Hi.

I made some changes and now there are fresh installations, and durring add new node I got the same issue:

2017-01-07 07:44:08,847 ERROR [org.ovirt.engine.core.bll.hostdeploy.AddVdsCommand] (default task-49) [c5fb7a0] Failed to establish session with host 'node1': SSH session closed during connection 'root@10.30.30.51'
2017-01-07 07:44:08,847 WARN  [org.ovirt.engine.core.bll.hostdeploy.AddVdsCommand] (default task-49) [c5fb7a0] Validation of action 'AddVds' failed for user admin@internal-authz. Reasons: VAR__ACTION__ADD,VAR__TYPE__HOST,$server 10.30.30
.51,VDS_CANNOT_CONNECT_TO_SERVER

on both servers are this fresh installed system:

CentOS Linux release 7.3.1611 (Core)

Here are some informations about you asked last time:

[root@ovirt ovirt-engine]# rpm -qa | grep ovirt
ovirt-imageio-common-0.4.0-1.el7.noarch
python-ovirt-engine-sdk4-4.0.2-1.el7.centos.x86_64
ovirt-imageio-proxy-setup-0.4.0-0.201608310602.gita9b573b.el7.centos.noarch
ovirt-engine-websocket-proxy-4.0.5.5-1.el7.centos.noarch
ovirt-engine-dashboard-1.0.5-1.el7.centos.noarch
ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.0.5.5-1.el7.centos.noarch
ovirt-engine-backend-4.0.5.5-1.el7.centos.noarch
ovirt-engine-extension-aaa-jdbc-1.1.1-1.el7.noarch
ovirt-host-deploy-1.5.3-1.el7.centos.noarch
ovirt-engine-wildfly-overlay-10.0.0-1.el7.noarch
ovirt-engine-setup-base-4.0.5.5-1.el7.centos.noarch
ovirt-vmconsole-proxy-1.0.4-1.el7.centos.noarch
ovirt-host-deploy-java-1.5.3-1.el7.centos.noarch
ovirt-release40-4.0.5-2.noarch
ovirt-engine-setup-plugin-ovirt-engine-common-4.0.5.5-1.el7.centos.noarch
ovirt-engine-dwh-4.0.5-1.el7.centos.noarch
ovirt-imageio-proxy-0.4.0-0.201608310602.gita9b573b.el7.centos.noarch
ovirt-engine-setup-plugin-websocket-proxy-4.0.5.5-1.el7.centos.noarch
ovirt-iso-uploader-4.0.2-1.el7.centos.noarch
ovirt-engine-dbscripts-4.0.5.5-1.el7.centos.noarch
ovirt-engine-webadmin-portal-4.0.5.5-1.el7.centos.noarch
ovirt-engine-setup-4.0.5.5-1.el7.centos.noarch
ovirt-engine-vmconsole-proxy-helper-4.0.5.5-1.el7.centos.noarch
ovirt-engine-userportal-4.0.5.5-1.el7.centos.noarch
ovirt-engine-restapi-4.0.5.5-1.el7.centos.noarch
ovirt-setup-lib-1.0.2-1.el7.centos.noarch
ovirt-engine-sdk-python-3.6.9.1-1.el7.centos.noarch
ovirt-engine-extensions-api-impl-4.0.5.5-1.el7.centos.noarch
ovirt-engine-wildfly-10.1.0-1.el7.x86_64
ovirt-engine-lib-4.0.5.5-1.el7.centos.noarch
ovirt-vmconsole-1.0.4-1.el7.centos.noarch
ovirt-engine-cli-3.6.8.1-1.el7.centos.noarch
ovirt-engine-dwh-setup-4.0.5-1.el7.centos.noarch
ovirt-engine-tools-backup-4.0.5.5-1.el7.centos.noarch
ovirt-image-uploader-4.0.1-1.el7.centos.noarch
ovirt-engine-tools-4.0.5.5-1.el7.centos.noarch
ovirt-engine-setup-plugin-ovirt-engine-4.0.5.5-1.el7.centos.noarch
ovirt-engine-4.0.5.5-1.el7.centos.noarch


