We were having this same error; after some troubleshooting it turned out that the 17.2.7 cephadm orchestrator's ssh client was choking on the keyboard-interactive AuthenticationMethod (which is really PAM); Our sshd configuration was:
AuthenticationMethods keyboard-interactive publickey,keyboard-interactive gssapi-with-mic,keyboard-interactive Thus, cephadm was trying to use "publickey,keyboard-interactive"; publickey would succeed, but the cephadm ssh client would close the connection as soon as a follow-up keyboard-interactive method was attempted. Adding this to sshd_config for each orchestrator seemed to fix it by using only publickey AuthenticationMethod for just the cephadm orchestrators, but using the standard config for everybody else: Match Address <cephadm IPv4> # For some reason the 17.2.7 cephadm orchestrator # chokes on keyboard-interactive (PAM) # AuthenticationMethod; thus, exclude it. AuthenticationMethods publickey PermitRootLogin yes Match Address <cephadm IPv6> # For some reason the 17.2.7 cephadm orchestrator # chokes on keyboard-interactive (PAM) # AuthenticationMethod; thus, exclude it. AuthenticationMethods publickey PermitRootLogin yes Cheers. _______________________________________________ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io
