<div dir="ltr">Hi.<div><br></div><div>I made some changes and now there are fresh installations, and durring add new node I got the same issue:</div><div><br></div><div><div>2017-01-07 07:44:08,847 ERROR [org.ovirt.engine.core.bll.hostdeploy.AddVdsCommand] (default task-49) [c5fb7a0] Failed to establish session with host &#39;node1&#39;: SSH session closed during connection &#39;<a href="mailto:root@10.30.30.51">root@10.30.30.51</a>&#39;</div><div>2017-01-07 07:44:08,847 WARN  [org.ovirt.engine.core.bll.hostdeploy.AddVdsCommand] (default task-49) [c5fb7a0] Validation of action &#39;AddVds&#39; failed for user admin@internal-authz. Reasons: VAR__ACTION__ADD,VAR__TYPE__HOST,$server 10.30.30</div><div>.51,VDS_CANNOT_CONNECT_TO_SERVER</div></div><div><br></div><div>on both servers are this fresh installed system:</div><div><br></div><div>CentOS Linux release 7.3.1611 (Core)</div><div><br></div><div>Here are some informations about you asked last time:</div><div><br></div><div><div>[root@ovirt ovirt-engine]# rpm -qa | grep ovirt</div><div>ovirt-imageio-common-0.4.0-1.el7.noarch</div><div>python-ovirt-engine-sdk4-4.0.2-1.el7.centos.x86_64</div><div>ovirt-imageio-proxy-setup-0.4.0-0.201608310602.gita9b573b.el7.centos.noarch</div><div>ovirt-engine-websocket-proxy-4.0.5.5-1.el7.centos.noarch</div><div>ovirt-engine-dashboard-1.0.5-1.el7.centos.noarch</div><div>ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.0.5.5-1.el7.centos.noarch</div><div>ovirt-engine-backend-4.0.5.5-1.el7.centos.noarch</div><div>ovirt-engine-extension-aaa-jdbc-1.1.1-1.el7.noarch</div><div>ovirt-host-deploy-1.5.3-1.el7.centos.noarch</div><div>ovirt-engine-wildfly-overlay-10.0.0-1.el7.noarch</div><div>ovirt-engine-setup-base-4.0.5.5-1.el7.centos.noarch</div><div>ovirt-vmconsole-proxy-1.0.4-1.el7.centos.noarch</div><div>ovirt-host-deploy-java-1.5.3-1.el7.centos.noarch</div><div>ovirt-release40-4.0.5-2.noarch</div><div>ovirt-engine-setup-plugin-ovirt-engine-common-4.0.5.5-1.el7.centos.noarch</div><div>ovirt-engine-dwh-4.0.5-1.el7.centos.noarch</div><div>ovirt-imageio-proxy-0.4.0-0.201608310602.gita9b573b.el7.centos.noarch</div><div>ovirt-engine-setup-plugin-websocket-proxy-4.0.5.5-1.el7.centos.noarch</div><div>ovirt-iso-uploader-4.0.2-1.el7.centos.noarch</div><div>ovirt-engine-dbscripts-4.0.5.5-1.el7.centos.noarch</div><div>ovirt-engine-webadmin-portal-4.0.5.5-1.el7.centos.noarch</div><div>ovirt-engine-setup-4.0.5.5-1.el7.centos.noarch</div><div>ovirt-engine-vmconsole-proxy-helper-4.0.5.5-1.el7.centos.noarch</div><div>ovirt-engine-userportal-4.0.5.5-1.el7.centos.noarch</div><div>ovirt-engine-restapi-4.0.5.5-1.el7.centos.noarch</div><div>ovirt-setup-lib-1.0.2-1.el7.centos.noarch</div><div>ovirt-engine-sdk-python-3.6.9.1-1.el7.centos.noarch</div><div>ovirt-engine-extensions-api-impl-4.0.5.5-1.el7.centos.noarch</div><div>ovirt-engine-wildfly-10.1.0-1.el7.x86_64</div><div>ovirt-engine-lib-4.0.5.5-1.el7.centos.noarch</div><div>ovirt-vmconsole-1.0.4-1.el7.centos.noarch</div><div>ovirt-engine-cli-3.6.8.1-1.el7.centos.noarch</div><div>ovirt-engine-dwh-setup-4.0.5-1.el7.centos.noarch</div><div>ovirt-engine-tools-backup-4.0.5.5-1.el7.centos.noarch</div><div>ovirt-image-uploader-4.0.1-1.el7.centos.noarch</div><div>ovirt-engine-tools-4.0.5.5-1.el7.centos.noarch</div><div>ovirt-engine-setup-plugin-ovirt-engine-4.0.5.5-1.el7.centos.noarch</div><div>ovirt-engine-4.0.5.5-1.el7.centos.noarch</div><div><br></div></div><div><br></div><div><div>[root@ovirt ovirt-engine]# tail -33f server.log</div><div>2017-01-07 07:44:08,843 INFO  [org.apache.sshd.client.session.ClientSessionImpl] (sshd-SshClient[4b16ff17]-nio2-thread-2) Server version string: SSH-2.0-OpenSSH_6.6.1</div><div>2017-01-07 07:44:08,844 WARN  [org.apache.sshd.client.session.ClientSessionImpl] (sshd-SshClient[4b16ff17]-nio2-thread-2) Exception caught: