Avamar: Não é possível adicionar ou editar o Data Domain devido à falta de codificação ou troca de chaves
Summary: Este artigo descreve um problema ao adicionar ou editar o Data Domain em um Avamar Server e como corrigi-lo.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
Avamar User Interface (AUI) > Administration > System > Data Domain. O seguinte erro é exibido ao adicionar ou editar o Data Domain:
Quando o erro ocorre, as seguintes mensagens de erro podem ser encontradas em /usr/local/avamar/var/mc/server_log/mcserver.log.0:
Problema de cifragem:
WARNING: com.maverick.ssh.SshException: com.maverick.ssh.SshException at com.maverick.ssh.components.jce.client.DiffieHellmanGroupExchangeSha1.performClientExchange(DiffieHellmanGroupExchangeSha1.java:315) at com.maverick.ssh2.TransportProtocol.performKeyExchange(TransportProtocol.java:1424) at com.maverick.ssh2.TransportProtocol.processMessage(TransportProtocol.java:1821) at com.maverick.ssh2.TransportProtocol.startTransportProtocol(TransportProtocol.java:348) at com.maverick.ssh2.Ssh2Client.connect(Ssh2Client.java:122) at com.maverick.ssh.SshConnector.connect(SshConnector.java:646) at com.maverick.ssh.SshConnector.connect(SshConnector.java:481) at com.avamar.mc.datadomain.DdrSsh.createSshClient(DdrSsh.java:133) at com.avamar.mc.datadomain.DdrSsh.createSshClient(DdrSsh.java:185) at com.avamar.mc.datadomain.DdrSsh.validateCredentials(DdrSsh.java:272) at com.avamar.mc.datadomain.DataDomainService.validateCredentialSshConnection(DataDomainService.java:3668) at com.avamar.mc.datadomain.DataDomainService.validateDdrInfoAndGetDdrSystemInfo(DataDomainService.java:3766) at sun.reflect.GeneratedMethodAccessor171.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:318) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:61) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at com.sun.proxy.$Proxy34.validateDdrInfoAndGetDdrSystemInfo(Unknown Source) at com.avamar.mc.datadomain.DataDomainServiceContext.validateDdrInfoAndGetDdrSystemInfo(DataDomainServiceContext.java:245) at sun.reflect.GeneratedMethodAccessor170.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:357) at sun.rmi.transport.Transport$1.run(Transport.java:200) at sun.rmi.transport.Transport$1.run(Transport.java:197)
Ou
Problema de troca de chave:
WARNING: com.maverick.ssh.SshException: Failed to negotiate a transport component [aes128-ctr,aes192-ctr,aes256-ctr,blowfish-cbc,aes128-cbc,aes192-cbc,aes256-cbc,arcfour,arcfour128,arcfour256] [chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com] [Unknown cause] at com.maverick.ssh2.TransportProtocol.selectNegotiatedComponent(TransportProtocol.java:1896) at com.maverick.ssh2.TransportProtocol.performKeyExchange(TransportProtocol.java:1277) at com.maverick.ssh2.TransportProtocol.processMessage(TransportProtocol.java:1821) at com.maverick.ssh2.TransportProtocol.startTransportProtocol(TransportProtocol.java:348) at com.maverick.ssh2.Ssh2Client.connect(Ssh2Client.java:122) at com.maverick.ssh.SshConnector.connect(SshConnector.java:646) at com.maverick.ssh.SshConnector.connect(SshConnector.java:481) at com.avamar.mc.datadomain.DdrSsh.createSshClient(DdrSsh.java:133) at com.avamar.mc.datadomain.DdrSsh.createSshClient(DdrSsh.java:185) at com.avamar.mc.datadomain.DdrSsh.validateCredentials(DdrSsh.java:272) at com.avamar.mc.datadomain.DataDomainService.validateCredentialSshConnection(DataDomainService.java:3668) at com.avamar.mc.datadomain.DataDomainService._updateDdr(DataDomainService.java:1182) at com.avamar.mc.datadomain.DataDomainService.updateDdr(DataDomainService.java:1036) at sun.reflect.GeneratedMethodAccessor411.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:318) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:61) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at com.sun.proxy.$Proxy34.updateDdr(Unknown Source) at com.avamar.mc.datadomain.DataDomainServiceContext.updateDdr(DataDomainServiceContext.java:223) at sun.reflect.GeneratedMethodAccessor410.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at sun.rmi.server.UnicastServerRef.dispatch(Unknown Source) at sun.rmi.transport.Transport$1.run(Unknown Source)
Verifique o /ddr/var/log/debug/messages.engineering arquivo de log no servidor Data Domain.
No Avamar Server, execute como administrador:
ssh -i ~/.ssh/ddr_key <ddboost_user>@<data-domain-IP-FQDN>
admin@av-server:~/>: ssh -i ~/.ssh/ddr_key DDBoostUser@dd-production-srv EMC Data Domain Virtual Edition Last login: Wed Mar 12 08:31:03 CDT 2025 from 192.168.1.113 on pts/0 Welcome to Data Domain OS 7.13.0.20-1082704 ------------------------------------------- DDBoostUser@dd-production-srv#
Use o seguinte comando para visualizar o arquivo de log messages.engineering:
log view debug/messages.engineering
As seguintes mensagens podem ser vistas:
Problema do Cypher:
Unable to negotiate with 192.168.1.113 port 53036: no matching cipher found. Their offer: aes128-ctr,aes192-ctr,aes256-ctr,blowfish-cbc,aes128-cbc,aes192-cbc,aes256-cbc,arcfour,arcfour128,arcfour256 [preauth]
Problema de troca de chave:
Unable to negotiate with 192.168.1.113 port 43998: no matching host key type found. Their offer: ssh-dss,ssh-rsa,x509v3-sign-rsa,x509v3-sign-dss,x509v3-sign-rsa-sha1,x509v3-ssh-rsa,x509v3-ssh-dss,x509v3-ecdsa-sha2-nistp256,x509v3-ecdsa-sha2-nistp384,x509v3-ecdsa-sha2-nistp521,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,x509v3-rsa2048-sha256 [preauth]
Para emissão de cifras, o teste a seguir pode ser executado. No Avamar, execute como root:
ssh -i <ddboost_user>@<data-domain-IP-FQDN> -c <cipher>
Exemplo de erro ao usar cifras:
root@av-server:/#: ssh DDBoostUser@dd-production-srv.lab.com -c aes128-ctr Unable to negotiate with 10.127.92.183 port 22: no matching cipher found. Their offer: chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com root@av-server:/#: root@av-server:/#: ssh DDBoostUser@dd-production-srv.lab.com -c aes192-ctr Unable to negotiate with 10.127.92.183 port 22: no matching cipher found. Their offer: chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com root@av-server:/#: root@av-server:/#: ssh DDBoostUser@dd-production-srv.lab.com -c aes256-ctr Unable to negotiate with 10.127.92.183 port 22: no matching cipher found. Their offer: chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com root@av-server:/#:
Cause
Códigos ou algoritmos de troca de chaves ausentes no servidor Data Domain.
Resolution
Abra um chamado com a equipe SCR do Avamar para resolver isso.
Para a equipe de suporte, verifique a seção Notas internas para obter a resolução.
Affected Products
Avamar, Avamar ServerArticle Properties
Article Number: 000299224
Article Type: Solution
Last Modified: 27 Mar 2025
Version: 2
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.