| Home | Current Systems | Former STK Products | EOL Systems | Components | General Info | Search | Feedback |
| Oracle System Handbook - ISO 7.0 May 2018 Internal/Partner Edition | ||
|
|
||
 |
||||||||||||||||||
Solution Type Problem Resolution Sure Solution 2135502.1 : Data Feed To External Server Stopped Working After Modifying SSH Version On Destination Server
In this Document
Created from <SR 3-12569378101> Applies to:BNS Platform Hardware - Version DSR 3.0 and laterInformation in this document applies to any platform. DIH allows SFTP exports onto an external server. SymptomsDatafeed does not export files on destination server after the customer made some upgrades on this server, including SSH. It is possible to ping the server. ChangesDestination server has been updated and ssh has been upgraded into OpenSSH_6.9p1, OpenSSL 1.0.1k-fips CauseThere is an inconsistency between IXP SFTP connection attempt and the destination server SFTP connection allowed. The dataexport log shows following message when the test datafeed is launched: 2016-04-22 09:49:59,516|ERROR|TT-16775-84508|SFTPTransporter: Retry: 8; Error: Not able to login to: SFTPConfig: cfguser@192.168.1.2:22 checkKey: false; path: ExportPath, error: Algorithm negotiation fail
java.io.IOException: Not able to login to: SFTPConfig: cfguser@192.168.1.2:22 checkKey: false; path: DSR_Upload, error: Algorithm negotiation fail at com.tekelec.dataexport.transport.sftp.SFTPTransporter.initialize(SFTPTransporter.java:56) at com.tekelec.dataexport.export.flexible.transporter.FileFeedTransporter.copyFile(FileFeedTransporter.java:136) at com.tekelec.dataexport.export.flexible.transporter.thread.TransportThread.run(TransportThread.java:81) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) at java.util.concurrent.FutureTask.run(FutureTask.java:166) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:679) Caused by: com.jcraft.jsch.JSchException: Algorithm negotiation fail at com.jcraft.jsch.Session.receive_kexinit(Session.java:529) at com.jcraft.jsch.Session.connect(Session.java:291) at com.jcraft.jsch.Session.connect(Session.java:154) at com.tekelec.dataexport.transport.sftp.SFTPTransporter.initialize(SFTPTransporter.java:50) ... 8 more It shows an error in the module SFTPTransporter.java. The ssh connection on DIH system uses "diffie-hellman-group1-sha1" key exchange algorithm in the java initialisation. This algorithm is not supported anymore by OpenSSH (for the version upgraded on the destination server). SolutionSSH version on destination server (for file export) and DIH must be compatible. DIH supports only "diffie-hellman-group1-sha1"key exchange algorithm, and it is not more supported in very last versions of OpenSSH. This prevent the connection establishment between servers. The only solution is to put on export server a compatible version of SSH. Attachments This solution has no attachment |
||||||||||||||||||
|
||||||||||||||||||