Avamar:由于缺少密码或密钥交换,无法添加或编辑 Data Domain
Summary: 本文介绍在 Avamar Server 上添加或编辑 Data Domain 时出现的问题以及如何解决该问题。
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
Avamar 用户界面 (AUI) > 管理系统 >> Data Domain,添加或编辑 Data Domain 时显示以下错误:
发生错误时,可以在以下位置找到以下错误消息: /usr/local/avamar/var/mc/server_log/mcserver.log.0:
密码问题:
WARNING: com.maverick.ssh.SshException: com.maverick.ssh.SshException at com.maverick.ssh.components.jce.client.DiffieHellmanGroupExchangeSha1.performClientExchange(DiffieHellmanGroupExchangeSha1.java:315) at com.maverick.ssh2.TransportProtocol.performKeyExchange(TransportProtocol.java:1424) at com.maverick.ssh2.TransportProtocol.processMessage(TransportProtocol.java:1821) at com.maverick.ssh2.TransportProtocol.startTransportProtocol(TransportProtocol.java:348) at com.maverick.ssh2.Ssh2Client.connect(Ssh2Client.java:122) at com.maverick.ssh.SshConnector.connect(SshConnector.java:646) at com.maverick.ssh.SshConnector.connect(SshConnector.java:481) at com.avamar.mc.datadomain.DdrSsh.createSshClient(DdrSsh.java:133) at com.avamar.mc.datadomain.DdrSsh.createSshClient(DdrSsh.java:185) at com.avamar.mc.datadomain.DdrSsh.validateCredentials(DdrSsh.java:272) at com.avamar.mc.datadomain.DataDomainService.validateCredentialSshConnection(DataDomainService.java:3668) at com.avamar.mc.datadomain.DataDomainService.validateDdrInfoAndGetDdrSystemInfo(DataDomainService.java:3766) at sun.reflect.GeneratedMethodAccessor171.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:318) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:61) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at com.sun.proxy.$Proxy34.validateDdrInfoAndGetDdrSystemInfo(Unknown Source) at com.avamar.mc.datadomain.DataDomainServiceContext.validateDdrInfoAndGetDdrSystemInfo(DataDomainServiceContext.java:245) at sun.reflect.GeneratedMethodAccessor170.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:357) at sun.rmi.transport.Transport$1.run(Transport.java:200) at sun.rmi.transport.Transport$1.run(Transport.java:197)
或
密钥交换问题:
WARNING: com.maverick.ssh.SshException: Failed to negotiate a transport component [aes128-ctr,aes192-ctr,aes256-ctr,blowfish-cbc,aes128-cbc,aes192-cbc,aes256-cbc,arcfour,arcfour128,arcfour256] [chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com] [Unknown cause] at com.maverick.ssh2.TransportProtocol.selectNegotiatedComponent(TransportProtocol.java:1896) at com.maverick.ssh2.TransportProtocol.performKeyExchange(TransportProtocol.java:1277) at com.maverick.ssh2.TransportProtocol.processMessage(TransportProtocol.java:1821) at com.maverick.ssh2.TransportProtocol.startTransportProtocol(TransportProtocol.java:348) at com.maverick.ssh2.Ssh2Client.connect(Ssh2Client.java:122) at com.maverick.ssh.SshConnector.connect(SshConnector.java:646) at com.maverick.ssh.SshConnector.connect(SshConnector.java:481) at com.avamar.mc.datadomain.DdrSsh.createSshClient(DdrSsh.java:133) at com.avamar.mc.datadomain.DdrSsh.createSshClient(DdrSsh.java:185) at com.avamar.mc.datadomain.DdrSsh.validateCredentials(DdrSsh.java:272) at com.avamar.mc.datadomain.DataDomainService.validateCredentialSshConnection(DataDomainService.java:3668) at com.avamar.mc.datadomain.DataDomainService._updateDdr(DataDomainService.java:1182) at com.avamar.mc.datadomain.DataDomainService.updateDdr(DataDomainService.java:1036) at sun.reflect.GeneratedMethodAccessor411.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:318) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:61) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at com.sun.proxy.$Proxy34.updateDdr(Unknown Source) at com.avamar.mc.datadomain.DataDomainServiceContext.updateDdr(DataDomainServiceContext.java:223) at sun.reflect.GeneratedMethodAccessor410.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at sun.rmi.server.UnicastServerRef.dispatch(Unknown Source) at sun.rmi.transport.Transport$1.run(Unknown Source)
检查 /ddr/var/log/debug/messages.engineering Data Domain 服务器上的日志文件。
在 Avamar Server 中,以管理员身份运行:
ssh -i ~/.ssh/ddr_key <ddboost_user>@<data-domain-IP-FQDN>
admin@av-server:~/>: ssh -i ~/.ssh/ddr_key DDBoostUser@dd-production-srv EMC Data Domain Virtual Edition Last login: Wed Mar 12 08:31:03 CDT 2025 from 192.168.1.113 on pts/0 Welcome to Data Domain OS 7.13.0.20-1082704 ------------------------------------------- DDBoostUser@dd-production-srv#
使用以下命令查看 messages.engineering 日志文件:
log view debug/messages.engineering
可以看到以下消息:
密码问题:
Unable to negotiate with 192.168.1.113 port 53036: no matching cipher found. Their offer: aes128-ctr,aes192-ctr,aes256-ctr,blowfish-cbc,aes128-cbc,aes192-cbc,aes256-cbc,arcfour,arcfour128,arcfour256 [preauth]
密钥交换问题:
Unable to negotiate with 192.168.1.113 port 43998: no matching host key type found. Their offer: ssh-dss,ssh-rsa,x509v3-sign-rsa,x509v3-sign-dss,x509v3-sign-rsa-sha1,x509v3-ssh-rsa,x509v3-ssh-dss,x509v3-ecdsa-sha2-nistp256,x509v3-ecdsa-sha2-nistp384,x509v3-ecdsa-sha2-nistp521,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,x509v3-rsa2048-sha256 [preauth]
对于密码问题,可以执行以下测试。在 Avamar 中,以 root 用户身份运行:
ssh -i <ddboost_user>@<data-domain-IP-FQDN> -c <cipher>
使用密码的错误示例:
root@av-server:/#: ssh DDBoostUser@dd-production-srv.lab.com -c aes128-ctr Unable to negotiate with 10.127.92.183 port 22: no matching cipher found. Their offer: chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com root@av-server:/#: root@av-server:/#: ssh DDBoostUser@dd-production-srv.lab.com -c aes192-ctr Unable to negotiate with 10.127.92.183 port 22: no matching cipher found. Their offer: chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com root@av-server:/#: root@av-server:/#: ssh DDBoostUser@dd-production-srv.lab.com -c aes256-ctr Unable to negotiate with 10.127.92.183 port 22: no matching cipher found. Their offer: chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com root@av-server:/#:
Cause
Data Domain 服务器上缺少密码或密钥交换算法。
Resolution
向 Avamar SCR 团队提出服务请求以解决此问题。
对于支持团队,请查看 Internal Notes部分以了解解决方案。
Affected Products
Avamar, Avamar ServerArticle Properties
Article Number: 000299224
Article Type: Solution
Last Modified: 27 Mar 2025
Version: 2
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.