[root@ovirt ovirt-engine]# tail -33f server.log
2017-01-07 07:44:08,843 INFO  [org.apache.sshd.client.session.ClientSessionImpl] (sshd-SshClient[4b16ff17]-nio2-thread-2) Server version string: SSH-2.0-OpenSSH_6.6.1
2017-01-07 07:44:08,844 WARN  [org.apache.sshd.client.session.ClientSessionImpl] (sshd-SshClient[4b16ff17]-nio2-thread-2) Exception caught: java.lang.IllegalStateException: Unable to negotiate key exchange for kex algorithms (client: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1 / server: diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1)
        at org.apache.sshd.common.session.AbstractSession.negotiate(AbstractSession.java:1109)
        at org.apache.sshd.common.session.AbstractSession.doHandleMessage(AbstractSession.java:357)
        at org.apache.sshd.common.session.AbstractSession.handleMessage(AbstractSession.java:295)
        at org.apache.sshd.client.session.ClientSessionImpl.handleMessage(ClientSessionImpl.java:256)
        at org.apache.sshd.common.session.AbstractSession.decode(AbstractSession.java:731)
        at org.apache.sshd.common.session.AbstractSession.messageReceived(AbstractSession.java:277)
        at org.apache.sshd.common.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:54)
        at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:187)
        at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:173)
        at org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32)
        at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.8.0_111]
        at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30)
        at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) [rt.jar:1.8.0_111]
        at sun.nio.ch.Invoker.invokeDirect(Invoker.java:157) [rt.jar:1.8.0_111]
        at sun.nio.ch.UnixAsynchronousSocketChannelImpl.implRead(UnixAsynchronousSocketChannelImpl.java:553) [rt.jar:1.8.0_111]
        at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:276) [rt.jar:1.8.0_111]
        at sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:297) [rt.jar:1.8.0_111]
        at java.nio.channels.AsynchronousSocketChannel.read(AsynchronousSocketChannel.java:420) [rt.jar:1.8.0_111]
        at org.apache.sshd.common.io.nio2.Nio2Session.startReading(Nio2Session.java:173)
        at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:189)
        at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:173)
        at org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32)
        at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.8.0_111]
        at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30)
        at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) [rt.jar:1.8.0_111]
        at sun.nio.ch.Invoker$2.run(Invoker.java:218) [rt.jar:1.8.0_111]
        at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112) [rt.jar:1.8.0_111]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [rt.jar:1.8.0_111]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [rt.jar:1.8.0_111]
        at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_111]



In the end server (oVirt Node) in /var/log/secure.log:

Jan  7 08:10:26 ns3047117 sshd[30377]: fatal: Unable to negotiate a key exchange method [preauth]

2016-12-01 8:22 GMT+01:00 Yedidyah Bar David <didi@redhat.com>:
(Adding the list. Please reply also to the list and not only
to specific people. Thanks).

On Wed, Nov 30, 2016 at 9:01 PM, Grzegorz Szypa
<grzegorz.szypa@gmail.com> wrote:
> Hi.
>
> It works.
>
> Problem I think are in other side, maybe I explain my landscape:
>
> oVirt Engine is VM on after NAT, but currectly this way are disabled and now
> only work direct access to Internet via dedicated WAN IP, and oVirt Node are
> VM also under separat WAN IP, but still the same problem. I think there is
> no problem with SSH configuration because setting it as self-hosted engine
> work fine

What OS is on each of the engine and host?

Did you change any configuration of sshd on the host,
compared to the OS's defaults?

Please check/share the output of previous ssh command, but
with '-v' appended.

Please also share more of the engine log, starting with a line
containing 'AddVdsCommand'.

Please attach output of: 'rpm -qa | grep ovirt'.

Thanks,

>
>
> 2016-11-30 14:18 GMT+01:00 Yedidyah Bar David <didi@redhat.com>:
>>
>> On Wed, Nov 30, 2016 at 1:58 PM, Grzegorz Szypa
>> <grzegorz.szypa@gmail.com> wrote:
>> > Hi.
>> >
>> > Did you meet ever with  problem, when you try to add new node to quite
>> > new
>> > oVirt Engine via Gui and get Error :
>> >
>> > engine.log:
>> >
>> > 2016-11-30 12:50:55,453 ERROR
>> > [org.ovirt.engine.core.bll.hostdeploy.AddVdsCommand] (default task-23)
>> > [178c9385] Failed to establish session with host 'node1': SSH session
>> > closed
>> > during connection '["my new node"]'
>> > 2016-11-30 12:50:55,453 WARN
>> > [org.ovirt.engine.core.bll.hostdeploy.AddVdsCommand] (default task-23)
>> > [178c9385] Validation of action 'AddVds' failed for user
>> > admin@internal-authz. Reasons: VAR__ACTION__ADD,VAR__TYPE__HOST,$server
>> > vmsrv1.szypa.net,VDS_CANNOT_CONNECT_TO_SERVER
>> >
>> >
>> >
>> > in the end node I only got error that there is not possible, to exchange
>> > key
>> > between two hosts:
>> >
>> > there is log form /var/log/secure:
>> >
>> > fatal: Unable to negotiate a key exchange method [preauth]
>> >
>> > In network I found that it could be a problem with key exchange method,
>> > which is not available on some host.
>> >
>> > SSH connection between this two hosts work fine so I do not understand
>> > why
>> > it does not work?
>>
>> Please try this, from the engine machine, as user root:
>>
>> ssh -i /etc/pki/ovirt-engine/keys/engine_id_rsa HOST
>>
>> Replace "HOST" with the name or address you input in the field "Address"
>> in the "New Host" dialog. I think that's 'node1', from above.
>>
>> Does it work? If not, please check sshd configuration/logs on the host.
>>
>> Best,
>> --
>> Didi
>
>
>
>
> --
> G.Sz.



--
Didi



--
G.Sz.