Javaアプリケーションがあり、SSHを介してOSGIランタイム環境に接続しようとしています。アプリケーションはdocker内で実行されます。
SSH要求を受信するために割り当てられたポートが開いていることを確認しました。netstat -anp | grep -w LISTEN
同じであることを確認するためにこのコマンドを実行しました。
出力は次のとおりです。
tcp 0 0 172.17.0.3:8080 0.0.0.0:* LISTEN 1/java
tcp 0 0 0.0.0.0:8090 0.0.0.0:* LISTEN 1/java
tcp 0 0 0.0.0.0:7777 0.0.0.0:* LISTEN 1/java
tcp 0 0 0.0.0.0:1122 0.0.0.0:* LISTEN 1/java
このコマンドを実行すると、ssh -v -p 1122 equinox@localhost
特に JRE 161 および 162 アップデートを使用すると、次のエラーが発生します。
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to localhost [127.0.0.1] port 1122.
debug1: Connection established.
debug1: identity file /home/vcap/.ssh/id_rsa type -1
debug1: identity file /home/vcap/.ssh/id_rsa-cert type -1
debug1: identity file /home/vcap/.ssh/id_dsa type -1
debug1: identity file /home/vcap/.ssh/id_dsa-cert type -1
debug1: identity file /home/vcap/.ssh/id_ecdsa type -1
debug1: identity file /home/vcap/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/vcap/.ssh/id_ed25519 type -1
debug1: identity file /home/vcap/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.10
debug1: Remote protocol version 2.0, remote software version SSHD-CORE-0.7.0
debug1: no match: SSHD-CORE-0.7.0
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
Connection closed by 127.0.0.1
一方、JRE 151/152アップデートを使用して同じアプリケーションを実行すると、SSHを介してランタイム環境に正常に入ることができます。成功したSSHの詳細出力は添付されています。
root@804dcbda8ffd:/# ssh -v -p 1122 equinox@localhost
OpenSSH_6.7p1 Debian-5+deb8u4, OpenSSL 1.0.1t 3 May 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to localhost [127.0.0.1] port 1122.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: SELinux support disabled
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u4
debug1: Remote protocol version 2.0, remote software version SSHD-CORE-0.7.0
debug1: no match: SSHD-CORE-0.7.0
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-sha1 none
debug1: kex: client->server aes128-cbc hmac-sha1 none
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Server host key: DSA ff:ef:e3:41:4c:67:9b:88:ec:93:d6:81:36:29:9e:66
debug1: checking without port identifier
The authenticity of host '[localhost]:1122 ([127.0.0.1]:1122)' can't be established.
DSA key fingerprint is ff:ef:e3:41:4c:67:9b:88:ec:93:d6:81:36:29:9e:66.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[localhost]:1122' (DSA) to the list of known hosts.
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: password
debug1: Next authentication method: password
equinox@localhost's password:
debug1: Authentication succeeded (password).
Authenticated to localhost ([127.0.0.1]:1122).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending environment.
Currently the default user is the only one; since it will be deleted after first login, create a new user:
username: 06:26:02.346 DEBUG [Thread-63] o.a.s.server.channel.ChannelSession - Send SSH_MSG_CHANNEL_DATA on channel 0
Currently the default user is the only one; since it will be deleted after first login, create a new user:
username: admin
password: 06:26:04.946 DEBUG [Thread-63] o.a.s.server.channel.ChannelSession - Send SSH_MSG_CHANNEL_DATA on channel 0
password:
Password should be at least 8 characters
password: 06:26:07.627 DEBUG [Thread-63] o.a.s.server.channel.ChannelSession - Send SSH_MSG_CHANNEL_DATA on channel 0
Password should be at least 8 characters
pass
Confirm password: 06:26:16.721 DEBUG [Thread-63] o.a.s.server.channel.ChannelSession - Send SSH_MSG_CHANNEL_DATA on channel 0
Confirm password:
roles: 06:26:19.506 DEBUG [Thread-63] o.a.s.server.channel.ChannelSession - Send SSH_MSG_CHANNEL_DATA on channel 0
roles: 1
admin@standalone> 06:26:20.666 DEBUG [Thread-63] o.a.s.server.channel.ChannelSession - Send SSH_MSG_CHANNEL_DATA on channel 0
誰かがこの問題の原因を特定するのに役立つことができると思います。ありがとうございます。