SSH questions

Hi All

Not sure if I am doing this right, still testing, have Foreman server running all seems OK.
added a Cent OS 7 client all good.
Tried to schedule a job to update all packages, I can only get work if SSH port is 22
and PermitRootLogin is set to yes, unfortunately, we run SSH on a different port and
PermitRootLogin is set to no, I have tried setting the effective user in advanced section
of the job, but I still get the error “Error initializing command: Net::SSH::AuthenticationFailed - Authentication failed for user - root”

Can anyone point me in the right direction, to change the SSH port and the default SSH user?


Hi All

OK found the port settings have changed the port and default user, but still got the error
“You need to be root to perform this command.” we don’t allow remote access by root?

Hey, there should be an Administer - Setting - Remote Execution option SSH Port and SSH User. Use that.


Thanks found the settings, getting a bit further down the line, do you know where I can set
the root password, have tried setting in the Advanced fields on Job invocation page, but
I am getting error “Password: su: Authentication failure”, I know password is correct as I
can SSH from server to client ans su on the client?

Can it be set in the hosts parameters?

If you want to change effective user with a password, you have to use sudo as the effective user method. Su can be only used passwordless


Thanks, but something is not right,
I am running the job template Update all packages (yum update -y)
Have set the user and pass as effective user.
I can run the cmd with no problem when I SSH from the server to the client as the effective user.
but when I schedule the job in foreman I get this error?

“You need to be root to perform this command.”

Hi All

This is really annoying where else do I need to set the password?

Administer - Settings - Remote Execution
Default SSH password = {correct-password}
Effective User = foreman
Effective User Method = sudo
SSH Port = {our-ssh-port}
SSH User = foreman
Sudo password = {correct-password}

Hosts - All Hosts - foreman-client - Parameters
remote_execution_ssh_password = {correct-password}
remote_execution_ssh_port = {our-ssh-port}
remote_execution_ssh_user = foreman

Hosts - All Hosts - foreman-client - Schedule Remote Job
Job category = Miscellaneous
Job template = Update all packages (sudo yum update -y)
Advanced fields
Effective user = foreman
Password = {correct-password}
Sudo password = {correct-password}

Extract from /etc/sudoers on foreman-client
#Allow root to run any commands anywhere
root ALL=(ALL) ALL
foreman ALL=(ALL) ALL

Output from job:
1: [sudo] password for foreman:
2: sudo: timed out reading password
3: Exit status: 1

What are you really trying to acomplish? In what you just posted you are setting both the remote user and effective user to foreman. Why would you need to do anything with sudo then?


I am running a Job that runs the cmd remotely “yum update -y” it will only run as root or as sudo,
it looks like the cmd is running but it is not getting the password.

error is sudo: timed out reading password