解決把辦法;
key exchange failed. no compatible key exchange method. the server supports these methods: kerberos
no compatible hostkey. the server supports these methods: null
root@n2000server # svcadm disable ssh
root@n2000server # /usr/lib/ssh/sshd -ddd
debug1: sshd version sun_ssh_1.1.4
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ warning: unprotected private key file! @
permissions 0711 for '/etc/ssh/ssh_host_rsa_key' are too open.
it is recommended that your private key files are not accessible by others.
this private key will be ignored.
bad permissions: ignore key: /etc/ssh/ssh_host_rsa_key
could not load host key: /etc/ssh/ssh_host_rsa_key
permissions 0711 for '/etc/ssh/ssh_host_dsa_key' are too open.
bad permissions: ignore key: /etc/ssh/ssh_host_dsa_key
could not load host key: /etc/ssh/ssh_host_dsa_key
debug1: bind to port 22 on ::.
server listening on :: port 22.
debug1: server will not fork when running in debugging mode.
connection from 192.168.8.99 port 4810
debug1: client protocol version 2.0; client software version nsssh2_4.0.0021 netsarang computer, inc.
debug1: no match: nsssh2_4.0.0021 netsarang computer, inc.
debug1: enabling compatibility mode for protocol 2.0
debug1: local version string ssh-2.0-sun_ssh_1.1.4
monitor debug2: monitor pid 3130, unprivileged child pid 3131
monitor debug1: list_hostkey_types:
debug2: waiting for monitor
debug2: monitor signalled readiness
debug1: use_engine is 'yes'
monitor debug1: reading the context from the child
debug1: pkcs11 engine initialized, now setting it as default for rsa, dsa, and symmetric ciphers
debug1: pkcs11 engine initialization complete
debug1: list_hostkey_types:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: en-ca,en-us,es-mx,fr-ca,zh,zh-cn,es,fr,i-default
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: gss-api mechanism encoded as towm5slw5ew8mqkay+al2g==
debug1: ssh2_msg_kexinit sent
debug3: kex_reset_dispatch -- should we dispatch_set(kexinit) here? 0 && !0
debug1: ssh2_msg_kexinit received
debug2: kex_parse_kexinit: gss-group1-sha1-towm5slw5ew8mqkay+al2g==
debug2: kex_parse_kexinit: null
debug2: kex_parse_kexinit: diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
debug2: kex_parse_kexinit: ssh-dss,ssh-rsa
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,[email protected]
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,[email protected],none
debug2: kex_parse_kexinit: none
debug2: mac_init: found hmac-sha1
debug1: kex: client->server aes128-cbc hmac-sha1 none
debug1: kex: server->client aes128-cbc hmac-sha1 none
no common kex alg: client 'diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1', server 'gss-group1-sha1-towm5slw5ew8mqkay+al2g=='
debug1: calling cleanup 0x405f0(0x0)
monitor debug1: child closed the communication pipe before user auth was finished
monitor debug1: calling cleanup 0x405f0(0x0)
root@n2000server # cd /etc/ssh
root@n2000server # ls -l
total 208
-rwxr-xr-x 1 root sys 88301 jan 22 2005 moduli
-rwxr-xr-x 1 root sys 861 jan 22 2005 ssh_config
-rwx--x--x 1 root root 668 mar 27 18:46 ssh_host_dsa_key
-rwxr-xr-x 1 root root 601 mar 27 18:46 ssh_host_dsa_key.pub
-rwx--x--x 1 root root 883 mar 27 18:46 ssh_host_rsa_key
-rwxr-xr-x 1 root root 221 mar 27 18:46 ssh_host_rsa_key.pub
-rwxr-xr-x 1 root sys 5203 sep 11 2009 sshd_config
-rwxr-xr-x 1 root sys 5202 jan 22 2005 sshd_config.fcs
root@n2000server # ls -al
total 220
drwxr-xr-x 2 root sys 512 mar 27 18:46 .
drwxr-xr-x 77 root sys 4608 mar 29 22:52 ..
root@n2000server # chmod 600 /etc/ssh/ssh_host_rsa_key
root@n2000server # chmod 600 /etc/ssh/ssh_host_dsa_key
-rw------- 1 root root 668 mar 27 18:46 ssh_host_dsa_key
-rw------- 1 root root 883 mar 27 18:46 ssh_host_rsa_key
root@n2000server # svcadm enable ssh
root@n2000server # svcadm refresh ssh
root@n2000server # ssh 192.168.8.11
@ warning: remote host identification has changed! @
it is possible that someone is doing something nasty!
someone could be eavesdropping on you right now (man-in-the-middle attack)!
it is also possible that the rsa host key has just been changed.
the fingerprint for the rsa key sent by the remote host is
6d:64:ce:f3:90:bb:77:72:fd:33:1f:07:c0:16:eb:f3.
