[one-users] SSH key exchange failing for InM

Pierre Naude pierre.naude at rorotika.com
Mon Aug 5 02:59:21 PDT 2013 

Good Morning,

I'm busy setting up a proof-of-concept using ONE and have run into a
problem adding hosts to the server.

My ONE server is a Centos 6.4 installation, and so is the host I'm adding
to the server.

I am able to ssh successfully without password from the server to the host
as root and oneadmin and vice versa (I have also made sure the servers can
connect to themselves without password).

The problem is that the one server monitoring process is failing to ssh
passwordlessly from the server to the host:

Debug from the server:

Mon Aug  5 11:48:10 2013 [InM][I]: Monitoring host rtfwops2.rorotika (7)
Mon Aug  5 11:48:10 2013 [InM][I]: Command execution fail: 'if [ -x
"/var/tmp/one/im/run_probes" ]; then
 /var/tmp/one/im/run_probes kvm 7 rtfwops2.rorotika;
else                              exit 42; fi'
Mon Aug  5 11:48:10 2013 [InM][I]: debug1: Connecting to rtfwops2.rorotika
[xxx.xxx.xxx.138] port 22.
Mon Aug  5 11:48:10 2013 [InM][I]: debug1: Connection established.
Mon Aug  5 11:48:10 2013 [InM][I]: debug1: identity file
/var/lib/one/.ssh/identity type -1
Mon Aug  5 11:48:10 2013 [InM][I]: debug1: identity file
/var/lib/one/.ssh/id_rsa type -1
Mon Aug  5 11:48:10 2013 [InM][I]: debug1: identity file
/var/lib/one/.ssh/id_dsa type 2
Mon Aug  5 11:48:10 2013 [InM][I]: debug1: Remote protocol version 2.0,
remote software version OpenSSH_5.3
Mon Aug  5 11:48:10 2013 [InM][I]: debug1: match: OpenSSH_5.3 pat OpenSSH*
Mon Aug  5 11:48:10 2013 [InM][I]: debug1: Enabling compatibility mode for
protocol 2.0
Mon Aug  5 11:48:10 2013 [InM][I]: debug1: Local version string
SSH-2.0-OpenSSH_5.3
Mon Aug  5 11:48:10 2013 [InM][I]: debug1: SSH2_MSG_KEXINIT sent
Mon Aug  5 11:48:10 2013 [InM][I]: debug1: SSH2_MSG_KEXINIT received
Mon Aug  5 11:48:10 2013 [InM][I]: debug1: kex: server->client aes128-ctr
hmac-md5 none
Mon Aug  5 11:48:10 2013 [InM][I]: debug1: kex: client->server aes128-ctr
hmac-md5 none
Mon Aug  5 11:48:10 2013 [InM][I]: debug1:
SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
Mon Aug  5 11:48:10 2013 [InM][I]: debug1: expecting
SSH2_MSG_KEX_DH_GEX_GROUP
Mon Aug  5 11:48:10 2013 [InM][I]: debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
Mon Aug  5 11:48:10 2013 [InM][I]: debug1: expecting
SSH2_MSG_KEX_DH_GEX_REPLY
Mon Aug  5 11:48:10 2013 [InM][I]: debug1: read_passphrase: can't open
/dev/tty: No such device or address
Mon Aug  5 11:48:10 2013 [InM][I]: Host key verification failed.
Mon Aug  5 11:48:10 2013 [InM][I]: ExitCode: 255
Mon Aug  5 11:48:10 2013 [ONE][E]: Error monitoring Host rtfwops2.rorotika
(7): -

Debug from the host:

Aug  5 11:48:10 rtfwops2 sshd[2301]: debug1: Forked child 11777.
Aug  5 11:48:10 rtfwops2 sshd[11777]: Set /proc/self/oom_score_adj to 0
Aug  5 11:48:10 rtfwops2 sshd[11777]: debug1: rexec start in 5 out 5
newsock 5 pipe 7 sock 8
Aug  5 11:48:10 rtfwops2 sshd[11777]: debug1: inetd sockets after dupping:
3, 3
Aug  5 11:48:10 rtfwops2 sshd[11777]: Connection from 172.28.200.137 port
52989
Aug  5 11:48:10 rtfwops2 sshd[11777]: debug1: Client protocol version 2.0;
client software version Open
SSH_5.3
Aug  5 11:48:10 rtfwops2 sshd[11777]: debug1: match: OpenSSH_5.3 pat
OpenSSH*
Aug  5 11:48:10 rtfwops2 sshd[11777]: debug1: Enabling compatibility mode
for protocol 2.0
Aug  5 11:48:10 rtfwops2 sshd[11777]: debug1: Local version string
SSH-2.0-OpenSSH_5.3
Aug  5 11:48:10 rtfwops2 sshd[11778]: debug1: permanently_set_uid: 74/74
Aug  5 11:48:10 rtfwops2 sshd[11778]: debug1: list_hostkey_types:
ssh-rsa,ssh-dss
Aug  5 11:48:10 rtfwops2 sshd[11778]: debug1: SSH2_MSG_KEXINIT sent
Aug  5 11:48:10 rtfwops2 sshd[11778]: debug1: SSH2_MSG_KEXINIT received
Aug  5 11:48:10 rtfwops2 sshd[11778]: debug1: kex: client->server
aes128-ctr hmac-md5 none
Aug  5 11:48:10 rtfwops2 sshd[11778]: debug1: kex: server->client
aes128-ctr hmac-md5 none
Aug  5 11:48:10 rtfwops2 sshd[11778]: debug1: SSH2_MSG_KEX_DH_GEX_REQUEST
received
Aug  5 11:48:10 rtfwops2 sshd[11778]: debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
Aug  5 11:48:10 rtfwops2 sshd[11778]: debug1: expecting
SSH2_MSG_KEX_DH_GEX_INIT
Aug  5 11:48:10 rtfwops2 sshd[11778]: debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
Aug  5 11:48:10 rtfwops2 sshd[11778]: debug1: SSH2_MSG_NEWKEYS sent
Aug  5 11:48:10 rtfwops2 sshd[11778]: debug1: expecting SSH2_MSG_NEWKEYS
Aug  5 11:48:10 rtfwops2 sshd[11778]: Connection closed by xxx.xxx.xxx.137
Aug  5 11:48:10 rtfwops2 sshd[11778]: debug1: do_cleanup
Aug  5 11:48:10 rtfwops2 sshd[11777]: debug1: do_cleanup

When I run a script from onadmin's cron on the server it can also ssh
successfully without password - I don't think this is a key issue.

Any suggestions?

Thanks

Pierre

-- 
Pierre Naude
Rorotika Technologies

e-mail: pierre.naude at rorotika.com
Tel.: +27-11-568-0805
Cell.:  +27-82-901-9609
Skype: pierre_naude
Google Hangouts: pierre.naude at rorotika.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20130805/d31c5949/attachment.htm>

More information about the Users mailing list