[one-users] VERY weird SSH problems

Javier Fontan jfontan at fdi.ucm.es
Thu Jun 4 09:31:05 PDT 2009 

Hello,

I hope that after filling the bug in launchpad it gets corrected.  
There should be some kind of difference in your installation as we  
have tested Ubuntu packaging of opennebula and worked for us. Anyway  
I'll keep an eye on that ticket.

Bye

On May 30, 2009, at 12:51 AM, Sven Oostenbrink wrote:

> Hi all,
>
> I've been doing quite a bit of testing with opennebula so far, and I  
> have to say, good job! We're working on implementing open nebula in  
> our data center.
>
> So far, I have had one very weird and anoying problem that makes  
> opennebula barely operable, I hope people here can help me fix it.  
> ONE uses SSH to transfer images to the nodes and to monitor the  
> nodes. the problem here is that SSH starts messing up. First time  
> you login, you have to say "yes" to the RSA verification. Then the  
> host gets stored in the .ssh/knownhosts file. so far so good. Then I  
> add a physical machine, and some  5-10 seconds later, the known_host  
> file has changed! it suddenly no longer contains the entry I just  
> added
>
> Result is that when adding a VM, it fails because one gets stuck in  
> the interactive remote host verification. I already revised this  
> problem extensively, and I am sure its related somehow to ONE, since  
> it only happens when adding physical hosts or virtual machines.
>
> I have tried everything to solve this problem, even after adding the  
> host in known_hosts, and chown root:root, chmod 444 the file... 5 -  
> 10 seconds later, the original has returned again, even with the  
> onehost:nobody security setting..
>
> ARGH!
>
> I "solved" the problem for the moment with writing a script that  
> will run in a separate shell. first access the server, allowing me  
> to say "yes" to the remote host verification, then it imediately  
> copies the known_hosts file, and on a 50mSec interval, copies this  
> same file back to .ssh/known_hosts. This way, if the file gets  
> changed, a few miliseconds later its restored again. This is far  
> from ideal, and still gives me quite a few problems with ONE running  
> into the interactive question (and thus failing the operations like  
> adding a new virtual machine) work it at least allows me to do some  
> testing..
>
> I found the same problem to occur in the authorized_keys file as  
> well, which even more so is driving me crazy.
>
> Could somebody, anybody, please help me to try to solve this very  
> weird thing? I really am out of ideas here. AFAIK, no program should  
> replace the .ssh/* files, but it gets replaced here anyway!
>
> If anybody has an idea, please let me know! I am located in Mexico  
> City, and during office hours, I am also available on IRC in the  
> #opennebula channel on freenode.net.
>
> Thanks lots for a great product and great support so far
>
> Cheers,
>
> Sven
>
> -- 
> Sven Oostenbrink
> Administrador LINUX Torre UNIX/Q, KIO Networks
>
> NOC:  01-800-5 CALL-KIO
>
> www.kionetworks.com
> www.trustmeitsnotmagic.com
>
> Este mensaje es confidencial.  Si usted no es el destinatario de  
> este mensaje, le suplicamos se lo notifique al remitente mediante un  
> correo electrónico y que borre el presente mensaje y sus anexos de  
> su computadora sin retener una copia de los mismos. No debe copiar  
> este mensaje o usarlo para cualquier propósito ni divulgar su  
> contenido. KIO Networks se reserva el derecho de monitorear todas  
> las comunicaciones de correo electrónico (relacionadas o no con KIO  
> Networks) que se transmitan a través de su sistema. Muchas gracias.
>
> This email is confidential and may also be privileged.  If you are  
> not the intended recipient please immediately advise the sender by  
> reply e-mail and delete this message and its attachments from your  
> computer without retaining a copy. You should not copy it or use it  
> for any purpose nor disclose its contents to any other person. KIO  
> Networks reserves the right to monitor all email communications  
> (whether related to the business of KIO Networks or not) through its  
> networks. Thank you.
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

-- 
Javier Fontan, Grid & Virtualization Technology Engineer/Researcher
DSA Research Group: http://dsa-research.org
Globus GridWay Metascheduler: http://www.GridWay.org
OpenNebula Virtual Infrastructure Engine: http://www.OpenNebula.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20090604/c453218f/attachment-0002.htm>

More information about the Users mailing list