Project and Portfolio Management User Discussions
cancel

Environment Check is failing

cat_gon Respected Contributor.
Respected Contributor.

Environment Check is failing

Hello all,

 

We have configured OpenSSH for our PPM v9.41 and was able to successfully start the service. However, when doing environment checks, we are getting error:

ERROR: java.io.IOException: Unsupported key exchange algorithms requested: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1

 

Any suggestions please?

 

Thank you.

 

Catherine

 

1 REPLY
Micro Focus Frequent Contributor
Micro Focus Frequent Contributor

Re: Environment Check is failing

Hello Catherine,

It seems that this is a known issue with the host keys. Please see the below workaround:

SSH connection does not support host keys like ecdsa-sha2-nistp256 in deployment management (DpM) module.
 
In PPM 9.4x, we use jsch-0.1.50.jar (deploy/itg.war/WEB-INF/lib/jsch-0.1.50.jar) as the third party library (http://www.jcraft.com/jsch) to do SSH connection in DpM module. According to http://www.jcraft.com/jsch/ChangeLog, jsch has supported host keys like ecdsa-sha2-nistp256, ecdsa-sha2-nistp384 and ecdsa-sha2-nistp521 since version 0.1.51. In contrast, jsch-0.1.50 supports only ssh-rsa key.
 
In order to use RSA key instead of ecdsa-sha2-nistp256 key for the remote server in your known_hosts file. The following command may help:
 
            •           ssh-keyscan -t rsa XXXXXXXXXXXXXXXXXXXX >> ~/.ssh/known_hosts
 
The above command can retrieve RSA key from the remote server and append it to your known_hosts file. Before doing that, please remove existing keys for the server in your known_hosts (you can back up the file before doing this). After that, you can try the check environments. If they don’t work, you can copy again the known_hosts file to PPM_HOME.

Please let me know if this works for you. 

Best Regards,

Bryan.