OK, so I think I've identified the issue. I found these lines in the engine.log 
file:

2022-10-20 17:27:36,785+11 ERROR 
[org.ovirt.engine.core.bll.hostdeploy.AddVdsCommand] (default task-1) 
[4a1c2931-f754-4020-8bf3-27455338ca6d] Failed to authenticate session with host 
'ovirt_node_1.mynet.local': SSH authentication to 
'root@ovirt_node_1.mynet.local' failed. Please verify provided credentials. 
Make sure key is authorized at host

2022-10-20 17:27:36,786+11 WARN  
[org.ovirt.engine.core.bll.hostdeploy.AddVdsCommand] (default task-1) 
[4a1c2931-f754-4020-8bf3-27455338ca6d] Validation of action 'AddVds' failed for 
user admin@internal-authz. Reasons: VAR__ACTION__ADD,VAR__TYPE__HOST,$server 
ovirt_node_1.mynet.local,VDS_CANNOT_AUTHENTICATE_TO_SERVER

2022-10-20 17:27:36,822+11 ERROR 
[org.ovirt.engine.api.restapi.resource.AbstractBackendResource] (default 
task-1) [] Operation Failed: [Cannot add Host. SSH authentication failed, 
verify authentication parameters are correct (Username/Password, public-key 
etc.) You may refer to the engine.log file for further details.]

So my next set of questions:

- I don't recall anywhere in the deployment script being asked to supply the 
root login credentials for ovirt_node_1.mynet.local (the host), so what have I 
missed?
- I don't recall being asked to supply a ssh cert for logging into 
ovirt_node_1.mynet.local. The only ssh cert being asked about (and its marked 
as "Optional") is one to log into the deployed engine *after* it is deployed 
(Step 16 of "5.3. Deploying the self-hosted engine using the command line"). Am 
I missing something here?
- In the Prerequisites section of 5.3 the doco mentions "The self-hosted engine 
setup script requires ssh public key access using 2048-bit RSA keys from the 
engine virtual machine to the root account of its bare metal host." and then 
talks about having various settings set in the host's sshd_config file. In the 
host's authoized_keys file there is an RSA key (not placed by me) which I 
assume the deployment script placed there. Again, what am I not understanding 
about this?

I've checked the host's sshd_config file and all of the requirements listed in 
section 5.3 of the doco are there (the PubkeyAcceptedKeyTypes is being picked 
up from the system-wide crypto policy, which are set to DEFAULT, which meets 
the specified 2048-bit RSA keys).

I've included all the logs with the string "ERROR" in this DropBox folder, 
along with a couple of other relevant(?) files: 
https://www.dropbox.com/sh/eymwdy8hzn3sa7z/AACscSP2eaFfoiN-QzyeEVfaa?dl=0

Could someone please be kind enough to point out where things are going wrong?

Cheers

Dulux-Oz
_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/4P4RGXTBZHWT3YQ3PYOOIER7645OVQGS/

Reply via email to