Trying to discover an Exadata box. We’ve installed the latest EM (BP1) and deployed the agents successfully to the compute nodes. When we come to use the discovery wizard, it fails on the monitoring credential page. We input the cell root passwords and click test connection which fails with the error messages:
sxa1cel01 - Failed to launch process: Algorithm negotiation fail
sxa1cel02 - Failed to launch process: Algorithm negotiation fail
sxa1cel03 - Failed to launch process: Algorithm negotiation fail
Not much info available about this. Looking at the agent log just shows the same error message coupled with a Java error and not much else. Googling around, it seems it might be something to do with JSch.
Any help or pointers would be greatly appreciated.
The root cause of this issue are additional security changes made in the latest Exadata release. Enterprise Manager Cloud Control 12c will be moving to this standard as well in an upcoming patchset.
Workaround to the problem:
The current workaround for existing installations is to add the ciphers listed in the step below back to the sshd_config files on all cells and compute nodes if the customer is running Exadata Storage Server version 126.96.36.199.0. The work around steps for this situation are listed below. For each storage cell and compute node, edit the /etc/ssh/sshd_config file as listed below:
1) ssh to the cell node as root
2) cd /etc/ssh/
3) back up sshd_config
4) add aes128-cbc,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc,blowfish-cbc to the Cipher line in sshd_config
5) Restart the ssh daemon (as the root user):