[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: without trustkey=yes cfengine 2.1.8 fails to run
From: |
Uwe Zeisberger |
Subject: |
Re: without trustkey=yes cfengine 2.1.8 fails to run |
Date: |
Fri, 6 Aug 2004 14:16:06 +0200 |
User-agent: |
Mutt/1.5.6+20040523i |
Hello Thomas,
thanks for your help, but:
Thomas Glanzmann wrote:
> > cfengine:: Not authorized to trust the server=a...de's public key
> > (trustkey=false)
> > cfengine:: Authentication dialogue with a...de failed
> > cfengine:: Not authorized to trust the server=a....de's public key
> > (trustkey=false)
> > cfengine:: Authentication dialogue with a...de failed
>
> In my opinion you have two solutions to your problem.
>
> (generic part) Upgrade cfengine to 2.1.8 on all Solaris hosts
I already updated all hosts to 2.1.8, generated new keys with the new
version everywhere.
> (solution 1) Delete the /var/cfengine/ppkeys/root-* files and set
> trustkeys to yes.
already done, too. On the client, the file for the server still don't
exist after running cfengine with trustkey=true.
> (solution 2) Copy over a key generated from a cfengine-2.1.8 version to
> /var/cfengine/ppkeys/root-whatever
When I copy localhost.pub from the server (andromeda) to ppkeys/root-<ip>.pub
on a client, I get on the client (running cfagent -q -v -d 1)
cfengine:: Strong authentication of
server=andromeda.informatik.uni-freiburg.de connection confirmed
Receive counter challenge from server
RecvSocketStream(8)
(Concatenated 8 from stream)
Transaction Receive [t 256][]
RecvSocketStream(256)
(Concatenated 256 from stream)
Replying to counter challenge with md5
Transaction Send[t 16][Packed text]
Attempting to send 24 bytes
SendSocketStream, sent 24
Collecting public key from server!
RecvSocketStream(8)
and on the server (cfservd -F -v -d 1)
A public key was already known from
auriga.informatik.uni-freiburg.de/::ffff:132.230.151.12 - no trust required
Adding IP ::ffff:132.230.151.12 to SkipVerify - no need to check this
if we have a key
The public key identity was confirmed as address@hidden
Transaction Send[t 16][Packed text]
Attempting to send 24 bytes
SendSocketStream, sent 24
Transaction Send[t 16][Packed text]
Attempting to send 24 bytes
SendSocketStream, sent 24
Transaction Send[t 256][Packed text]
Attempting to send 264 bytes
SendSocketStream, sent 264
RecvSocketStream(8)
(Concatenated 8 from stream)
Transaction Receive [t 16][]
RecvSocketStream(16)
(Concatenated 16 from stream)
cfservd: Strong authentication of client
auriga.informatik.uni-freiburg.de/::ffff:132.230.151.12 achieved
RecvSocketStream(8)
and then nothing new happens.
Regards,
Uwe
--
Uwe Zeisberger
fib where fib = 0 : 1 : zipWith (+) fib (tail fib)
signature.asc
Description: Digital signature