On Tue, Jun 12, 2012 at 8:53 AM, Ron Parker <rdpar...@gmail.com> wrote:
> I have a client machine that is attempting to copy some logs from
> another client machine. They same public keys that the policy hub has
> for the clients have been installed on each of the machines.
>
> Here is how their IP's are setup:
>
> cf-agent bge0: 10.6.8.200 vnic0: 192.168.69.1
> cf-server eth0: 10.6.8.207 eth0:0: 10.6.8.53 eth1: 192.168.159.101
...
> From cf-agent I get:
>
> cf3> -> Copy file /export/backup/servers/us-stl-cc1/artifacts from
> /var/spool/cruisecontrol/artifacts check
> cf3> No existing connection to 10.6.8.53 is established...
> cf3> Set cfengine port number to 5308 = 5308
> cf3> Set connection timeout to 10
> cf3> -> Connect to us-stl-cc1 = 10.6.8.53 on port 5308
> cf3> skipidentify was promised, so we are trusting and simply
> announcing the identity as (us-hop-dev1) for this host
> cf3> -> Did not find new key format /var/cfengine/ppkeys/root-.pub
> cf3> -> Trying old style /var/cfengine/ppkeys/root-10.6.8.53.pub
> cf3> !! Not authorized to trust the server=us-stl-cc1's public key
> (trustkey=false)
> ...
> cf3> !! Authentication dialogue with us-stl-cc1 failed
> cf3> Unable to establish connection with us-stl-cc1
> cf3> ?> defining promise result class cc_backup_failed_artifacts
> cf3> -> No suitable server responded to hail
> cf3> ?> defining promise result class cc_backup_failed_artifacts
...
> So, how do I get them to play nicely? I notice that the server
> mentions the agents VNIC IP in a couple places and its public IP in
> others. Also odd is the attempt by the client to access a file named
> /var/cfengine/ppkeys/root-.pub.
My workaround was to copy the root-MD5*.pub key to the old-style IP
based name. Short of logging into each client and looking at it's
localhost.pub, is there a convenient way to correlate the new-style
names with the machines or IP's they came from?
--
Ron Parker
Don't type things you find on the Internet into your computer!
:(){ :|:&};:
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
