Hi JB, Did you have any suggestion as why bc is cauing karaf client (sshd) to fail.
*Thanks & Regards,Yogesh Sharma* On Sat, Jan 26, 2019 at 3:12 PM Yogesh Sharma <[email protected]> wrote: > Hi JB, > > For secrets managements. > > > > > *Thanks & Regards,Yogesh Sharma* > > > On Sat, Jan 26, 2019 at 2:33 PM Jean-Baptiste Onofré <[email protected]> > wrote: > >> Hi, >> >> Oh ok. Interesting. What for are you using bc ? >> >> Regards >> JB >> >> On 26/01/2019 09:03, Yogesh Sharma wrote: >> > >> > I found this as in issue with bouncy castle version 1.55 we are using. >> > >> > /Thanks & Regards, >> > >> > Yogesh Sharma >> > / >> > >> > >> > On Fri, Jan 25, 2019 at 11:18 PM Yogesh Sharma <[email protected] >> > <mailto:[email protected]>> wrote: >> > >> > Nothing unusual in karaf.log . Enabled DEBUG but did not saw >> > anything suspicious. Checking further. >> > >> > Thanks >> > Yogesh >> > >> > On Fri, 25 Jan 2019 at 10:18 PM, Jean-Baptiste Onofré >> > <[email protected] <mailto:[email protected]>> wrote: >> > >> > It sounds good. >> > >> > Nothing in karaf.log ? >> > >> > That's weird, I don't see obvious issue here. >> > >> > Regards >> > JB >> > >> > On 25/01/2019 16:23, Yogesh Sharma wrote: >> > > Agreed that it is environmental issue. >> > > >> > > >> > > We start with ${KARAF_HOME}/bin/start clean [For background >> mode] >> > > >> > > >> > > *Java Version* >> > > >> > > $ java -version >> > > java version "1.8.0_181" >> > > Java(TM) SE Runtime Environment (build 1.8.0_181-b13) >> > > Java HotSpot(TM) 64-Bit Server VM (build 25.181-b13, mixed >> mode) >> > > >> > > >> > > *No IPTables: {no blocker}* >> > > >> > > # iptables -L >> > > Chain INPUT (policy ACCEPT) >> > > target prot opt source destination >> > > >> > > Chain FORWARD (policy ACCEPT) >> > > target prot opt source destination >> > > >> > > Chain OUTPUT (policy ACCEPT) >> > > target prot opt source destination >> > > You have new mail in /var/spool/mail/root >> > > >> > > I will check what else could be the issue. >> > > >> > > /Thanks & Regards, >> > > >> > > Yogesh Sharma >> > > / >> > > >> > > >> > > On Fri, Jan 25, 2019 at 8:37 PM Jean-Baptiste Onofré >> > <[email protected] <mailto:[email protected]> >> > > <mailto:[email protected] <mailto:[email protected]>>> wrote: >> > > >> > > Hi, >> > > >> > > What JDK do you use ? >> > > >> > > Nothing in the Karaf log ? >> > > You confirm that, before trying ssh client, you start >> > karaf with >> > > bin/karaf right ? >> > > No iptables on your machine ? >> > > >> > > For sure it's an environment issue. >> > > >> > > Regards >> > > JB >> > > >> > > On 25/01/2019 15:52, Yogesh Sharma wrote: >> > > > >> > > > /Hi JB,/ >> > > > / >> > > > / >> > > > /I tried it again but same issue. Karaf SSH port >> > /22222 is not >> > > > listening. Could it be some config issue? >> > > > // >> > > > / >> > > > / >> > > > /[root@ip-10-89-101-98 apache-karaf]# netstat -tulnp | >> > grep /22222/ >> > > > [root@ip-10-89-101-98 apache-karaf]# bin/client -a >> 22222 >> > > > Logging in as karaf >> > > > Failed to get the session. >> > > > [root@ip-10-89-101-98 apache-karaf]# ssh -p 22222 >> > [email protected] <mailto:[email protected]> >> > > <mailto:[email protected] <mailto:[email protected]>> >> > > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>>> >> > > > ssh: connect to host 127.0.0.1 port 22222: Connection >> > refused >> > > > [root@ip-10-89-101-98 apache-karaf]# >> > > > / >> > > > / >> > > > / >> > > > / >> > > > / >> > > > /cat etc/org.apache.karaf.shell.cfg | grep -v "^#" >> > > > >> > > > sshPort=22222 >> > > > sshHost=127.0.0.1 >> > > > sshIdleTimeout=1800000 >> > > > sshRealm=karaf >> > > > hostKey=${karaf.etc}/host.key >> > > > hostKeyFormat=simple >> > > > completionMode=GLOBAL >> > > > >> > > > / >> > > > / >> > > > / >> > > > / >> > > > / >> > > > /Thanks & Regards, >> > > > >> > > > Yogesh Sharma >> > > > / >> > > > >> > > > >> > > > On Fri, Jan 25, 2019 at 7:57 PM Jean-Baptiste Onofré >> > > <[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>> >> > > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>>>> wrote: >> > > > >> > > > So, on a fresh Karaf 4.1.6 instance (I'm on Ubuntu): >> > > > >> > > > 1. I changed etc/org.apache.karaf.shell.cfg with: >> > > > >> > > > sshPort=22222 >> > > > >> > > > 2. I started instance with regular bin/karaf >> > > > >> > > > 3. I can connect with the client, no problem: >> > > > >> > > > bin/client -a 22222 >> > > > >> > > > 4. I can also connect with ssh: >> > > > >> > > > ssh -p 22222 karaf@localhost >> > > > >> > > > So it works without problem for me. >> > > > >> > > > Can you please try to remove the heading/trailing >> > space around >> > > 22222 ? >> > > > >> > > > Regards >> > > > JB >> > > > >> > > > On 25/01/2019 15:15, Yogesh Sharma wrote: >> > > > > Hi JB, >> > > > > >> > > > > Will you be able to replicate this issue? >> > > > > >> > > > > /Thanks & Regards, >> > > > > >> > > > > Yogesh Sharma >> > > > > / >> > > > > >> > > > > >> > > > > On Thu, Jan 24, 2019 at 3:44 PM Jean-Baptiste >> Onofré >> > > > <[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>> >> > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>>> >> > > > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>> >> > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>>>>> wrote: >> > > > > >> > > > > Let me try with 4.1.6. >> > > > > >> > > > > Regards >> > > > > JB >> > > > > >> > > > > On 24/01/2019 10:42, Yogesh Sharma wrote: >> > > > > > Hi JB, >> > > > > > >> > > > > > Please find the comments inline below: >> > > > > > >> > > > > > *what Karaf version are you using ?* >> > > > > > >> > > > > > Version: 4.1.6 >> > > > > > >> > > > > > *Did you try to find on 0.0.0.0 instead of >> > the loopback ?* >> > > > > > >> > > > > > Yes, it is not listening there as well >> > (netstat) and >> > > client >> > > > gives the >> > > > > > same error message >> > > > > > >> > > > > > [root@ip-10-89-85-51 bin]# netstat -tulnp | >> > grep 0.0.0.0 | >> > > > grep 22222 >> > > > > > [root@ip-10-89-85-51 bin]# ../bin/client -a >> > 22222 -h >> > > 0.0.0.0 >> > > > > > Logging in as karaf >> > > > > > Failed to get the session. >> > > > > > [root@ip-10-89-85-51 bin] >> > > > > > >> > > > > > >> > > > > > >> > > > > > *Do you have something in the log when sshd >> > starts ?* >> > > > > > >> > > > > > Nothing unusual, Below are the restart logs >> > > > > > >> > > > > > Jan 24 01:41:53 ip-10-89-85-51 systemd: >> Stopping >> > > OpenSSH server >> > > > > daemon... >> > > > > > Jan 24 01:41:53 ip-10-89-85-51 systemd: >> > Stopped OpenSSH >> > > > server daemon. >> > > > > > Jan 24 01:41:53 ip-10-89-85-51 systemd: >> Starting >> > > OpenSSH server >> > > > > daemon... >> > > > > > Jan 24 01:41:53 ip-10-89-85-51 sshd: >> > /etc/ssh/sshd_config >> > > > line 71: >> > > > > > Deprecated option RhostsRSAAuthentication >> > > > > > Jan 24 01:41:53 ip-10-89-85-51 systemd: >> > Started OpenSSH >> > > > server daemon. >> > > > > > >> > > > > > /Thanks & Regards, >> > > > > > >> > > > > > Yogesh Sharma >> > > > > > / >> > > > > > >> > > > > > >> > > > > > On Thu, Jan 24, 2019 at 2:41 PM >> > Jean-Baptiste Onofré >> > > > > <[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>> >> > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>>> >> > > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>> >> > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>>>> >> > > > > > <mailto:[email protected] >> > <mailto:[email protected]> <mailto:[email protected] >> > <mailto:[email protected]>> >> > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>>> >> > > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>> >> > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>>>>>> wrote: >> > > > > > >> > > > > > Hi, >> > > > > > >> > > > > > what Karaf version are you using ? >> > > > > > >> > > > > > Did you try to find on 0.0.0.0 instead >> > of the >> > > loopback ? >> > > > > > >> > > > > > Do you have something in the log when >> > sshd starts ? >> > > > > > >> > > > > > Regards >> > > > > > JB >> > > > > > >> > > > > > On 24/01/2019 09:48, Yogesh Sharma >> wrote: >> > > > > > > Hi List, >> > > > > > > >> > > > > > > We