Documentation
Rate This Document
Findability
Accuracy
Completeness
Readability
SubmitClose

Failed to Add a Target Environment on the Java Profiler

Symptom

Failed to add a target environment on the Java Profiler.

Possible Causes

  • The time when the certificate takes effect is later than the current system time.
  • The SSH security configuration does not meet software requirements.

Troubleshooting Procedure

If the system time is incorrect, correct it and add a target environment again.

If the SSH security configuration is incorrect, perform the following steps:

  1. Check whether MACs supports related algorithms.

    Check the sshd_config file in /etc/ssh.

    Figure 1 sshd_config file

    You can run the ssh -Q mac command to check whether hmac-sha2-256, hmac-sha2-256-etm@openssh.com, hmac-md5, hmac-sha1, umac-64@openssh.com, and hmac-ripemd160 are supported.

    Figure 2 Algorithms supported by MACs

    If the preceding algorithms are supported but not configured, add them to the sshd_config configuration file in the /etc/ssh directory (add only the algorithms that are supported):

    1
    		 
    MACs hmac-sha2-256,hmac-sha2-256-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
  2. Check whether HostKey supports related algorithms.

    Check whether ssh_host_ecdsa_key and ssh_host_ed25519_key exist in /etc/ssh.

    Figure 3 Host keys

    If not, run the following commands to generate the corresponding host keys:

    1
2
    		 
    ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key
ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key

    Uncomment the following content in or add the following content to sshd_config in the /etc/ssh directory:

    1
2
    		 
    HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
  3. Check whether HostKeyAlgorithms supports related algorithms.
    1. Check whether HostKeyAlgorithms is configured. If not, skip this step. If yes, check whether ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, ssh-ed25519, ssh-ed25519-cert-v01@openssh.com, or rsa-sha2-256 or rsa-sha2-512 exists in the include list.
    2. If none of the preceding algorithms exist, run the ssh -Q HostKeyAlgorithms command to view the list of supported encryption algorithms.
      Figure 4 Algorithms supported by HostKeyAlgorithms
    3. Select any algorithm in both the include list and the supported list and add it to the sshd_config file in the /etc/ssh directory. 
      1
      		 
      HostKeyAlgorithms ssh-ed25519,ssh-ed25519-cert-v01@openssh.com
  4. Check whether Ciphers supports related algorithms.

    Run the ssh -Q cipher command to check the supported SSH symmetric keys.

    Figure 5 Algorithms supported by Ciphers

    If the preceding algorithms are supported but not configured, add them to the sshd_config configuration file in the /etc/ssh directory (add only the algorithms that are supported):

    1
    		 
    Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
  5. Check the /etc/ssh/ssh_config file.
    Check whether the /etc/ssh/ssh_config file contains the following content. If not, add the content to the file. 
    1
    		 
    GSSAPIAuthentication yes
  6. Restart the SSH service for the modification to take effect.
    1
    		 
    systemctl restart sshd.service
Parent topic: FAQs