 15:05:44,591 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: Local version string: SSH-2.0-JSCH-null 2024-03-26 15:05:44,591 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: CheckCiphers: @.**@., @. ,aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256 2024-03-26 15:05:44,596 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: CheckMacs: @*.**@*. ,hmac-sha2-256,hmac-sha2-512 2024-03-26 15:05:44,597 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: CheckKexes: diffie-hellman-group14-sha1,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521 2024-03-26 15:05:44,865 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: CheckSignatures: rsa-sha2-256,rsa-sha2-512,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-ed448 2024-03-26 15:05:44,867 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: ssh-ed25519 is not available. 2024-03-26 15:05:44,867 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: ssh-ed448 is not available. 2024-03-26 15:05:44,867 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: SSH_MSG_KEXINIT sent 2024-03-26 15:05:44,867 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: SSH_MSG_KEXINIT received 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: server: diffie-hellman-group-exchange-sha256, @. ,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: server: ssh-ed25519 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: server: @.,aes256-ctr, @. 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: server: @.,aes256-ctr, @. 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: server: @.,hmac-sha2-512, @. 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: server: @.,hmac-sha2-512, @. 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: server: @. 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: server: @. 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: server: 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: server: 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: client: diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: client: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-256,rsa-sha2-512,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: client: @. ,aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc, @.,aes256-ctr,aes256-cbc 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: client: @. ,aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc, @.,aes256-ctr,aes256-cbc 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: client: @.**@., @.**@., @.**@. ,hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha1-96,hmac-md5-96 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: client: @.**@., @.**@., @.**@. ,hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha1-96,hmac-md5-96 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: client: none 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: client: none 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: client: 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: kex: client: 2024-03-26 15:05:44,868 INFO [QuartzScheduler_Worker-1] Ssh$JschLogger: Disconnecting from 172.16.60.115 port 22

— Reply to this email directly, view it on GitHub https://github.com/netfishers-onl/Netshot/issues/301#issuecomment-2020529875, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABVYRHQEE736CSWQPFWKZHDY2FXOFAVCNFSM6AAAAABFI7LUUGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDAMRQGUZDSOBXGU . You are receiving this because you are subscribed to this thread.Message ID: @.***>