are getting "Failed to get the >> > session." while >> > > > trying to >> > > > > connect to >> > > > > > > karaf using client. Actual issue is >> we are >> > > unable to list >> > > > > bundle. >> > > > > > > >> > > > > > > >> > > > > > > We are using custom sshPort in >> > > > org.apache.karaf.shell.cfg i.e. : >> > > > > > > >> > > > > > > # cat org.apache.karaf.shell.cfg | >> > grep -v "^#" >> > > > > > > sshPort = 22222 >> > > > > > > sshHost = 127.0.0.1 >> > > > > > > sshIdleTimeout = 1800000 >> > > > > > > sshRealm = karaf >> > > > > > > hostKey = ${karaf.etc}/host.key >> > > > > > > hostKeyFormat = simple >> > > > > > > sshRole = admin >> > > > > > > completionMode = GLOBAL >> > > > > > > >> > > > > > > However, I don't see that this port is >> > listening >> > > and we do >> > > > > > bin/client we >> > > > > > > get below message: >> > > > > > > >> > > > > > > [root@localhost etc]# netstat -tulnp >> | >> > grep 22222 >> > > > > > > [root@localhost etc]# >> > > > > > > >> > > > > > > Login Attempt using client is failing >> with >> > > *"Failed to >> > > > get the >> > > > > > session."* >> > > > > > > >> > > > > > > *[root@ip-10-89-83-49 etc]# >> ../bin/client >> > > > > > > Logging in as karaf >> > > > > > > Failed to get the session.* >> > > > > > > >> > > > > > > [root@ip-10-89-83-49 etc]# >> > ../bin/client -a 22222 >> > > > > > > Logging in as karaf >> > > > > > > Failed to get the session. >> > > > > > > >> > > > > > > [root@ip-10-89-83-49 etc]# >> > ../bin/client -a 22222 -h >> > > > 127.0.0.1 >> > > > > > > Logging in as karaf >> > > > > > > Failed to get the session. >> > > > > > > [root@ip-10-89-83-49 etc]# >> > > > > > > >> > > > > > > Any suggestions please ? >> > > > > > > >> > > > > > > >> > > > > > > /Thanks & Regards, >> > > > > > > >> > > > > > > Yogesh Sharma / >> > > > > > >> > > > > > -- >> > > > > > Jean-Baptiste Onofré >> > > > > > [email protected] >> > <mailto:[email protected]> <mailto:[email protected] >> > <mailto:[email protected]>> >> > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>>> >> > > > <mailto:[email protected] >> > <mailto:[email protected]> <mailto:[email protected] >> > <mailto:[email protected]>> >> > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>>>> >> > > > > <mailto:[email protected] >> > <mailto:[email protected]> <mailto:[email protected] >> > <mailto:[email protected]>> >> > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>>> >> > > > <mailto:[email protected] >> > <mailto:[email protected]> <mailto:[email protected] >> > <mailto:[email protected]>> >> > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>>>>> >> > > > > > http://blog.nanthrax.net >> > > > > > Talend - http://www.talend.com >> > > > > > >> > > > > >> > > > > -- >> > > > > Jean-Baptiste Onofré >> > > > > [email protected] >> > <mailto:[email protected]> <mailto:[email protected] >> > <mailto:[email protected]>> >> > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>>> >> > > > <mailto:[email protected] >> > <mailto:[email protected]> <mailto:[email protected] >> > <mailto:[email protected]>> >> > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>>>> >> > > > > http://blog.nanthrax.net >> > > > > Talend - http://www.talend.com >> > > > > >> > > > >> > > > -- >> > > > Jean-Baptiste Onofré >> > > > [email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>> >> > > <mailto:[email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>>> >> > > > http://blog.nanthrax.net >> > > > Talend - http://www.talend.com >> > > > >> > > >> > > -- >> > > Jean-Baptiste Onofré >> > > [email protected] <mailto:[email protected]> >> > <mailto:[email protected] <mailto:[email protected]>> >> > > http://blog.nanthrax.net >> > > Talend - http://www.talend.com >> > > >> > >> > -- >> > Jean-Baptiste Onofré >> > [email protected] <mailto:[email protected]> >> > http://blog.nanthrax.net >> > Talend - http://www.talend.com >> > >> > -- >> > Yogesh Sharma >> > >> >> -- >> Jean-Baptiste Onofré >> [email protected] >> http://blog.nanthrax.net >> Talend - http://www.talend.com >> >
