Same thing happened to me on a newly bootstraped machine. I came in the next day and it was perfectly fine:
Installable classes = ( )
Listening for connections ...
cfservd: Accepting connection from XXX.XXX.XXX.XXX
cfservd: Allowing XXX.XXX.XXX.XXX to connect without (re)checking ID
Non-verified Host ID is host (Using skipverify)
Non-verified User ID seems to be sysnav (Using skipverify)
Updating last-seen time for host
Host host/XXX.XXX.XXX.XXX was found in the list of h
osts to trust
Saving public key /var/cfengine/ppkeys/sysnav-XXX.XXX.XXX.XXX.pub
cfservd: Weak authentication of trusted client host/
XXX.XXX.XXX.XXX (key accepted on trust).
cfservd: Private decrypt failed = block type is not 02
cfservd: Host authorization/authentication failed or access denied
cfservd: From (host=host,user=sysnav,ip=XXX.XXX.XXX.XXX)
-- Christian Pearce http://www.commnav.com http://www.perfectorder.com
---------Original Message----------
Hi All,
Server & clients are i386 running RHEL 4 / running Dag Wieers' cfengine
2.1.14. All machines are at the same patchlevel.
I brought the server down yesterday to add more memory, and upgrade the
kernel (2.6.9-5.0.3 -> 2.6.9-5.0.5)
Now clients are getting this error (we all know this one!):
cfengine:gx280test: Authentication dialogue with asa.cpsc.ucalgary.ca failed
cfengine:gx280test: Unable to establish connection with
asa.cpsc.ucalgary.ca (failover)
cfengine:gx280test: BAD: Host authentication failed. Did you forget the
domain name or IP/DNS address registration (for ipv4 or ipv6)?
(Everything was working so well beforehand)
Server logs show:
May 18 08:33:36 asa cfservd[5547]: Host authorization/authentication
failed or access denied
May 18 08:33:36 asa cfservd[5547]: From
(host=gx280test.cpsc.ucalgary.ca,user=root,ip=10.1.2.20)
May 18 08:33:36 asa cfservd[5547]: ID from connecting host: (SAUTH y
256 37)
May 18 08:33:36 asa cfservd[5547]: Private decrypt failed = block type
is not 02
When running the server with -d2, this is all I can see that is 'Interesting':
RecvSocketStream(280)
(Concatenated 280 from stream)
Received: [SAUTH y 256 37] on socket 5
Challenge encryption = y, nonce = 37, buf = 256
cfservd: Private decrypt failed = padding check failed
Transaction Send[t 114][Packed text]
Attempting to send 122 bytesI saw there was an earlier thread on this some time ago (http://lists.gnu.org/archive/html/help-cfengine/2003-01/msg00125.html), but the problem was fixed.
If it's any help, when the server first rebooted it reverted to using
the tg3 driver for it's nic, and is now back using bcm5700 (You never
know if that will help)
Has anyone seen this? If there's more information I can provide, please
let me know.
Thanks for the help! Erik.
--
e r i k w i l l i a m s o n [EMAIL PROTECTED]
system admin . department of computer science . university of calgary
_______________________________________________ Help-cfengine mailing list Help-cfengine@gnu.org http://lists.gnu.org/mailman/listinfo/help-cfengine
_______________________________________________ Help-cfengine mailing list Help-cfengine@gnu.org http://lists.gnu.org/mailman/listinfo/help-cfengine
