[one-users] VERY weird SSH problems
Sven Oostenbrink
sven at kionetworks.com
Fri May 29 15:51:58 PDT 2009
Hi all,
I've been doing quite a bit of testing with opennebula so far, and I have to
say, good job! We're working on implementing open nebula in our data center.
So far, I have had one very weird and anoying problem that makes opennebula
barely operable, I hope people here can help me fix it. ONE uses SSH to
transfer images to the nodes and to monitor the nodes. the problem here is
that SSH starts messing up. First time you login, you have to say "yes" to
the RSA verification. Then the host gets stored in the .ssh/knownhosts file.
so far so good. Then I add a physical machine, and some 5-10 seconds later,
the known_host file has changed! it suddenly no longer contains the entry I
just added
Result is that when adding a VM, it fails because one gets stuck in the
interactive remote host verification. I already revised this problem
extensively, and I am sure its related somehow to ONE, since it only happens
when adding physical hosts or virtual machines.
I have tried everything to solve this problem, even after adding the host in
known_hosts, and chown root:root, chmod 444 the file... 5 - 10 seconds
later, the original has returned again, even with the onehost:nobody
security setting..
ARGH!
I "solved" the problem for the moment with writing a script that will run in
a separate shell. first access the server, allowing me to say "yes" to the
remote host verification, then it imediately copies the known_hosts file,
and on a 50mSec interval, copies this same file back to .ssh/known_hosts.
This way, if the file gets changed, a few miliseconds later its restored
again. This is far from ideal, and still gives me quite a few problems with
ONE running into the interactive question (and thus failing the operations
like adding a new virtual machine) work it at least allows me to do some
testing..
I found the same problem to occur in the authorized_keys file as well, which
even more so is driving me crazy.
Could somebody, anybody, please help me to try to solve this very weird
thing? I really am out of ideas here. AFAIK, no program should replace the
.ssh/* files, but it gets replaced here anyway!
If anybody has an idea, please let me know! I am located in Mexico City, and
during office hours, I am also available on IRC in the #opennebula channel
on freenode.net.
Thanks lots for a great product and great support so far
Cheers,
Sven
--
Sven Oostenbrink
Administrador LINUX Torre UNIX/Q, KIO Networks
NOC: 01-800-5 CALL-KIO
www.kionetworks.com
www.trustmeitsnotmagic.com
Este mensaje es confidencial. Si usted no es el destinatario de este
mensaje, le suplicamos se lo notifique al remitente mediante un correo
electrónico y que borre el presente mensaje y sus anexos de su computadora
sin retener una copia de los mismos. No debe copiar este mensaje o usarlo
para cualquier propósito ni divulgar su contenido. KIO Networks se reserva
el derecho de monitorear todas las comunicaciones de correo electrónico
(relacionadas o no con KIO Networks) que se transmitan a través de su
sistema. Muchas gracias.
This email is confidential and may also be privileged. If you are not the
intended recipient please immediately advise the sender by reply e-mail and
delete this message and its attachments from your computer without retaining
a copy. You should not copy it or use it for any purpose nor disclose its
contents to any other person. KIO Networks reserves the right to monitor all
email communications (whether related to the business of KIO Networks or
not) through its networks. Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20090529/8a5848e1/attachment-0001.htm>
More information about the Users
mailing list