解决把办法;
key exchange failed. no compatible key exchange method. the server supports these methods: kerberos
no compatible hostkey. the server supports these methods: null
root@n2000server # svcadm disable ssh
root@n2000server # /usr/lib/ssh/sshd -ddd
debug1: sshd version sun_ssh_1.1.4
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ warning: unprotected private key file! @
permissions 0711 for '/etc/ssh/ssh_host_rsa_key' are too open.
it is recommended that your private key files are not accessible by others.
this private key will be ignored.
bad permissions: ignore key: /etc/ssh/ssh_host_rsa_key
could not load host key: /etc/ssh/ssh_host_rsa_key
permissions 0711 for '/etc/ssh/ssh_host_dsa_key' are too open.
bad permissions: ignore key: /etc/ssh/ssh_host_dsa_key
could not load host key: /etc/ssh/ssh_host_dsa_key
debug1: bind to port 22 on ::.
server listening on :: port 22.
debug1: server will not fork when running in debugging mode.
connection from 192.168.8.99 port 4810
debug1: client protocol version 2.0; client software version nsssh2_4.0.0021 netsarang computer, inc.
debug1: no match: nsssh2_4.0.0021 netsarang computer, inc.
debug1: enabling compatibility mode for protocol 2.0
debug1: local version string ssh-2.0-sun_ssh_1.1.4
monitor debug2: monitor pid 3130, unprivileged child pid 3131
monitor debug1: list_hostkey_types:
debug2: waiting for monitor
debug2: monitor signalled readiness
debug1: use_engine is 'yes'
monitor debug1: reading the context from the child
debug1: pkcs11 engine initialized, now setting it as default for rsa, dsa, and symmetric ciphers
debug1: pkcs11 engine initialization complete
debug1: list_hostkey_types:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: en-ca,en-us,es-mx,fr-ca,zh,zh-cn,es,fr,i-default
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: gss-api mechanism encoded as towm5slw5ew8mqkay+al2g==
debug1: ssh2_msg_kexinit sent
debug3: kex_reset_dispatch -- should we dispatch_set(kexinit) here? 0 && !0
debug1: ssh2_msg_kexinit received
debug2: kex_parse_kexinit: gss-group1-sha1-towm5slw5ew8mqkay+al2g==
debug2: kex_parse_kexinit: null
debug2: kex_parse_kexinit: diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
debug2: kex_parse_kexinit: ssh-dss,ssh-rsa
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,[email protected]
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,[email protected],none
debug2: kex_parse_kexinit: none
debug2: mac_init: found hmac-sha1
debug1: kex: client->server aes128-cbc hmac-sha1 none
debug1: kex: server->client aes128-cbc hmac-sha1 none
no common kex alg: client 'diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1', server 'gss-group1-sha1-towm5slw5ew8mqkay+al2g=='
debug1: calling cleanup 0x405f0(0x0)
monitor debug1: child closed the communication pipe before user auth was finished
monitor debug1: calling cleanup 0x405f0(0x0)
root@n2000server # cd /etc/ssh
root@n2000server # ls -l
total 208
-rwxr-xr-x 1 root sys 88301 jan 22 2005 moduli
-rwxr-xr-x 1 root sys 861 jan 22 2005 ssh_config
-rwx--x--x 1 root root 668 mar 27 18:46 ssh_host_dsa_key
-rwxr-xr-x 1 root root 601 mar 27 18:46 ssh_host_dsa_key.pub
-rwx--x--x 1 root root 883 mar 27 18:46 ssh_host_rsa_key
-rwxr-xr-x 1 root root 221 mar 27 18:46 ssh_host_rsa_key.pub
-rwxr-xr-x 1 root sys 5203 sep 11 2009 sshd_config
-rwxr-xr-x 1 root sys 5202 jan 22 2005 sshd_config.fcs
root@n2000server # ls -al
total 220
drwxr-xr-x 2 root sys 512 mar 27 18:46 .
drwxr-xr-x 77 root sys 4608 mar 29 22:52 ..
root@n2000server # chmod 600 /etc/ssh/ssh_host_rsa_key
root@n2000server # chmod 600 /etc/ssh/ssh_host_dsa_key
-rw------- 1 root root 668 mar 27 18:46 ssh_host_dsa_key
-rw------- 1 root root 883 mar 27 18:46 ssh_host_rsa_key
root@n2000server # svcadm enable ssh
root@n2000server # svcadm refresh ssh
root@n2000server # ssh 192.168.8.11
@ warning: remote host identification has changed! @
it is possible that someone is doing something nasty!
someone could be eavesdropping on you right now (man-in-the-middle attack)!