please contact your system administrator.
add correct host key in /.ssh/known_hosts to get rid of this message.
offending key in /.ssh/known_hosts:1
rsa host key for 192.168.8.11 has changed and you have requested strict checking.
host key verification failed.
root@n2000server # su - sybase -c showserver
sun microsystems inc. sunos 5.10 generic january 2005
uid pid ppid c stime tty time cmd
sybase 1138 1137 0 22:54:28 ? 0:00 /opt/sybase/ase-15_0/bin/backupserver -sn2000dbserver_back -e/opt/sybase/ase-15
sybase 1045 1044 0 22:52:28 ? 1:35 /opt/sybase/ase-15_0/bin/dataserver -sn2000db
如果修改ip位址不完善,請按照以下步驟重新修改n2000 ums伺服器的ip位址:
在n2000 ums伺服器中修改ip位址。
原因
處理措施
如果隻修改伺服器的ip位址
執行vi /etc/hosts指令,打開vi編輯器。
按“insert”鍵,進入編輯模式。
修改檔案中n2000 ums的ip位址為新的ip位址。
按“esc”鍵,退出編輯模式。
使用“shift+;”組合鍵,輸入wq,儲存退出vi編輯器。
如果修改伺服器的ip位址和子網路遮罩
執行vi /etc/netmasks指令,打開vi編輯器。
修改檔案中的子網路遮罩為新的n2000 ums伺服器子網路遮罩。
如果修改伺服器的ip位址、子網路遮罩和網關
用vi編輯器,修改“/etc/defaultrouter”檔案、“/etc/rc3”檔案和“/etc/rc3.d”目錄下路由檔案中的路由資訊。
說明:
啟動sybase資料庫和n2000 ums服務。
如何解決ums sybase資料庫啟動不成功問題
<a target="_blank" href="http://support.huawei.com/support/pages/kbcenter/view/product.do?actionflag=detailcasedoc&amp;web_doc_id=sc0000358069&amp;doc_type=casedoc&amp;doc_type=casedoc/support/pages/kbcenter/view/product.do?actionflag=detailcasedoc&amp;web_doc_id=sc0000358069&amp;doc_type=casedoc#commentanchor">意見回報</a>
手冊屬性
序号:
sc0000358069
作者:
黃傑
資料類别:
案例庫
更新時間:
2007-06-11 10:12:07
閱讀次數:
47
故障類别:
資料庫
關鍵字:
資料庫無法連接配接
密級:
01huawei engineers permission
現象描述:
版本:umsv200r008b02d031sp05.01+sybase12.0+solaris8.0
現象:在将網管從v200r008b02d031sp03更新到v200r008b02d031sp05.01的過程中,出現資料庫無法連接配接的情況。
告警資訊:
作業系統為中文,在成功安裝了sybase資料庫後,運作“startserver”啟動sybase資料庫時失敗,同時執行isql時提示出錯。
原因分析:
出現資料庫無法連接配接時,一般有以下原因:
1、“sybase”環境變量沒有設定或設定錯誤;
2、“dsquery”環境變量沒有設定或設定錯誤;
3、資料庫安裝不正常;安裝資料庫時資料庫沒有成功建立;
4、是否設定中文環境,要使sybase資料庫能在中文環境下運作,必須修改sybase資料庫的配置檔案,增加對中文環境的支援。
處理過程:
處理方法如下:
1)“sybase”環境變量沒有設定或設定錯誤; 在指令行終端利用echo $sybase指令檢視應該顯示sybase的安裝路徑,如/opt/sybase.
檢查正常。
2)“dsquery”環境變量沒有設定或設定錯誤; 在指令行終端利用echo $dsquery指令檢視應該顯示sybase資料庫的名稱,如sunr6.
檢查設定錯誤,重新設定該環境變量。
3)資料庫安裝不正常;安裝資料庫時資料庫沒有成功建立。
通過指令查詢,成功建立。
4)要使sybase資料庫能在中文環境下運作,必須修改sybase資料庫的配置檔案,增加對中文環境的支援,修改對中文環境支援的方法如下:
#cd $sybase/locales
#vi locales.dat
查找在檔案中出現[sun]及[sun_svr4]的段中,删除(或注釋掉)以下幾行内容:
;locale=zh,chinese,ecugb
;locale = zh_cn,chinese,eucgb
;locale = zh_tw,chinese,eucgb
;locale = us_english.utf8,us_english,utf8
各增加一行:
locale = zh,us_english,iso_1
注意:注釋用“;”符号,不要用“#”符号。
最後連接配接資料庫,問題成功解決。
建議與總結:
遇到資料庫無法連接配接的問題時,嚴格按照上述方法檢查,一般均能發現問題。
附件: