From: [EMAIL PROTECTED] on behalf of Geoffroy VALLEE
Sent: Wed 28/06/2006 22:10
To: [email protected]
Subject: Re: [Oscar-devel] problem with ssh on fc4/trunk
Hey all,
I checked in a test to avoid this kind of
problem... i add a test of the USER
environment variable in addition to the
UID test.
Doing that, you are sure that everything will be fine during the
step 7.
Regards,
Le vendredi 23 juin 2006 16:31,
[EMAIL PROTECTED] a écrit :
> I found what is my problem: to be
root, i used the command "su" and not "su
> -", that s why OSCAR wanted to
use my account during step 7.
> I am used to use Debian and on Debian even
if you use the command "su" it
> is not possible to have this kind of
situation.
>
> My bad...
>
> Quoting Bernard Li
<[EMAIL PROTECTED]>:
> > OSCAR should always use "oscartst" to run
tests. The account is created
> > automatically and this is
hardcoded in testing/test_cluster:
>
> http://svn.oscar.openclustergroup.org/trac/oscar/browser/trunk/testing/test
>_cluster
>
>
> However, I never tested with existing user accounts around, so
perhaps
> > you can investigate why it did not use oscartst to
test...
> >
> > Did you run the entire installation with your
user account and with
> > "sudo"?
> >
> >
Cheers,
> >
> > Bernard
> >
> > >
-----Original Message-----
> > > From:
[EMAIL PROTECTED]
> > > [mailto:[EMAIL PROTECTED]]
On Behalf
> > > Of Geoffroy Valle
> > > Sent: Friday,
June 23, 2006 12:22
> > > To:
[email protected]
> > > Subject: Re: [Oscar-devel]
problem with ssh on fc4/trunk
> > >
> > > Hey
DongInn
> > >
> > > Actually you have a very good point:
OSCAR does not use the
> > > oscartst account
> > > for
testing but my account! The oscartst user is not even
> > >
existing. Any idea
> > > why? I do not have any trace about account
issue in my OSCAR logs.
> > >
> > > For your question
about what happens on my machine, i do not
> > > know, i
just
> > > followed to documentation.
> > >
> >
> Le Vendredi 23 Juin 2006 12:09, vous avez crit:
> > > > Hi
Geoffroy,
> > > >
> > > > You are talking about
/home/oscartst/.ssh/id_rsa on a
> > >
> > > cluster,
right?
> > >
> > > > I have the actual private key
generated at
> > > >
oscarnode01:/home/oscartst/.ssh/id_rsa.
> > > > [EMAIL PROTECTED]
~]# ssh oscarnode01 'cat
> > >
> > >
/home/oscartst/.ssh/id_rsa' |
> > >
> > > > diff -
/home/oscartst/.ssh/id_rsa
> > > > [EMAIL PROTECTED] ~]#
>
> > > I really don't know what is going on your machine.
> >
> >
> > > > Regards,
> > > >
> >
> > - DongInn
> > > >
> > > > Geoffroy Valle
wrote:
> > > > > Hey,
> > > > >
> >
> > > I have more information...
> > > > > i executed
the command "head -2 id_rsa" in the .ssh
> > >
> > >
folder of the user
> > >
> > > > > account, the
output was: Pro-Type: 4, ENCRYPTED. On the
> > >
> > >
other hand the
> > >
> > > > > same command for
root gives the actual private ket (no
> > >
> > >
encryption).
> > >
> > > > > Therefore i generated
again the RSA key for the user
> > >
> > > (ssh-keygen
-t rsa),
> > >
> > > > > the key is then not
encrypted and i can ssh the compute
> > >
> > > node
without to
> > >
> > > > > have to enter my
password.
> > > > >
> > > > > So it seems
the problem depends on the way the key is
> > >
> > >
generated for the
> > >
> > > > > user and
actually i think the problem in my case is that
> > >
> >
> i used the
> > >
> > > > > account before to
use oscar to do something else (connect
> > >
> > > the
gateway),
> > >
> > > > > so the key was not
generated by OSCAR and therefore encrypted.
> > > > >
>
> > > > All OSCAR users may have this problem.
> > >
> >
> > > > > Le Vendredi 23 Juin 2006 10:25, Geoffroy
Valle a crit :
> > > > >> Hey,
> > > >
>>
> > > > >> ssh is still acting weird, today i have
to enter 3 times
> > >
> > > my password
> >
>
> > > > >> before to be able to connect the compute
node. Here is
> > >
> > > the ssh log:
> > >
> >> $ ssh oscarnode1 -v
> > > > >> OpenSSH_4.2p1,
OpenSSL 0.9.7f 22 Mar 2005
> > > > >> debug1: Reading
configuration data /etc/ssh/ssh_config
> > > > >> debug1:
Applying options for *
> > > > >> debug1: Connecting to
oscarnode1 [192.168.1.2] port 22.
> > > > >> debug1:
Connection established.
> > > > >> debug1: identity file
/home/gvallee/.ssh/identity type 0
> > > > >> debug1:
identity file /home/gvallee/.ssh/id_rsa type 1
> > > > >>
debug1: identity file /home/gvallee/.ssh/id_dsa type 2
> > > >
>> debug1: Remote protocol version 2.0, remote software
> >
>
> > > version OpenSSH_4.0
> > >
> > >
> >> debug1: match: OpenSSH_4.0 pat OpenSSH*
> > > >
>> debug1: Enabling compatibility mode for protocol 2.0
> > >
> >> debug1: Local version string SSH-2.0-OpenSSH_4.2
> > >
> >> debug1: SSH2_MSG_KEXINIT sent
> > > > >>
debug1: SSH2_MSG_KEXINIT received
> > > > >> debug1: kex:
server->client aes128-cbc hmac-md5 none
> > > > >>
debug1: kex: client->server aes128-cbc hmac-md5 none
> > > >
>> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
>
> > > >> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> >
> > >> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> > > >
>> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> > > >
>> debug1: Host 'oscarnode1' is known and matches the RSA host
key.
