java.lang.IllegalStateException

There are no available Samebug tips for this exception. Do you have an idea how to solve this issue? A short tip would help users who saw this issue last week.

  • On a fresh install of CentOS 7 with OpenJDK 1.8, running karaf container versions > 4.0.2 either with "bin/karaf" or as a service (whether sysvinit or systemd), trying to log in with "bin/client" always fails with an exception. Oracle JDK - by comparison - works. "git bisect" narrowed down the regression to the following commit: 539540cde099aee52fd523a09aca92e36522261c is the first bad commit commit 539540cde099aee52fd523a09aca92e36522261c Author: Freeman Fang <freeman.fang@gmail.com> Date: Wed Oct 14 12:09:09 2015 +0800 [KARAF-4062]Karaf client does now work after installing BouncyCastle :040000 040000 926f15997510a671ff77db9623f8b65ce4186706 da83c22e043de3004a620f1cc88e25ee672bd09d M client The exception is: # bin/client Logging in as karaf 3771 [sshd-SshClient[593634ad]-nio2-thread-2] WARN org.apache.sshd.client.session.ClientSessionImpl - Exception caught java.lang.IllegalStateException: Unable to negotiate key exchange for kex algorithms (client: ecdh-sha2-nistp256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp384,ecdh-sha2-nistp521,ecdh-sha2-nistp521 / server: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1) at org.apache.sshd.common.session.AbstractSession.negotiate(AbstractSession.java:1159) at org.apache.sshd.common.session.AbstractSession.doHandleMessage(AbstractSession.java:388) at org.apache.sshd.common.session.AbstractSession.handleMessage(AbstractSession.java:326) at org.apache.sshd.client.session.ClientSessionImpl.handleMessage(ClientSessionImpl.java:306) at org.apache.sshd.common.session.AbstractSession.decode(AbstractSession.java:780) at org.apache.sshd.common.session.AbstractSession.messageReceived(AbstractSession.java:308) at org.apache.sshd.common.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:54) at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:184) at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:170) at org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32) at java.security.AccessController.doPrivileged(Native Method) at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30) at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) at sun.nio.ch.Invoker$2.run(Invoker.java:218) at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Authentication failed
    via by Damjan Jovanovic,
  • How to use kie-workbench with eclipse.
    via by Domengie Jean,
  • It seems that Fedora 23 has deprecated {{ssh-dss}} security in its default configuration for {{ssh}} client. That encoding is the one used by default by Karaf. This is the error a user sees when he tries to connect; {code} ssh -l admin -p 8101 localhost Unable to negotiate with 127.0.0.1: no matching host key type found. Their offer: ssh-dss {code} And this is the exception logged: {code} 15:32:08,119 | INFO | 5]-nio2-thread-1 | ServerSession | 124 - org.apache.sshd.core - 0.14.0 | Server session created from /127.0.0.1:58832 15:32:08,123 | INFO | 5]-nio2-thread-1 | SimpleGeneratorHostKeyProvider | 124 - org.apache.sshd.core - 0.14.0 | Generating host key... 15:32:08,703 | WARN | 5]-nio2-thread-1 | ServerSession | 124 - org.apache.sshd.core - 0.14.0 | Exception caught java.lang.IllegalStateException: Unable to negotiate key exchange for server host key algorithms (client: ssh-rsa-cert-v01@openssh.com,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519 / server: ssh-dss) at org.apache.sshd.common.session.AbstractSession.negotiate(AbstractSession.java:1159)[124:org.apache.sshd.core:0.14.0] at org.apache.sshd.common.session.AbstractSession.doHandleMessage(AbstractSession.java:388)[124:org.apache.sshd.core:0.14.0] at org.apache.sshd.common.session.AbstractSession.handleMessage(AbstractSession.java:326)[124:org.apache.sshd.core:0.14.0] at org.apache.sshd.common.session.AbstractSession.decode(AbstractSession.java:780)[124:org.apache.sshd.core:0.14.0] at org.apache.sshd.common.session.AbstractSession.messageReceived(AbstractSession.java:308)[124:org.apache.sshd.core:0.14.0] at org.apache.sshd.common.