Your message dated Mon, 31 Mar 2008 20:02:53 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Re: Host authentication fails after update from 2.1.13
has caused the Debian Bug report #312647,
regarding cfengine2: Host authentication fails after update from 2.1.13
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
312647: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=312647
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: cfengine2
Version: 2.1.14-1
Severity: important
After upgrading all the machines in a small cluster to version 2.1.14-1, the
nodes could still successfully authenticate themselves to the master.
The nodes do a complete reinstall from a local mirror each time they boot.
They fetch their cfengine key pairs via tftp and try to run cfagent to fetch
some basic configuration. This step failed after upgrading cfengine to
2.1.14-1, so the nodes couldn't reboot anymore.
cfservd prints the following message to the syslog:
Jun 3 01:49:53 master1 cfservd[3787]: Accepting connection from
::ffff:192.168.2.107
Jun 3 01:49:53 master1 cfservd[3787]: Private decrypt failed = padding check
failed
Jun 3 01:49:53 master1 cfservd[3787]: Host authorization/authentication failed
or access denied
Jun 3 01:49:53 master1 cfservd[3787]: From
(host=node07.cluster,user=root,ip=::ffff:192.168.2.107)
Jun 3 01:49:57 node07 clinitrd: panic: Could not execute 'inroot cfagent -v
--no-lock -D install'.
(the last line shows the cfagent command line)
I know there was a change in the encrytion protocol that prevents new
clients from talking to old servers, but I upgraded all machines.
I also tried to regenerate all the keys, but that didn't work either. After
reverting to 2.1.13 everything worked fine.
I'm lacking the time to track down this bug properly and hope this report
may help anyway.
Greetings,
Sven
-- System Information:
[stripped -- this computer doesn't even have cfengine installed...]
--- End Message ---
--- Begin Message ---
Sven Marnach <[EMAIL PROTECTED]> writes:
> I'm not administrating that cluster any more. I think the problem is
> a bit outdated anyway. In etch, there is version 2.1.20 of cfengine2,
> and support for sarge is dropped by the end of the month. So just
> close that bug (or tag it wontfix).
I'm closing it. Thanks for the additional information.
- Werner
--- End Message ---
