Hi,
mpa table looks like
#mpa,username,password,displayname,slots,urlpath,comments,disable
"cmm01","user","passw0rd",,,,,
С уважением,
Игорь
On Thu, Jul 2, 2015 at 3:48 AM, <[email protected]>
wrote:
> Send xCAT-user mailing list submissions to
> [email protected]
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://lists.sourceforge.net/lists/listinfo/xcat-user
> or, via email, send a message with subject or body 'help' to
> [email protected]
>
> You can reach the person managing the list at
> [email protected]
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of xCAT-user digest..."
>
>
> Today's Topics:
>
> 1. Re: how to validate gpg key. (Jonathan Hermann)
> 2. pureflex cmm error (indi)
> 3. Re: how to validate gpg key. (Christopher Samuel)
> 4. Re: pureflex cmm error (Xiao Peng Wang)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Wed, 1 Jul 2015 10:24:39 +0200
> From: Jonathan Hermann <[email protected]>
> Subject: Re: [xcat-user] how to validate gpg key.
> To: xCAT Users Mailing list <[email protected]>
> Message-ID:
> <
> of15f068de.2bd94878-onc1257e75.002decdd-c1257e75.002e3...@de.ibm.com>
> Content-Type: text/plain; charset="utf-8"
>
> Just thinking out loud: if Marc-Andr?'s purpose is to validate content that
> was downloaded via insecure http, then a gpg key downloaded via insecure
> http is somewhat pointless. I mean, statistically, chances are a bit better
> that only one of both connections gets manipulated (if at all), but still,
> the whole process in itself is vulnerable.
>
>
> Mit freundlichen Gr??en / Kind regards
>
> Jonathan (Nathan) Hermann
> IT Specialist HPC and HPSS
> Global Technology Services / Data Center Services
>
> IBM Deutschland
> IBM-Allee 1
> 71139 Ehningen
> Phone: +49-160-98976942
> E-Mail: [email protected]
>
> IBM Deutschland Infrastructure Technology Services GmbH
> Gesch?ftsf?hrung: Hendrik Meyer
> Sitz der Gesellschaft: Ehningen / Registergericht: Amtsgericht Stuttgart,
> HRB 727973
>
>
>
> From: Xiao Peng Wang <[email protected]>
> To: xCAT Users Mailing list <[email protected]>
> Date: 01.07.2015 04:32
> Subject: Re: [xcat-user] how to validate gpg key.
>
>
>
> There's one here:
> http://sourceforge.net/projects/xcat/files/ubuntu/apt.key/download
>
> Thanks
> Best Regards
> ----------------------------------------------------------------------
> Wang Xiaopeng (???)
> IBM China System Technology Laboratory
> Tel: 86-10-82453455
> Email: [email protected]
> Address: 28,ZhongGuanCun Software Park,No.8 Dong Bei Wang West Road,
> Haidian District Beijing P.R.China 100193
>
> (Embedded image moved to file: pic52496.gif)Inactive hide details for
> Marc-andr? Labont? ---2015/06/30 01:38:35---Hi all, I have downloaded
> xcat-core and xcat-dep tar ballMarc-andr? Labont? ---2015/06/30
> 01:38:35---Hi all, I have downloaded xcat-core and xcat-dep tar balls and i
> am trying to
>
> From: Marc-andr? Labont? <[email protected]>
> To: <[email protected]>
> Date: 2015/06/30 01:38
> Subject: [xcat-user] how to validate gpg key.
>
>
>
> Hi all,
>
> I have downloaded xcat-core and xcat-dep tar balls and i am trying to
> find a way to authenticate them prior using them.
>
> First, the downloads are being done over http so they can be manipulated
> by whoever has access to my traffic. I was unsuccessful with trying to
> use https download links. There is always the possibility i might be
> getting a slightly different (compromised) tar ball.
>
> I've found a gpg key located in repodata (repomd.xml.key) in both tar
> balls.
>
> The key i've got has the following ID and fingerprint:
>
> gpg --fingerprint C6565BC9
> pub 1024D/C6565BC9 2015-01-07
> Key fingerprint = F75B 1BF6 78B6 44FD F3AA CFC8 60A3 E9AC C656 5BC9
> uid xCAT Security Key <[email protected]>
>
> It can also validate the repomd.xml signature and rpm -K on files do
> report the same key id to be missing:
>
> rpm -K xCAT-server-2.9.1-snap201503190325.noarch.rpm
> xCAT-server-2.9.1-snap201503190325.noarch.rpm: (SHA1) DSA sha1 md5 (GPG)
> NOT OK (MISSING KEYS: GPG#c6565bc9)
>
> Good news, once i know i've got the right key, i should be able to
> proceed with installing the rpms.
>
> Does everyone here is also getting key ID C6565BC9 with the tar balls?
>
> Could xCAT security key be published on the web site, preferably on a
> page that can be accessed over https to increase the level of confidence
> our downloads are not being tampered with?
>
>
> I already published the key i've got to Fedora's public key server here
> so others can compare:
>
> https://keys.fedoraproject.org/pks/lookup?search=0xC6565BC9&op=vindex
>
> regards
>
> Marc-andre
>
>
> ------------------------------------------------------------------------------
>
> Don't Limit Your Business. Reach for the Cloud.
> GigeNET's Cloud Solutions provide you with the tools and support that
> you need to offload your IT needs and focus on growing your business.
> Configured For All Businesses. Start Your Cloud Today.
> https://www.gigenetcloud.com/
> _______________________________________________
> xCAT-user mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/xcat-user
>
>
> ------------------------------------------------------------------------------
>
> Don't Limit Your Business. Reach for the Cloud.
> GigeNET's Cloud Solutions provide you with the tools and support that
> you need to offload your IT needs and focus on growing your business.
