OneDev
Dashboards
Projects
Global Views
Code Search
server
Code
Pull Requests
Issues
List
Boards
Iterations
Builds
Packages
Statistics
Child Projects
Audit Log
OneDev 14.1.3
Documentation Support & Bug Report RESTful API Incompatibilities License Agreement Check Update
Projects onedev server Issues OD-845
Enigmatic SshException (OD-845)
wojtek opened 3 years ago

I'm trying to configure handling incoming mails (and helpdesk) and while trying to figure out why it's not working I noticed a lots of those entries in the logs.

2022-08-09 14:43:04,590 WARN  [sshd-SshServer[14e8a173](port=6611)-nio2-thread-1] o.a.s.s.session.ServerSessionImpl exceptionCaught(ServerSessionImpl[null@/10.244.0.200:36328])[state=Opened] SshException: Unable to negotiate key exchange for kex algorithms (client: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 / server: curve25519-sha256,[email protected],curve448-sha512,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256,diffie-hellman-group18-sha512,diffie-hellman-group17-sha512,diffie-hellman-group16-sha512,diffie-hellman-group15-sha512,diffie-hellman-group14-sha256,ext-info-s)

I could only assume it tries to open ssh connection somewhere but indication where exactly and what triggered it would be helpful. It seems to be happening every 3 seconds...

  • Robin Shen changed fields 3 years ago
    Name Previous Value Current Value 
    Type
    		 
    Bug
    		 
    Support Request
  • Robin Shen commented 3 years ago

    This does not necessarily mean a OneDev bug. Looks like some ssh client is connecting to OneDev with an unsupported algorithm. You may need to check the front-end Apache/Nginx log to find out which is connecting periodically.

  • wojtek commented 3 years ago

    We have typical nginx ingress configured. And this is a test deployment so almost nothing should be connecting there.

    Though, why it would be a SSH* ?

  • Robin Shen commented 3 years ago

    From the message, it is trying to connect to 6611 port which is the internal git SSH port. It means some git client is trying to clone OneDev repository, and rejected either because of unsupported algorithm, or invalid key.

  • wojtek commented 3 years ago

    I tried to reproduce by pulling from (our) 1dev repositories using console git/sourcetree/jetbrains idea and couldn't reproduce it. What's more, it seems to stop to happen periodically, i.e. I can't reproduce it.

  • Robin Shen changed state to 'Closed' 3 years ago
    Previous Value Current Value 
    Open
    		 
    Closed
  • Robin Shen commented 3 years ago

    Thanks for trying to reproduce. Feel free to reopen if there is any clue.

issue 1/1
Type
Question
Priority
Normal
Assignee
Robin Shen
Issue Votes (0)
Login to vote
Watchers (4)
Reference
OD-845
Please wait...
Connection lost or session expired, reload to recover
Page is in error, reload to recover