On Sat, 10 Oct 2020, 01:24 Gianluca Cecchi, <[email protected]> wrote:
> On Fri, Oct 9, 2020 at 7:12 PM Martin Perina <[email protected]> wrote: > >> >> >> Could you please share with us all logs from engine gathered by >> logcollector? We will try to find out any clue what's wrong in your env ... >> >> Thanks, >> Martin >> >> > I will try to collect. > In the mean time I've found that SSH could be in some way involved > > When I add the host and get the immediate failure and apparently nothing > happens at all, I see these two lines in /var/log/ovirt-engine/server.log > > 2020-10-09 18:15:09,369+02 WARN > [org.apache.sshd.client.session.ClientConnectionService] > (sshd-SshClient[7cb54873]-nio2-thread-1) > globalRequest(ClientConnectionService[ClientSessionImpl[root@ov200 > /10.4.192.32:22]])[[email protected], want-reply=false] failed > (SshException) to process: EdDSA provider not supported > 2020-10-09 18:15:09,699+02 WARN > [org.apache.sshd.client.session.ClientConnectionService] > (sshd-SshClient[2cbceeab]-nio2-thread-1) > globalRequest(ClientConnectionService[ClientSessionImpl[root@ov200 > /10.4.192.32:22]])[[email protected], want-reply=false] failed > (SshException) to process: EdDSA provider not supported > This harmless, AFAIK EdDSA is not supported by default in OpenJDK 11 and engine uses only ssh-rsa and ssh-rsa2 anyway > could it be that the ssh client embedded is not able to connect to the > CentOS 8.2 for some reason? > If that's the case we should see an error either in engine.log or ansible-runner-service.log > On host at the moment when I try to add it I see again two sessions opened > and immediately closed (tried several times), eg in the timeframe above I > have: > > Oct 9 18:15:09 ov200 systemd-logind[1237]: New session 41 of user root. > Oct 9 18:15:09 ov200 systemd[1]: Started Session 41 of user root. > Oct 9 18:15:09 ov200 systemd-logind[1237]: Session 41 logged out. Waiting > for processes to exit. > Oct 9 18:15:09 ov200 systemd-logind[1237]: Removed session 41. > Oct 9 18:15:09 ov200 systemd-logind[1237]: New session 42 of user root. > Oct 9 18:15:09 ov200 systemd[1]: Started Session 42 of user root. > Oct 9 18:15:09 ov200 systemd-logind[1237]: Session 42 logged out. Waiting > for processes to exit. > Oct 9 18:15:09 ov200 systemd-logind[1237]: Removed session 42. > > anyway at sshd service level it seems it is ok om the host: > > journalctl -u sshd.service has > > Oct 09 18:15:09 ov200 sshd[13379]: Accepted password for root from > 10.4.192.43 port 46008 ssh2 > Oct 09 18:15:09 ov200 sshd[13379]: pam_unix(sshd:session): session opened > for user root by (uid=0) > Oct 09 18:15:09 ov200 sshd[13379]: pam_unix(sshd:session): session closed > for user root > Oct 09 18:15:09 ov200 sshd[13398]: Accepted password for root from > 10.4.192.43 port 46014 ssh2 > Oct 09 18:15:09 ov200 sshd[13398]: pam_unix(sshd:session): session opened > for user root by (uid=0) > Oct 09 18:15:09 ov200 sshd[13398]: pam_unix(sshd:session): session closed > for user root > > On the host I have not customized anything ssh related: > > [root@ov200 ssh]# ps -ef|grep sshd > root 1274 1 0 Oct08 ? 00:00:00 /usr/sbin/sshd -D > [email protected],[email protected] > ,aes256-ctr,aes256-cbc,[email protected],aes128-ctr,aes128-cbc > [email protected],[email protected], > [email protected],[email protected] > ,hmac-sha2-256,hmac-sha1,[email protected],hmac-sha2-512 > -oGSSAPIKexAlgorithms=gss-gex-sha1-,gss-group14-sha1- > -oKexAlgorithms=curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1 > -oHostKeyAlgorithms=rsa-sha2-256,[email protected] > ,ecdsa-sha2-nistp256,[email protected] > ,ecdsa-sha2-nistp384,[email protected] > ,rsa-sha2-512,[email protected],ecdsa-sha2-nistp521, > [email protected],ssh-ed25519, > [email protected],ssh-rsa,[email protected] > -oPubkeyAcceptedKeyTypes=rsa-sha2-256,[email protected] > ,ecdsa-sha2-nistp256,[email protected] > ,ecdsa-sha2-nistp384,[email protected] > ,rsa-sha2-512,[email protected],ecdsa-sha2-nistp521, > [email protected],ssh-ed25519, > [email protected],ssh-rsa,[email protected] > -oCASignatureAlgorithms=rsa-sha2-256,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,rsa-sha2-512,ecdsa-sha2-nistp521,ssh-ed25519,ssh-rsa > > and in sshd_config > > HostKey /etc/ssh/ssh_host_rsa_key > HostKey /etc/ssh/ssh_host_ecdsa_key > HostKey /etc/ssh/ssh_host_ed25519_key > That looks good > Can I replicate the command that the engine would run on host through ssh? > I don't think so there is an easy way to do it Let's see what else we can get from the logs... Martin > Gianluca >
_______________________________________________ Users mailing list -- [email protected] To unsubscribe send an email to [email protected] Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/[email protected]/message/UGGWRJI5AR6T74O7PIURMC22GRDK6B4Q/
