How did you set up the authorized keys for both root and autotest users on the remote machine? Did you just copy local autotest's public key to remote autotest, and then copy local root's public key to remote root? Does the remote root have local autotest's public key?
-Jongki On Wed, Nov 16, 2011 at 5:50 PM, Wenyi Gao <[email protected]> wrote: > On 2011年11月16日 20:26, Lucas Meneghel Rodrigues wrote: > > On 11/16/2011 07:20 AM, Wenyi Gao wrote: > >> > >> Currently, for ubuntu system, autotest.init will be used and start > >> monitor_db_babysitter owned by user autotest, > >> so when we use web front-end to create job, the autoserv also owned > >> by user autotest runs ssh commands with default > >> ssh user "root", known as "-l root", which causes the following > >> permission problem on ubuntu. > >> > >> * Command: > >> /usr/bin/ssh -a -x -o StrictHostKeyChecking=no -o > >> UserKnownHostsFile=/tmp/tmpvUr_sL -o BatchMode=yes -o > >> ConnectTimeout=60 -o > >> ServerAliveInterval=300 -l root -p 22 172.16.3.130 " true" > >> Exit status: 255 > >> Duration: 0.342299938202 > >> > >> stderr: > >> Permission denied (publickey,password). > >> > >> > >> So the patch changes user from autotest to root when starting > >> monitor_de_babysitter to keep consitent with ssh > >> user "-l root". > > > > From the ssl man page > > > > -l login_name: Specifies the user to log in as on the remote machine. > > This also may be specified on a per-host basis in the configuration file. > > > > This is not a problem with the autotest user on your machine. What > > probably happens is you do not have ssh key properly setup. > > > > https://github.com/autotest/autotest/wiki/KVMAutotest-GetStartedServer > > > > Host Installation Steps > > Setup password-less ssh connection from the server to this host > > On the server, create a DSA key in the following way: > > > > ssh-keygen -t dsa > > Then, still on the server, copy it to the host: > > > > ssh-copy-id [email protected] > > > > I'm rejecting this patch. > > > > In fact, I have setup the ssh key and both user "autotest" and user > "root" can ssh target host without password. I have done the following > test: > > Test 1: root user run ssh > > root@wayne-ThinkPad-T420:/home/wayne# ssh [email protected] > Welcome to Ubuntu 11.10 (GNU/Linux 3.0.0-12-generic x86_64) > > * Documentation: https://help.ubuntu.com/ > > Last login: Thu Nov 17 09:24:07 2011 from wayne-thinkpad-t420.local > root@ubuntu:~# > > > Test 2: autotest user run ssh > > autotest@wayne-ThinkPad-T420:/home/wayne$ ssh [email protected] > Welcome to Ubuntu 11.10 (GNU/Linux 3.0.0-12-generic x86_64) > > * Documentation: https://help.ubuntu.com/ > > Last login: Thu Nov 17 09:28:11 2011 from wayne-thinkpad-t420.local > autotest@ubuntu:~$ > > > Test 3: autotest user run ssh with "-l root" > > autotest@wayne-ThinkPad-T420:/home/wayne$ ssh -a -x 172.16.3.130 -l root > "true" > [email protected]'s password: > > > The tests are done on Ubuntu 11.10 workstations. It is clear Test1 and > Tes2 are okey, but Test 3 fails. However our autotest framework > runs ssh as the same way to Test 3, which will fail. On the other side, > if Test 3 is okey, there will be a security hole for ssh > because a user can ssh a target host with another user's account without > password. > > > > > > _______________________________________________ > Autotest mailing list > [email protected] > http://test.kernel.org/cgi-bin/mailman/listinfo/autotest >
_______________________________________________ Autotest mailing list [email protected] http://test.kernel.org/cgi-bin/mailman/listinfo/autotest