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:54) at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:184) at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:170) at org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32) at java.security.AccessController.doPrivileged(Native Method)[:1.7.0_76] at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30)[124:org.apache.sshd.core:0.14.0] at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)[:1.7.0_76] at sun.nio.ch.Invoker.invokeDirect(Invoker.java:157)[:1.7.0_76] at sun.nio.ch.UnixAsynchronousSocketChannelImpl.implRead(UnixAsynchronousSocketChannelImpl.java:553)[:1.7.0_76] at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:275)[:1.7.0_76] at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:296)[:1.7.0_76] at java.nio.channels.AsynchronousSocketChannel.read(AsynchronousSocketChannel.java:407)[:1.7.0_76] at org.apache.sshd.common.io.nio2.Nio2Session.startReading(Nio2Session.java:170)[124:org.apache.sshd.core:0.14.0] at org.apache.sshd.common.io.nio2.Nio2Acceptor$AcceptCompletionHandler.onCompleted(Nio2Acceptor.java:135)[124:org.apache.sshd.core:0.14.0] at org.apache.sshd.common.io.nio2.Nio2Acceptor$AcceptCompletionHandler.onCompleted(Nio2Acceptor.java:120)[124:org.apache.sshd.core:0.14.0] at org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32) at java.security.AccessController.doPrivileged(Native Method)[:1.7.0_76] at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30)[124:org.apache.sshd.core:0.14.0] at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)[:1.7.0_76] at sun.nio.ch.Invoker$2.run(Invoker.java:218)[:1.7.0_76] at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)[:1.7.0_76] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)[:1.7.0_76] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)[:1.7.0_76] at java.lang.Thread.run(Thread.java:745)[:1.7.0_76] {code} An immediate workaround is to alter the configuration of {{ssh}} client to accept that security configuration: {code} ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o PreferredAuthentications=password -oHostKeyAlgorithms=+ssh-dss -l admin -p 8101 localhost {code} As a longer term solution we shuold start considering moving away from {{ssh-dss}} since according to http://www.openssh.com/legacy.html it's considered insecure, thus deprecated: > OpenSSH 7.0 and greater similarly disables the ssh-dss (DSA) public key algorithm. It too is weak and we recommend against its use.
    via by Paolo Antinori,
  • ssh missing cyphers or something
    via by Benson Margulies,
  • ssh missing cyphers or something
    via by Benson Margulies,
  • ssh missing cyphers or something
    via by Benson Margulies,
  • ssh missing cyphers or something
    via by Benson Margulies,
  • problem with SSH when launched in Tanuki
    via by Benson Margulies,
  • Bug 1294690 – git ssh issues with ssh-dss
    via by Unknown author,
    • java.lang.IllegalStateException: Unable to negotiate key exchange for kex algorithms (client: ecdh-sha2-nistp256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp384,ecdh-sha2-nistp521,ecdh-sha2-nistp521 / server: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1) at org.apache.sshd.common.session.AbstractSession.negotiate(AbstractSession.java:1159) at org.apache.sshd.common.session.AbstractSession.doHandleMessage(AbstractSession.java:388) at org.apache.sshd.common.session.AbstractSession.handleMessage(AbstractSession.java:326) at org.apache.sshd.client.session.ClientSessionImpl.handleMessage(ClientSessionImpl.java:306) at org.apache.sshd.common.session.AbstractSession.decode(AbstractSession.java:780) at org.apache.sshd.common.session.AbstractSession.messageReceived(AbstractSession.java:308) at org.apache.sshd.common.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:54) at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:184) at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:170) at org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32) at java.security.AccessController.doPrivileged(Native Method) at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30) at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) at sun.nio.ch.Invoker$2.run(Invoker.java:218) at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745)

    Users with the same issue

    Unknown visitor1 times, last one,