[one-users] EC2 authentication issue

Olivier Sallou olivier.sallou at irisa.fr
Thu Jan 12 02:44:51 PST 2012



Le 1/12/12 10:37 AM, Daniel Molina a écrit :
> Hi Oliver,
>
> On 11 January 2012 18:44, Olivier Sallou <olivier.sallou at irisa.fr> wrote:
>> Hi,
>> I have setup econe server but I cannot get authenticated:
>>
>> I am logged as oneadmin:
>>
>> econe-describe-instances --url http://192.168.2.91:4567  -K oneadmin -S
>> SAME_PASSWORD_AS_IN_ONE_AUTH_FILE
> You should try to use the sha1 hashed password instead of the plain
> one. This value can be retrieved from the user pool (oneuser list)
There is same error. I already tried both.
I even tried  "econe-describe-instances" with no parameter, using the
$ONE_AUTH file in this case, where EC2QueryClient does a SHA1 operation
but it also fails.

Logged as oneadmin: econe-describe-instances fails while onvm list works.


And what is strange is, looking in oned.log I see some :
Thu Jan 12 11:41:59 2012 [ReM][D]: VirtualMachinePoolInfo method invoked
Thu Jan 12 11:41:59 2012 [ReM][D]: AclInfo method invoked
Thu Jan 12 11:41:59 2012 [ReM][D]: ImagePoolInfo method invoked
Thu Jan 12 11:41:59 2012 [AuM][D]: Message received: LOG I 3148 ExitCode: 0

Thu Jan 12 11:41:59 2012 [AuM][I]: ExitCode: 0
Thu Jan 12 11:41:59 2012 [AuM][D]: Message received: AUTHENTICATE
SUCCESS 3148 -

Which seems to show that, for oned process auth is ok.

Olivier


>
> Cheers
>
>> /var/lib/gems/1.8/gems/curb-0.7.16/lib/curb_core.so: warning: already  initialized constant CURL_SSLVERSION_DEFAULT
>> econe-describe-instances: User not authorized
>>
>> I executed command on open nebula master server
>>
>> While:
>> oneadmin at genokvm4:~$ oneimage list
>>  ID USER     GROUP    NAME            SIZE TYPE          REGTIME PUB PER STAT  RVMS
>>  13 oneadmin oneadmin debian            3G   OS   01/11 18:15:46 Yes No  rdy     0
>>
>>
>> works fine.
>>
>>
>> I use open nebula 3. I know there some previous issues with SHA in 2.x that were fixed.
>>
>> If someone has an idea....
>>
>> My econe config is listening on correct interface:
>>
>> # OpenNebula sever contact information
>> :one_xmlrpc: http://localhost:2633/RPC2
>>
>> # Host and port where econe server will run
>> :server: 192.168.2.91
>> :port: 4567
>>
>> # SSL proxy that serves the API (set if is being used)
>> #:ssl_server: fqdm.of.the.server
>>
>> # Authentication driver for incomming requests
>> #   ec2, default Acess key and Secret key scheme
>> #   x509, for x509 certificates based authentication
>> :auth: ec2
>>
>> # Authentication driver to communicate with OpenNebula core
>> #   cipher, for symmetric cipher encryption of tokens
>> #   x509, for x509 certificate encryption of tokens
>> :core_auth: cipher
>>
>> # VM types allowed and its template file (inside templates directory)
>> :instance_types:
>>  :m1.small:
>>    :template: m1.small.erb
>>
>>
>> --
>>
>>
>> gpg key id: 4096R/326D8438  (pgp.mit.edu)
>> Key fingerprint = 5FB4 6F83 D3B9 5204 6335  D26D 78DC 68DB 326D 8438
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opennebula.org
>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>

-- 
Olivier Sallou
IRISA / University of Rennes 1
Campus de Beaulieu, 35000 RENNES - FRANCE
Tel: 02.99.84.71.95

gpg key id: 4096R/326D8438  (pgp.mit.edu)
Key fingerprint = 5FB4 6F83 D3B9 5204 6335  D26D 78DC 68DB 326D 8438





More information about the Users mailing list