Hello ,
I am trying to establish ssh connection to target machine using key based
authentication, but some how it failed in authentication:
I placed this code in one of the action of the controller,
Net::SSH.start('r8sysappnode05.localdomain','txpadmin',:keys =>
"/usr/share/foreman-proxy/.ssh/id_rsa") do |ssh|
@output=ssh.exec!("hostname")
end
Whenever i use password based it worked.
Could you please reply how can i achieve this??
Thanks,
Aditya
It does not look like there is a problem in your code snippet. The last
time I faced problems when trying to shh into a machine like you, it turned
out there was wrong SELinux context on the target machine.
This fixed the problem for me (on CentOS host):
restorecon -R -v /root/.ssh
I would also check permissions on your
'/usr/share/foreman-proxy/ssh/id_rsa'.
···
On Tuesday, February 9, 2016 at 5:23:53 AM UTC+1, Aditya Gupta wrote:
>
> Hello ,
>
> I am trying to establish ssh connection to target machine using key based
> authentication, but some how it failed in authentication:
>
> I placed this code in one of the action of the controller,
>
> Net::SSH.start('r8sysappnode05.localdomain','txpadmin',:keys =>
> "/usr/share/foreman-proxy/.ssh/id_rsa") do |ssh|
> @output=ssh.exec!("hostname")
> end
>
>
> Whenever i use password based it worked.
>
> Could you please reply how can i achieve this??
>
> Thanks,
> Aditya
>
>
> It does not look like there is a problem in your code snippet. The last
> time I faced problems when trying to shh into a machine like you, it turned
> out there was wrong SELinux context on the target machine.
> This fixed the problem for me (on CentOS host):
>
> restorecon -R -v /root/.ssh
>
> I would also check permissions on your
> '/usr/share/foreman-proxy/ssh/id_rsa'.
>
>
>>
>> Hello ,
>>
>> I am trying to establish ssh connection to target machine using key based
>> authentication, but some how it failed in authentication:
>>
>> I placed this code in one of the action of the controller,
>>
>> Net::SSH.start('r8sysappnode05.localdomain','txpadmin',:keys =>
>> "/usr/share/foreman-proxy/.ssh/id_rsa") do |ssh|
>> @output=ssh.exec!("hostname")
>> end
>>
>>
>> Whenever i use password based it worked.
>>
>> Could you please reply how can i achieve this??
>>
>> Thanks,
>> Aditya
>>
>
···
On Tuesday, February 9, 2016 at 7:21:12 PM UTC+5:30, oprazak wrote:
> On Tuesday, February 9, 2016 at 5:23:53 AM UTC+1, Aditya Gupta wrote:
-------------------------------------------
Hi oprazak,
exactly There is some permission issue
/usr/share/foreman-proxy/.ssh/id_rsa", but i am wondering same thing
foreman puppetrun button is doing using net/ssh then how they have
permission but i am using the same via foreman but in different section for
me it is not working.
Do you have any idea where can i find the puppet run code and check how
they have permission to access same file but i am not .,
Thanks,
Aditya
The code that triggers the Puppet run over SSH is in the smart proxy,
not in Foreman. As such, it would run under a different user account -
the main Foreman account shouldn't have access to private data in
/usr/share/foreman-proxy as they're separate services.
The proxy actually uses the (Open)SSH binary, not net-ssh too:
https://github.com/theforeman/smart-proxy/blob/develop/modules/puppet_proxy/puppet_ssh.rb
···
On 10/02/16 03:17, Aditya Gupta wrote:
>
>
> On Tuesday, February 9, 2016 at 7:21:12 PM UTC+5:30, oprazak wrote:
>
> It does not look like there is a problem in your code snippet. The
> last time I faced problems when trying to shh into a machine like
> you, it turned out there was wrong SELinux context on the target
> machine.
> This fixed the problem for me (on CentOS host):
>
> restorecon -R -v /root/.ssh
>
> I would also check permissions on your
> '/usr/share/foreman-proxy/ssh/id_rsa'.
>
>
> On Tuesday, February 9, 2016 at 5:23:53 AM UTC+1, Aditya Gupta wrote:
>
> Hello ,
>
> I am trying to establish ssh connection to target machine using
> key based authentication, but some how it failed in authentication:
>
> I placed this code in one of the action of the controller,
>
> Net::SSH.start('r8sysappnode05.localdomain','txpadmin',:keys =>
> "/usr/share/foreman-proxy/.ssh/id_rsa") do |ssh|
> @output=ssh.exec!("hostname")
> end
>
>
> Whenever i use password based it worked.
>
> Could you please reply how can i achieve this??
>
> Thanks,
> Aditya
>
>
>
> -------------------------------------------
>
>
> Hi oprazak,
>
> exactly There is some permission issue
> /usr/share/foreman-proxy/.ssh/id_rsa", but i am wondering same thing
> foreman puppetrun button is doing using net/ssh then how they have
> permission but i am using the same via foreman but in different section
> for me it is not working.
>
> Do you have any idea where can i find the puppet run code and check how
> they have permission to access same file but i am not .,
–
Dominic Cleal
dominic@cleal.org