java.lang.IllegalStateException: Unable to negotiate key exchange for kex algorithms (client: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1 / server: diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1)</div><div>        at org.apache.sshd.common.session.AbstractSession.negotiate(AbstractSession.java:1109)</div><div>        at org.apache.sshd.common.session.AbstractSession.doHandleMessage(AbstractSession.java:357)</div><div>        at org.apache.sshd.common.session.AbstractSession.handleMessage(AbstractSession.java:295)</div><div>        at org.apache.sshd.client.session.ClientSessionImpl.handleMessage(ClientSessionImpl.java:256)</div><div>        at org.apache.sshd.common.session.AbstractSession.decode(AbstractSession.java:731)</div><div>        at org.apache.sshd.common.session.AbstractSession.messageReceived(AbstractSession.java:277)</div><div>        at org.apache.sshd.common.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:54)</div><div>        at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:187)</div><div>        at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:173)</div><div>        at org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32)</div><div>        at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.8.0_111]</div><div>        at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30)</div><div>        at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) [rt.jar:1.8.0_111]</div><div>        at sun.nio.ch.Invoker.invokeDirect(Invoker.java:157) [rt.jar:1.8.0_111]</div><div>        at sun.nio.ch.UnixAsynchronousSocketChannelImpl.implRead(UnixAsynchronousSocketChannelImpl.java:553) [rt.jar:1.8.0_111]</div><div>        at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:276) [rt.jar:1.8.0_111]</div><div>        at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:297) [rt.jar:1.8.0_111]</div><div>        at java.nio.channels.AsynchronousSocketChannel.read(AsynchronousSocketChannel.java:420) [rt.jar:1.8.0_111]</div><div>        at org.apache.sshd.common.io.nio2.Nio2Session.startReading(Nio2Session.java:173)</div><div>        at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:189)</div><div>        at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:173)</div><div>        at org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32)</div><div>        at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.8.0_111]</div><div>        at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30)</div><div>        at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) [rt.jar:1.8.0_111]</div><div>        at sun.nio.ch.Invoker$2.run(Invoker.java:218) [rt.jar:1.8.0_111]</div><div>        at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112) [rt.jar:1.8.0_111]</div><div>        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [rt.jar:1.8.0_111]</div><div>        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [rt.jar:1.8.0_111]</div><div>        at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_111]</div></div><div><br></div><div><br></div><div><br></div><div>In the end server (oVirt Node) in /var/log/secure.log:</div><div><br></div><div>Jan  7 08:10:26 ns3047117 sshd[30377]: fatal: Unable to negotiate a key exchange method [preauth]<br></div></div><div class="gmail_extra"><br><div class="gmail_quote">2016-12-01 8:22 GMT+01:00 Yedidyah Bar David <span dir="ltr">&lt;<a href="mailto:didi@redhat.com" target="_blank">didi@redhat.com</a>&gt;</span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">(Adding the list. Please reply also to the list and not only<br>
to specific people. Thanks).<br>
<br>
On Wed, Nov 30, 2016 at 9:01 PM, Grzegorz Szypa<br>
&lt;<a href="mailto:grzegorz.szypa@gmail.com">grzegorz.szypa@gmail.com</a>&gt; wrote:<br>
&gt; Hi.<br>
&gt;<br>
<span class="">&gt; It works.<br>
