I'm getting this too. Here's what I see: client /var/log/messages (nothing) client /var/log/secure: Jan 31 01:03:57 <server-name> sshd[12945]: Connection closed by <server-ip> [preauth]
So it definitely can reach port 22, but apparently doesn't actually attempt authentication (or at least gives up pretty quickly). It's not being rejected (at least not explicitly). server /var/log/foreman-proxy/proxy.log: I, [2017-01-30T10:47:02.711901 ] INFO -- : <server-ip> - - [30/Jan/2017:10:47:02 -0600] "POST /puppet/run HTTP/1.1" 200 - 0.0121 >From the command line, it works fine: # sudo -u foreman-proxy /bin/bash bash-4.2$ ssh -l root -i ~/.ssh/id_rsa_foreman_proxy <client> /opt/puppetlabs/bin/puppet agent -t Info: Using configured environment 'production' Info: Retrieving pluginfacts Info: Retrieving plugin Info: Loading facts Info: Caching catalog for <client> Info: Applying configuration version '<version>' Notice: Applied catalog in 0.26 seconds ... so the key is definitely functional, and present in the remote root users .ssh/authorized_keys file. It also works properly using the same ssh key, using the "remote_execution_ssh" functionality. Meaning, I can instead do "Run Job" on whatever nodes, and run "puppet agent -t" as the job (or the default "Puppet Run Once" job template), and it works properly. Server is CentOS 7, foreman-1.14 Client is RHEL 7 Amusingly, this also happens when the client is the server itself (that is, "restart puppet on yourself"). Not surprising, but amusing. :) Any ideas? On Friday, January 6, 2017 at 6:23:17 AM UTC-7, Erez Zarum wrote: > > Do you see anything in the logs of the server/client, which OS > (server/client)? > > > > On Friday, January 6, 2017 at 2:44:41 PM UTC+2, Lauro Silveira wrote: >> >> Hi Erez, >> >> i don't have any specific configuration for SSH (client and server side). >> I'm doing tests in a lab environment (3 VMs, 1 Foreman, 1 for Puppet >> Server/Smart Proxy and the other is a puppet client). >> If i try to run puppet agent through ssh from puppet server on client >> host, everything is ok. But from Foreman GUI, success message appears but >> nothing >> happens on client side. >> >> >> >> On Fri, Jan 6, 2017 at 8:21 AM, Erez Zarum <[email protected]> wrote: >> >>> Do you happen to have any specific SSH configuration on the client or >>> the server side? >>> Do you use FreeIPA(IPA) or have SSSD configured on the client/server? >>> >>> >>> On Thursday, December 3, 2015 at 1:53:08 PM UTC+2, James Denton wrote: >>>> >>>> Hello >>>> >>>> I am looking for some help as im finding it quite hard to get support >>>> from the web that relates to my issue(s). >>>> >>>> At the moment i have setup a Foreman server 1.9 (Dev1) and a >>>> Foreman-Proxy 1.9 (Dev2) on a seperate server. As a bit of background this >>>> is because eventually the Proxy Dev2 server will reside in an isolated >>>> network and be used to build, configure (with puppet) clients that also >>>> reside in the same isolated network as they will not have access to the >>>> master foreman server directly. Currently i have a test client (call it >>>> Test1) that is configured to use Dev2 (the proxy) for puppet runs etc. >>>> Right now they are all on the same network for test purposes. The puppet >>>> version used is 3.x >>>> >>>> At the moment my main issue is: >>>> >>>> - Manually running puppet runs (via the proxy over SSH) from the >>>> Foreman Master (Dev1) from the frontend to the client server Test1 shows >>>> from the front end that the execution of puppet was successful however no >>>> puppet run seems to be ran on the client. >>>> >>>> When i look at the logs on Dev2 Proxy after hitting the "run puppet" on >>>> Dev1 master I see the following: >>>> >>>> D, [2015-12-03T11:45:48.612930 #1305] DEBUG -- : verifying remote >>>> client XX.XX.XX.XX against trusted_hosts dev1.com dev2.com >>>> <http://dev1.comdev2.ebrd.com> >>>> D, [2015-12-03T11:45:48.614280 #1305] DEBUG -- : about to execute: >>>> /usr/bin/ssh -l root -i /etc/foreman-proxy/id_rsa test1.com >>>> /usr/bin/puppet\ agent\ --onetime\ --no-usecacheonfailure >>>> 10.102.245.195 - - [03/Dec/2015 11:45:48] "POST /run HTTP/1.1" 200 - >>>> 0.0042 >>>> >>>> This doesnt work. >>>> >>>> However if i manually run the following on the Dev2 proxy: >>>> >>>> /usr/bin/ssh -l root -i /etc/foreman-proxy/id_rsa test1.com >>>> /usr/bin/puppet\ agent\ --onetime\ --no-usecacheonfailure >>>> >>>> It performs the puppet run on the client. >>>> >>>> Any help at this stage would be greatly appreciated!!! >>>> >>> -- >>> You received this message because you are subscribed to a topic in the >>> Google Groups "Foreman users" group. >>> To unsubscribe from this topic, visit >>> https://groups.google.com/d/topic/foreman-users/OsEd9-boEJ8/unsubscribe. >>> To unsubscribe from this group and all its topics, send an email to >>> [email protected]. >>> To post to this group, send email to [email protected]. >>> Visit this group at https://groups.google.com/group/foreman-users. >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> -- You received this message because you are subscribed to the Google Groups "Foreman users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/foreman-users. For more options, visit https://groups.google.com/d/optout.