it is also possible that the rsa host key has just been changed.
the fingerprint for the rsa key sent by the remote host is
6d:64:ce:f3:90:bb:77:72:fd:33:1f:07:c0:16:eb:f3.
please contact your system administrator.
add correct host key in /.ssh/known_hosts to get rid of this message.
offending key in /.ssh/known_hosts:1
rsa host key for 192.168.8.11 has changed and you have requested strict checking.
host key verification failed.
root@n2000server # su - sybase -c showserver
sun microsystems inc. sunos 5.10 generic january 2005
uid pid ppid c stime tty time cmd
sybase 1138 1137 0 22:54:28 ? 0:00 /opt/sybase/ase-15_0/bin/backupserver -sn2000dbserver_back -e/opt/sybase/ase-15
sybase 1045 1044 0 22:52:28 ? 1:35 /opt/sybase/ase-15_0/bin/dataserver -sn2000db
如果修改ip地址不完善,请按照以下步骤重新修改n2000 ums服务器的ip地址:
在n2000 ums服务器中修改ip地址。
原因
处理措施
如果只修改服务器的ip地址
执行vi /etc/hosts命令,打开vi编辑器。
按“insert”键,进入编辑模式。
修改文件中n2000 ums的ip地址为新的ip地址。
按“esc”键,退出编辑模式。
使用“shift+;”组合键,输入wq,保存退出vi编辑器。
如果修改服务器的ip地址和子网掩码
执行vi /etc/netmasks命令,打开vi编辑器。
修改文件中的子网掩码为新的n2000 ums服务器子网掩码。
如果修改服务器的ip地址、子网掩码和网关
用vi编辑器,修改“/etc/defaultrouter”文件、“/etc/rc3”文件和“/etc/rc3.d”目录下路由文件中的路由信息。
说明:
启动sybase数据库和n2000 ums服务。
如何解决ums sybase数据库启动不成功问题
<a target="_blank" href="http://support.huawei.com/support/pages/kbcenter/view/product.do?actionflag=detailcasedoc&amp;web_doc_id=sc0000358069&amp;doc_type=casedoc&amp;doc_type=casedoc/support/pages/kbcenter/view/product.do?actionflag=detailcasedoc&amp;web_doc_id=sc0000358069&amp;doc_type=casedoc#commentanchor">意见反馈</a>
手册属性
序号:
sc0000358069
作者:
黄杰
资料类别:
案例库
更新时间:
2007-06-11 10:12:07
阅读次数:
47
故障类别:
数据库
关键字:
数据库无法连接
密级:
01huawei engineers permission
现象描述:
版本:umsv200r008b02d031sp05.01+sybase12.0+solaris8.0
现象:在将网管从v200r008b02d031sp03升级到v200r008b02d031sp05.01的过程中,出现数据库无法连接的情况。
告警信息:
操作系统为中文,在成功安装了sybase数据库后,运行“startserver”启动sybase数据库时失败,同时执行isql时提示出错。
原因分析:
出现数据库无法连接时,一般有以下原因:
1、“sybase”环境变量没有设置或设置错误;
2、“dsquery”环境变量没有设置或设置错误;
3、数据库安装不正常;安装数据库时数据库没有成功创建;
4、是否设置中文环境,要使sybase数据库能在中文环境下运行,必须修改sybase数据库的配置文件,增加对中文环境的支持。
处理过程:
处理方法如下:
1)“sybase”环境变量没有设置或设置错误; 在命令行终端利用echo $sybase命令查看应该显示sybase的安装路径,如/opt/sybase.
检查正常。
2)“dsquery”环境变量没有设置或设置错误; 在命令行终端利用echo $dsquery命令查看应该显示sybase数据库的名称,如sunr6.
检查设置错误,重新设置该环境变量。
3)数据库安装不正常;安装数据库时数据库没有成功创建。
通过命令查询,成功创建。
4)要使sybase数据库能在中文环境下运行,必须修改sybase数据库的配置文件,增加对中文环境的支持,修改对中文环境支持的方法如下:
#cd $sybase/locales
#vi locales.dat
查找在文件中出现[sun]及[sun_svr4]的段中,删除(或注释掉)以下几行内容:
;locale=zh,chinese,ecugb
;locale = zh_cn,chinese,eucgb
;locale = zh_tw,chinese,eucgb
;locale = us_english.utf8,us_english,utf8
各增加一行:
locale = zh,us_english,iso_1
注意:注释用“;”符号,不要用“#”符号。
最后连接数据库,问题成功解决。
建议与总结:
遇到数据库无法连接的问题时,严格按照上述方法检查,一般均能发现问题。
附件: