Skip to content

SVN+SSH Server key did not validate (custom port, client cert)

Summary

The Servers key did not validate

Steps to reproduce

Create a vServer having port 12345 as SSH port. Add hostkey to ~/.ssh/known_hosts . Create a private key to authenticate. Create a repo, try to commit using subversive.

Expected change

SSH channel should create a stable secure connection and commit succeed using subversive.

Affected versions

  • Eclipse Version: 2025-06 (see: Help | Eclipse IDE)
  • Subversive Version: 5.0.0
  • Subversive Connector Version: 1.10.10

Stacktrace

org.eclipse.team.svn.core.connector.SVNConnectorException: svn: E210002: Failed to connect to www.myserver.com:12345
	at ru.arsysop.svn.connector.internal.svnkit1_10.CallWatch.wrap(CallWatch.java:189)
	at ru.arsysop.svn.connector.internal.svnkit1_10.CallWatch.commandCallback(CallWatch.java:141)
	at ru.arsysop.svn.connector.internal.svnkit1_10.CallWatch.commandLong(CallWatch.java:126)
	at ru.arsysop.svn.connector.internal.svnkit1_10.SvnKit1_10Connector.getInfo(SvnKit1_10Connector.java:916)
	at org.eclipse.team.svn.core.extension.factory.ThreadNameModifier.getInfo(ThreadNameModifier.java:675)
	at org.eclipse.team.svn.core.utility.SVNUtility.info(SVNUtility.java:462)
	at org.eclipse.team.svn.core.svnstorage.SVNRepositoryContainer.getRevisionImpl(SVNRepositoryContainer.java:119)
	at org.eclipse.team.svn.core.svnstorage.SVNRepositoryResource.getRevision(SVNRepositoryResource.java:112)
	at org.eclipse.team.svn.ui.operation.GetRemoteResourceRevisionOperation.runImpl(GetRemoteResourceRevisionOperation.java:45)
	at org.eclipse.team.svn.core.operation.AbstractActionOperation.run(AbstractActionOperation.java:97)
	at org.eclipse.team.svn.core.utility.ProgressMonitorUtility.doTask(ProgressMonitorUtility.java:108)
	at org.eclipse.team.svn.core.operation.CompositeOperation.runImpl(CompositeOperation.java:105)
	at org.eclipse.team.svn.core.operation.AbstractActionOperation.run(AbstractActionOperation.java:97)
	at org.eclipse.team.svn.core.operation.LoggedOperation.run(LoggedOperation.java:45)
	at org.eclipse.team.svn.core.utility.ProgressMonitorUtility.doTask(ProgressMonitorUtility.java:108)
	at org.eclipse.team.svn.core.utility.ProgressMonitorUtility.doTaskExternal(ProgressMonitorUtility.java:93)
	at org.eclipse.team.svn.ui.utility.DefaultCancellableOperationWrapper.run(DefaultCancellableOperationWrapper.java:64)
	at org.eclipse.team.svn.ui.utility.ScheduledOperationWrapper.run(ScheduledOperationWrapper.java:41)
	at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63)
Caused by: org.apache.subversion.javahl.ClientException: svn: E210002: Failed to connect to www.myserver.com:12345
	at org.apache.subversion.javahl.JavaHLObjectFactory.createClientException(JavaHLObjectFactory.java:15)
	at org.tmatesoft.svn.core.javahl17.SVNClientImpl.getClientException(SVNClientImpl.java:1694)
	at org.tmatesoft.svn.core.javahl17.SVNClientImpl.info(SVNClientImpl.java:1876)
	at org.tmatesoft.svn.core.javahl17.SVNClientImpl.info2(SVNClientImpl.java:1852)
	at ru.arsysop.svn.connector.internal.svnkit1_10.SvnKit1_10Connector.lambda$65(SvnKit1_10Connector.java:916)
	at ru.arsysop.svn.connector.internal.svnkit1_10.CallWatch.commandCallback(CallWatch.java:137)
	... 17 more
Caused by: org.tmatesoft.svn.core.SVNException: svn: E210002: Failed to connect to www.myserver.com:12345
	at org.tmatesoft.svn.core.internal.wc.SVNErrorManager.error(SVNErrorManager.java:70)
	at org.tmatesoft.svn.core.internal.wc.SVNErrorManager.error(SVNErrorManager.java:57)
	at org.tmatesoft.svn.core.internal.io.svn.SVNSSHConnector.open(SVNSSHConnector.java:135)
	at org.tmatesoft.svn.core.internal.io.svn.SVNConnection.open(SVNConnection.java:80)
	at org.tmatesoft.svn.core.internal.io.svn.SVNRepositoryImpl.openConnection(SVNRepositoryImpl.java:1282)
	at org.tmatesoft.svn.core.internal.io.svn.SVNRepositoryImpl.getLatestRevision(SVNRepositoryImpl.java:173)
	at org.tmatesoft.svn.core.internal.wc2.ng.SvnNgRepositoryAccess.getRevisionNumber(SvnNgRepositoryAccess.java:119)
	at org.tmatesoft.svn.core.internal.wc2.SvnRepositoryAccess.getLocations(SvnRepositoryAccess.java:180)
	at org.tmatesoft.svn.core.internal.wc2.ng.SvnNgRepositoryAccess.createRepositoryFor(SvnNgRepositoryAccess.java:43)
	at org.tmatesoft.svn.core.internal.wc2.remote.SvnRemoteGetInfo.run(SvnRemoteGetInfo.java:47)
	at org.tmatesoft.svn.core.internal.wc2.remote.SvnRemoteGetInfo.run(SvnRemoteGetInfo.java:31)
	at org.tmatesoft.svn.core.internal.wc2.SvnOperationRunner.run(SvnOperationRunner.java:21)
	at org.tmatesoft.svn.core.wc2.SvnOperationFactory.run(SvnOperationFactory.java:1239)
	at org.tmatesoft.svn.core.wc2.SvnOperation.run(SvnOperation.java:294)
	at org.tmatesoft.svn.core.javahl17.SVNClientImpl.info(SVNClientImpl.java:1874)
	... 20 more
Caused by: java.io.IOException: Failed to connect to www.myserver.com:12345
	at org.tmatesoft.svn.core.internal.io.svn.ssh.apache.SshHost.openConnection(SshHost.java:229)
	at org.tmatesoft.svn.core.internal.io.svn.ssh.apache.SshHost.openSession(SshHost.java:155)
	at org.tmatesoft.svn.core.internal.io.svn.ssh.apache.ApacheSshSessionPool.openSession(ApacheSshSessionPool.java:100)
	at org.tmatesoft.svn.core.internal.io.svn.ssh.apache.ApacheSshSessionPool.openSession(ApacheSshSessionPool.java:59)
	at org.tmatesoft.svn.core.internal.io.svn.SVNSSHConnector.open(SVNSSHConnector.java:112)
	... 32 more
Caused by: org.apache.sshd.common.SshException: Server key did not validate
	at org.apache.sshd.common.future.AbstractSshFuture.verifyResult(AbstractSshFuture.java:141)
	at org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:56)
	at org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:35)
	at org.apache.sshd.common.future.VerifiableFuture.verify(VerifiableFuture.java:121)
	at org.tmatesoft.svn.core.internal.io.svn.ssh.apache.SshConnection.<init>(SshConnection.java:92)
	at org.tmatesoft.svn.core.internal.io.svn.ssh.apache.SshHost.openConnection(SshHost.java:227)
	... 36 more
Caused by: org.apache.sshd.common.SshException: Server key did not validate
	at org.apache.sshd.client.session.AbstractClientSession.checkKeys(AbstractClientSession.java:645)
	at org.apache.sshd.common.session.helpers.AbstractSession.handleKexMessage(AbstractSession.java:767)
	at org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:622)
	at org.apache.sshd.common.session.helpers.AbstractSession.lambda$handleMessage$0(AbstractSession.java:546)
	at org.apache.sshd.common.util.threads.ThreadUtils.runAsInternal(ThreadUtils.java:68)
	at org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:545)
	at org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1729)
	at org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:506)
	at org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:64)
	at org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:409)
	at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:382)
	at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:377)
	at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)
	at java.base/java.security.AccessController.doPrivileged(AccessController.java:319)
	at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)
	at java.base/sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:129)
	at java.base/sun.nio.ch.Invoker$2.run(Invoker.java:221)
	at java.base/sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:113)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642)
	at java.base/java.lang.Thread.run(Thread.java:1583)

