Re: Host authentication fails after update from 2.1.13

bug-cfengine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Host authentication fails after update from 2.1.13

From:	Christian Pearce
Subject:	Re: Host authentication fails after update from 2.1.13
Date:	Mon, 13 Jun 2005 16:18:31 -0400

I know this sounds stupid, but did you make sure you stop and started
the cfservd server?  I make that mistake from time to time.

On Mon, 2005-06-13 at 21:50 +0200, Morten Werner Olsen wrote:
> forwarded 312647 address@hidden
> thanks
> 
> Hi,
> 
> here is another bug report from one of our Debian users.
> 
> 
> - Werner
> 
> ----- Forwarded message from Sven Marnach <address@hidden> -----
> 
> Date: Thu, 09 Jun 2005 13:26:26 +0200
> To: Debian Bug Tracking System <address@hidden>
> From: Sven Marnach <address@hidden>
> Subject: Bug#312647: cfengine2: Host authentication fails after update
>     from 2.1.13
> Reply-To: Sven Marnach <address@hidden>, address@hidden
> 
> Package: cfengine2
> Version: 2.1.14-1
> Severity: important
> 
> After upgrading all the machines in a small cluster to version 2.1.14-1, the
> nodes could still successfully authenticate themselves to the master.
> 
> The nodes do a complete reinstall from a local mirror each time they boot.
> They fetch their cfengine key pairs via tftp and try to run cfagent to fetch
> some basic configuration.  This step failed after upgrading cfengine to
> 2.1.14-1, so the nodes couldn't reboot anymore.
> 
> cfservd prints the following message to the syslog:
> 
> Jun  3 01:49:53 master1 cfservd[3787]: Accepting connection from 
> ::ffff:192.168.2.107 
> Jun  3 01:49:53 master1 cfservd[3787]:  Private decrypt failed = padding 
> check failed 
> Jun  3 01:49:53 master1 cfservd[3787]: Host authorization/authentication 
> failed or access denied 
> Jun  3 01:49:53 master1 cfservd[3787]: From 
> (host=node07.cluster,user=root,ip=::ffff:192.168.2.107)
> Jun  3 01:49:57 node07 clinitrd: panic: Could not execute 'inroot cfagent -v 
> --no-lock -D install'. 
> 
> (the last line shows the cfagent command line)
> 
> I know there was a change in the encrytion protocol that prevents new
> clients from talking to old servers, but I upgraded all machines.
> 
> I also tried to regenerate all the keys, but that didn't work either.  After
> reverting to 2.1.13 everything worked fine.
> 
> I'm lacking the time to track down this bug properly and hope this report
> may help anyway.
> 
> Greetings,
> Sven
> 
> -- System Information:
> [stripped -- this computer doesn't even have cfengine installed...]
> 
> 
> 
> ----- End forwarded message -----
> 
> 
> _______________________________________________
> Bug-cfengine mailing list
> address@hidden
> http://lists.gnu.org/mailman/listinfo/bug-cfengine
-- 
Christian Pearce
http://www.sysnav.com
http://www.commnav.com
http://www.perfectorder.com

signature.asc
Description: This is a digitally signed message part

[Prev in Thread]

Current Thread

[Next in Thread]

Host authentication fails after update from 2.1.13, Morten Werner Olsen, 2005/06/13
- Re: Host authentication fails after update from 2.1.13, Christian Pearce <=

Prev by Date: Host authentication fails after update from 2.1.13
Next by Date: Locking Issues (Fixed)
Previous by thread: Host authentication fails after update from 2.1.13
Next by thread: Locking Issues (Fixed)
Index(es):
- Date
- Thread