> Configured For All Businesses. Start Your Cloud Today.
> https://www.gigenetcloud.com/
> _______________________________________________
> xCAT-user mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/xcat-user
>
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: pic52496.gif
> Type: image/gif
> Size: 105 bytes
> Desc: not available
>
> ------------------------------
>
> Message: 2
> Date: Wed, 1 Jul 2015 16:34:37 +0300
> From: indi <[email protected]>
> Subject: [xcat-user] pureflex cmm error
> To: "[email protected]"
> <[email protected]>
> Message-ID:
> <CAFg3m7SnCqnFf5Mqvi5QCsw9mGcUV-QMxaQv+=
> [email protected]>
> Content-Type: text/plain; charset="utf-8"
>
> Hi All,
>
> i'm getting error when trying to configure CMM using rspconfig. Password
> for ipmi in passwd table looks correct. Error looks like that.
>
> rspconfig cmm01 sshcfg snmpcfg
> cmm01: Incorrect Password at /opt/xcat/lib/perl/xCAT/SSHInteract.pm line
> 74.
> cmm01: SNMP: disabled
>
> or
>
> rspconfig cmm sshcfg=enable snmpcfg=enable
> cmm01: Failed to login to cmm01
>
> Regards,
> Igor
> -------------- next part --------------
> An HTML attachment was scrubbed...
>
> ------------------------------
>
> Message: 3
> Date: Thu, 02 Jul 2015 10:10:57 +1000
> From: Christopher Samuel <[email protected]>
> Subject: Re: [xcat-user] how to validate gpg key.
> To: [email protected]
> Message-ID: <[email protected]>
> Content-Type: text/plain; charset=windows-1252
>
> On 01/07/15 18:24, Jonathan Hermann wrote:
>
> > Just thinking out loud: if Marc-Andr?'s purpose is to validate content
> that
> > was downloaded via insecure http, then a gpg key downloaded via insecure
> > http is somewhat pointless. I mean, statistically, chances are a bit
> better
> > that only one of both connections gets manipulated (if at all), but
> still,
> > the whole process in itself is vulnerable.
>
> However, even using https is not necessarily a great thing given the
> recent history of CA security and the general level of (mis)trust in
> centralised PKI systems these days.
>
> There's a nice LWN article on this issue from earlier this year on the
> whole issue (focused mainly on distros, but the issues are the same for
> any open source package):
>
> https://lwn.net/Articles/637595/
>
> My feeling is that you have to set and clearly state the level of
> paranoia/threat that you are willing to try and work to address and try
> and avoid the temptation to go beyond that level (without updating your
> statement first).
>
> All the best,
> Chris
> --
> Christopher Samuel Senior Systems Administrator
> VLSCI - Victorian Life Sciences Computation Initiative
> Email: [email protected] Phone: +61 (0)3 903 55545
> http://www.vlsci.org.au/ http://twitter.com/vlsci
>
>
>
>
> ------------------------------
>
> Message: 4
> Date: Thu, 2 Jul 2015 08:47:33 +0800
> From: Xiao Peng Wang <[email protected]>
> Subject: Re: [xcat-user] pureflex cmm error
> To: xCAT Users Mailing list <[email protected]>
> Message-ID:
> <
> of85d2b6a6.092c1e7b-on48257e76.00043fcd-48257e76.00045...@cn.ibm.com>
> Content-Type: text/plain; charset="gb2312"
>
> Did you set the password for the cmm in the mpa table? This should be the
> require of password of cmm.
>
> Thanks
> Best Regards
> ----------------------------------------------------------------------
> Wang Xiaopeng (???)
> IBM China System Technology Laboratory
> Tel: 86-10-82453455
> Email: [email protected]
> Address: 28,ZhongGuanCun Software Park,No.8 Dong Bei Wang West Road,
> Haidian District Beijing P.R.China 100193
>
>
>
> From: indi <[email protected]>
> To: "[email protected]"
> <[email protected]>
> Date: 2015/07/01 21:38
> Subject: [xcat-user] pureflex cmm error
>
>
>
> Hi All,
>
> i'm getting error when trying to configure CMM using rspconfig. Password
> for ipmi in passwd table looks correct. Error looks like that.
>
> rspconfig cmm01 sshcfg snmpcfg
> cmm01: Incorrect Password at /opt/xcat/lib/perl/xCAT/SSHInteract.pm line
> 74.
> cmm01: SNMP: disabled
>
> or
>
> rspconfig cmm sshcfg=enable snmpcfg=enable
> cmm01: Failed to login to cmm01
>
> Regards,
> Igor
>
> ------------------------------------------------------------------------------
>
> Don't Limit Your Business. Reach for the Cloud.
> GigeNET's Cloud Solutions provide you with the tools and support that
> you need to offload your IT needs and focus on growing your business.
> Configured For All Businesses. Start Your Cloud Today.
> https://www.gigenetcloud.com/
> _______________________________________________
> xCAT-user mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/xcat-user
> -------------- next part --------------
> An HTML attachment was scrubbed...
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: graycol.gif
> Type: image/gif
> Size: 105 bytes
> Desc: not available
>
> ------------------------------
>
>
> ------------------------------------------------------------------------------
> Don't Limit Your Business. Reach for the Cloud.
> GigeNET's Cloud Solutions provide you with the tools and support that
> you need to offload your IT needs and focus on growing your business.
> Configured For All Businesses. Start Your Cloud Today.
> https://www.gigenetcloud.com/
>
> ------------------------------
>
> _______________________________________________
> xCAT-user mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/xcat-user
>
>
> End of xCAT-user Digest, Vol 71, Issue 4
> ****************************************
>
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
xCAT-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/xcat-user