On server side:

Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659937]: debug1: do_cleanup [preauth]
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659937]: debug1: monitor_read_log: child log fd closed
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659937]: debug1: do_cleanup
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659937]: debug1: Killing privsep child 659938
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659937]: debug1: audit_event: unhandled event 12
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[598414]: debug1: Forked child 659939.
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: Set /proc/self/oom_score_adj to 0
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: inetd sockets after dupping: 4, 4
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: Connection from xxx port 47446 on xxx port 12345 rdomain ""
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.13
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: Remote protocol version 2.0, remote software version APACHE-SSHD-2.15.0
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: compat_banner: no match: APACHE-SSHD-2.15.0
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: permanently_set_uid: 106/65534 [preauth]
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: SSH2_MSG_KEXINIT received [preauth]
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: kex: algorithm: sntrup761x25519-sha512@openssh.com [preauth]
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: kex: host key algorithm: ecdsa-sha2-nistp256 [preauth]
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none [preauth]
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none [preauth]
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: SSH2_MSG_KEX_ECDH_INIT received [preauth]
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: ssh_packet_send2_wrapped: resetting send seqnr 3 [preauth]
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: rekey out after 134217728 blocks [preauth]
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: Sending SSH2_MSG_EXT_INFO [preauth]
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: debug1: expecting SSH2_MSG_NEWKEYS [preauth]
Jul 15 10:36:17 Ubuntu-2204-jammy-amd64-base sshd[659939]: Connection closed by xxx port 47446 [preauth]

My opinion? The client (apache-sshd) canceled the connection because the host is not trustworthy. Because the sshd did not read the known_hosts successfuly for unknown reasons.

Edited by Peter Mising name

Copyright © Eclipse Foundation, Inc. All Rights Reserved.     Privacy Policy | Terms of Use | Copyright Agent