> > > > >> debug1: Found key in
/home/gvallee/.ssh/known_hosts:5
> > > > >> debug1:
ssh_rsa_verify: signature correct
> > > > >> debug1:
SSH2_MSG_NEWKEYS sent
> > > > >> debug1: expecting
SSH2_MSG_NEWKEYS
> > > > >> debug1: SSH2_MSG_NEWKEYS
received
> > > > >> debug1: SSH2_MSG_SERVICE_REQUEST
sent
> > > > >> debug1: SSH2_MSG_SERVICE_ACCEPT
received
> > > > >> debug1: Authentications that can
continue:
> > > > >> publickey,gssapi-with-mic,password
debug1: Next
> > >
> > > authentication method:
>
> > > >> gssapi-with-mic
> > > > >> debug1:
Authentications that can continue:
> > > > >>
publickey,gssapi-with-mic,password debug1:
> > >
> > >
Authentications that can
> > >
> > > > >>
continue: publickey,gssapi-with-mic,password debug1:
> > >
>
> > Next authentication
> > >
> > > > >>
method: publickey
> > > > >> debug1: Offering public key:
/home/gvallee/.ssh/id_rsa
> > > > >> debug1: Server accepts
key: pkalg ssh-rsa blen 149
> > > > >> debug1:
PEM_read_PrivateKey failed
> > > > >> debug1: read PEM
private key done: type <unknown>
> > > > >> Enter
passphrase for key '/home/gvallee/.ssh/id_rsa':
> > > > >>
debug1: PEM_read_PrivateKey failed
> > > > >> debug1: read
PEM private key done: type <unknown>
> > > > >> Enter
passphrase for key '/home/gvallee/.ssh/id_rsa':
> > > > >>
debug1: PEM_read_PrivateKey failed
> > > > >> debug1: read
PEM private key done: type <unknown>
> > > > >> Enter
passphrase for key '/home/gvallee/.ssh/id_rsa':
> > > > >>
debug1: PEM_read_PrivateKey failed
> > > > >> debug1: read
PEM private key done: type <unknown>
> > > > >>
debug1: Offering public key: /home/gvallee/.ssh/id_dsa
> > > >
>> debug1: Server accepts key: pkalg ssh-dss blen 818
> > >
> >> debug1: read PEM private key done: type DSA
> > > >
>> debug1: Authentication succeeded (publickey).
> > > >
>> debug1: channel 0: new [client-session]
> > > > >>
debug1: Entering interactive session.
> > > > >> Last
login: Fri Jun 23 10:21:03 2006 from headnode.ornl.gov
> > > >
>>
> > > > >> Le Jeudi 22 Juin 2006 13:52, vous avez
crit :
> > > > >>> Hi Geoffroy:
> > > >
>>>> Another issue on FC4 with trunk: impossible to connect
to
> > > > >>>> compute nodes being a
> >
> > >>>> normal user without to have to give the password.
Therefore,
> > > > >>>> i have to enter
> >
> > >>>> the password for all the user tests. :-(
> >
> > >>>> The only problem i see in oscarinstall.log about ssh
is the
> > > > >>>> following line:
> > >
> >>>> checking configuration file sshd_config ...
> >
> > >>>> ./ssh_install: line 169: [: -lt: unary operator
expected
> > > > >>>
> > > > >>>
Is /home mounted on your compute nodes? That is necessary for
> >
> > >>> authorized keys to work.
> > > >
>>>
> > > > >>> As to the message you're
seeing, I don't think it's the
> > >
> > > cause of
the
> > >
> > > > >>> problem, but anyway
there is already a bug filed:
> > > > >>>
> >
> > >>> http://svn.oscar.openclustergroup.org/trac/oscar/ticket/125
>
> > > >>>
> > > > >>> Do you think you
can look into it?
> > > > >>>
> > > >
>>>> So it seems that during the last OSCAR call the idea was
to
> > > > >>>> say that the FC4
> > >
> >>>> support is ok. I tend to disagree with that, there are
still
> > > > >>>> some little
> > > >
>>>> issues.
> > > > >>>
> > >
> >>> DongInn is doing an installation with Fedora Core 4
>
> >
> > > right now and will
> > >
> >
> > >>> report back his findings.
> > > >
>>>
> > > > >>> Thanks,
> > > >
>>>
> > > > >>> Bernard
> >
>
> > > --
> > > Geoffroy
> > >
>
> > Using Tomcat but need to do more? Need to support web
> >
> services, security?
> > > Get stuff done quickly with
pre-integrated technology to make
> > > your job easier
> >
> Download IBM WebSphere Application Server v.1.0.1 based on
> >
> Apache Geronimo
> > > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&
>
> > dat=121642
> > >
_______________________________________________
> > > Oscar-devel
mailing list
> > > [email protected]
> >
> https://lists.sourceforge.net/lists/listinfo/oscar-devel
>
>
> > Using Tomcat but need to do more? Need to support web
services, security?
> > Get stuff done quickly with pre-integrated
technology to make your job
> > easier Download IBM WebSphere
Application Server v.1.0.1 based on Apache
> > Geronimo
> > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
>
> _______________________________________________
> > Oscar-devel
mailing list
> > [email protected]
> > https://lists.sourceforge.net/lists/listinfo/oscar-devel
--
Geoff
Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________ Oscar-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/oscar-devel