&gt;<br>
&gt; Problem I think are in other side, maybe I explain my landscape:<br>
&gt;<br>
&gt; oVirt Engine is VM on after NAT, but currectly this way are disabled and now<br>
&gt; only work direct access to Internet via dedicated WAN IP, and oVirt Node are<br>
&gt; VM also under separat WAN IP, but still the same problem. I think there is<br>
&gt; no problem with SSH configuration because setting it as self-hosted engine<br>
&gt; work fine<br>
<br>
</span>What OS is on each of the engine and host?<br>
<br>
Did you change any configuration of sshd on the host,<br>
compared to the OS&#39;s defaults?<br>
<br>
Please check/share the output of previous ssh command, but<br>
with &#39;-v&#39; appended.<br>
<br>
Please also share more of the engine log, starting with a line<br>
containing &#39;AddVdsCommand&#39;.<br>
<br>
Please attach output of: &#39;rpm -qa | grep ovirt&#39;.<br>
<br>
Thanks,<br>
<div class="HOEnZb"><div class="h5"><br>
&gt;<br>
&gt;<br>
&gt; 2016-11-30 14:18 GMT+01:00 Yedidyah Bar David &lt;<a href="mailto:didi@redhat.com">didi@redhat.com</a>&gt;:<br>
&gt;&gt;<br>
&gt;&gt; On Wed, Nov 30, 2016 at 1:58 PM, Grzegorz Szypa<br>
&gt;&gt; &lt;<a href="mailto:grzegorz.szypa@gmail.com">grzegorz.szypa@gmail.com</a>&gt; wrote:<br>
&gt;&gt; &gt; Hi.<br>
&gt;&gt; &gt;<br>
&gt;&gt; &gt; Did you meet ever with  problem, when you try to add new node to quite<br>
&gt;&gt; &gt; new<br>
&gt;&gt; &gt; oVirt Engine via Gui and get Error :<br>
&gt;&gt; &gt;<br>
&gt;&gt; &gt; engine.log:<br>
&gt;&gt; &gt;<br>
&gt;&gt; &gt; 2016-11-30 12:50:55,453 ERROR<br>
&gt;&gt; &gt; [org.ovirt.engine.core.bll.<wbr>hostdeploy.AddVdsCommand] (default task-23)<br>
&gt;&gt; &gt; [178c9385] Failed to establish session with host &#39;node1&#39;: SSH session<br>
&gt;&gt; &gt; closed<br>
&gt;&gt; &gt; during connection &#39;[&quot;my new node&quot;]&#39;<br>
&gt;&gt; &gt; 2016-11-30 12:50:55,453 WARN<br>
&gt;&gt; &gt; [org.ovirt.engine.core.bll.<wbr>hostdeploy.AddVdsCommand] (default task-23)<br>
&gt;&gt; &gt; [178c9385] Validation of action &#39;AddVds&#39; failed for user<br>
&gt;&gt; &gt; admin@internal-authz. Reasons: VAR__ACTION__ADD,VAR__TYPE__<wbr>HOST,$server<br>
&gt;&gt; &gt; <a href="http://vmsrv1.szypa.net" rel="noreferrer" target="_blank">vmsrv1.szypa.net</a>,VDS_CANNOT_<wbr>CONNECT_TO_SERVER<br>
&gt;&gt; &gt;<br>
&gt;&gt; &gt;<br>
&gt;&gt; &gt;<br>
&gt;&gt; &gt; in the end node I only got error that there is not possible, to exchange<br>
&gt;&gt; &gt; key<br>
&gt;&gt; &gt; between two hosts:<br>
&gt;&gt; &gt;<br>
&gt;&gt; &gt; there is log form /var/log/secure:<br>
&gt;&gt; &gt;<br>
&gt;&gt; &gt; fatal: Unable to negotiate a key exchange method [preauth]<br>
&gt;&gt; &gt;<br>
&gt;&gt; &gt; In network I found that it could be a problem with key exchange method,<br>
&gt;&gt; &gt; which is not available on some host.<br>
&gt;&gt; &gt;<br>
&gt;&gt; &gt; SSH connection between this two hosts work fine so I do not understand<br>
&gt;&gt; &gt; why<br>
&gt;&gt; &gt; it does not work?<br>
&gt;&gt;<br>
&gt;&gt; Please try this, from the engine machine, as user root:<br>
&gt;&gt;<br>
&gt;&gt; ssh -i /etc/pki/ovirt-engine/keys/<wbr>engine_id_rsa HOST<br>
&gt;&gt;<br>
&gt;&gt; Replace &quot;HOST&quot; with the name or address you input in the field &quot;Address&quot;<br>
&gt;&gt; in the &quot;New Host&quot; dialog. I think that&#39;s &#39;node1&#39;, from above.<br>
&gt;&gt;<br>
&gt;&gt; Does it work? If not, please check sshd configuration/logs on the host.<br>
&gt;&gt;<br>
&gt;&gt; Best,<br>
&gt;&gt; --<br>
&gt;&gt; Didi<br>
&gt;<br>
&gt;<br>
&gt;<br>
&gt;<br>
&gt; --<br>
&gt; G.Sz.<br>
<br>
<br>
<br>
</div></div><span class="HOEnZb"><font color="#888888">--<br>
Didi<br>
</font></span></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div>G.Sz.</div></div></div>
</div>