Actions
Bug #19017
closedupdate_inventory.py ignores 'User' in ssh config
Status:
Can't reproduce
Priority:
Urgent
Assignee:
-
Category:
-
% Done:
0%
Source:
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Crash signature (v1):
Crash signature (v2):
Description
dgalloway@w541 ~ ()$ cat .ssh/config
host *.ceph.redhat.com
User dgalloway
StrictHostKeyChecking false
UserKnownHostsFile /dev/null
dgalloway@w541 ~ ()$ teuthology-update-inventory -v clara002.ceph.redhat.com
2017-02-22 13:30:24,089.089 DEBUG:teuthology.orchestra.connection:{'username': None, 'hostname': 'clara002.ceph.redhat.com', 'timeout': 60}
2017-02-22 13:30:24,433.433 INFO:teuthology.orchestra.run.clara002:Running: 'true'
2017-02-22 13:30:24,819.819 INFO:teuthology.orchestra.run.clara002:Running: 'hostname --fqdn'
2017-02-22 13:30:24,965.965 INFO:teuthology.orchestra.run.clara002.stdout:clara002.ceph.redhat.com
2017-02-22 13:30:24,966.966 INFO:teuthology.orchestra.run.clara002:Running: 'uname -m'
2017-02-22 13:30:25,143.143 INFO:teuthology.orchestra.run.clara002.stdout:x86_64
2017-02-22 13:30:25,143.143 INFO:teuthology.orchestra.run.clara002:Running: "python -c 'import platform; print platform.linux_distribution()'"
2017-02-22 13:30:25,346.346 INFO:teuthology.orchestra.run.clara002.stdout:('Red Hat Enterprise Linux Server', '7.3', 'Maipo')
2017-02-22 13:30:25,346.346 INFO:teuthology.lock:Updating clara002.ceph.redhat.com on lock server
dgalloway@w541 ~ ()$ echo " IdentityFile ~/.ssh/id_rsa_w541" >> ~/.ssh/config
dgalloway@w541 ~ ()$ teuthology-update-inventory -v clara002.ceph.redhat.com
2017-02-22 13:31:06,015.015 DEBUG:teuthology.orchestra.connection:{'username': None, 'hostname': 'clara002.ceph.redhat.com', 'key_filename': ['/home/dgalloway/.ssh/id_rsa_w541'], 'timeout': 60}
2017-02-22 13:31:06,339.339 INFO:teuthology.orchestra.run.clara002:Running: 'true'
2017-02-22 13:31:06,751.751 INFO:teuthology.orchestra.run.clara002:Running: 'hostname --fqdn'
2017-02-22 13:31:06,899.899 INFO:teuthology.orchestra.run.clara002.stdout:clara002.ceph.redhat.com
2017-02-22 13:31:06,900.900 INFO:teuthology.orchestra.run.clara002:Running: 'uname -m'
2017-02-22 13:31:07,076.076 INFO:teuthology.orchestra.run.clara002.stdout:x86_64
2017-02-22 13:31:07,077.077 INFO:teuthology.orchestra.run.clara002:Running: "python -c 'import platform; print platform.linux_distribution()'"
2017-02-22 13:31:07,276.276 INFO:teuthology.orchestra.run.clara002.stdout:('Red Hat Enterprise Linux Server', '7.3', 'Maipo')
2017-02-22 13:31:07,277.277 INFO:teuthology.lock:Updating clara002.ceph.redhat.com on lock server
Notice how it respects the IdentityFile parameter but User is still ignored.
Although the command passes, this causes problems when trying to ssh as the 'ubuntu' user, for example.
Updated by David Galloway about 7 years ago
- Status changed from New to Need More Info
- Assignee set to David Galloway
I'm pretty sure this is the result of not using the FQDN of the testnode. Try teuthology-update-inventory clara002.ceph.redhat.com
Updated by Vasu Kulkarni about 7 years ago
I just tried that and it is not working for my user, Do you think I am missing anything in ssh/config, I believe fqdn is working for your id. Thanks
Updated by David Galloway about 7 years ago
- Project changed from 19 to teuthology
- Subject changed from update-inventory failing due to keys issue to update_inventory.py ignores 'User' in ssh config
- Description updated (diff)
- Status changed from Need More Info to 12
- Assignee deleted (
David Galloway)
Updated by David Galloway about 7 years ago
Worth noting that teuthology-update-inventory ubuntu@$HOST does work. Still should obey ~/.ssh/config though IMO.
Updated by Vasu Kulkarni almost 7 years ago
issue with my account, which has user config
vasu@magna002:~/teuthology/teuthology/virtualenv/bin$ ./teuthology-update-inventory -v clara002
2017-05-24 13:52:45,049.049 DEBUG:teuthology.orchestra.connection:{'username': None, 'hostname': 'clara002', 'key_filename': ['/home/vasu/.ssh/id_rsa'], 'timeout': 60}
2017-05-24 13:52:45,164.164 ERROR:teuthology.orchestra.connection:Error connecting to clara002
Traceback (most recent call last):
File "/home/vasu/teuthology/teuthology/teuthology/orchestra/connection.py", line 104, in connect
ssh.connect(**connect_args)
File "/home/vasu/teuthology/teuthology/virtualenv/local/lib/python2.7/site-packages/paramiko/client.py", line 381, in connect
look_for_keys, gss_auth, gss_kex, gss_deleg_creds, gss_host)
File "/home/vasu/teuthology/teuthology/virtualenv/local/lib/python2.7/site-packages/paramiko/client.py", line 622, in _auth
raise saved_exception
AuthenticationException: Authentication failed.
vasu@magna002:~/teuthology/teuthology/virtualenv/bin$ cat ~/.ssh/config Host plana* mira* burnupi* tala* saya* vpm* names* gitbuilder* teuthology gw* senta* vercoi* rex* magna* clara* pluto* ServerAliveInterval 360 StrictHostKeyChecking false UserKnownHostsFile /dev/null IdentityFile ~/.ssh/id_rsa User ubuntu
Updated by Vasu Kulkarni almost 7 years ago
- Priority changed from Normal to Urgent
bumping this to high, because the workaround ubuntu@hostname which i was using to update inventory doesn't work, causing any os_type tests i have to pickup wrong nodes.
Updated by Zack Cerza almost 7 years ago
There's a bug there, I agree.
I don't like the practice of using the ubuntu user though. Can we get your ssh keys fixed?
Updated by Vasu Kulkarni almost 7 years ago
I am not sure there is an issue with my ssh-keys, it works for everything except the update-inventory cli, what is the issue with my key?
Updated by Vasu Kulkarni almost 7 years ago
hmm, yeah that seems to be not working, not sure if something changed at ansible side, (the key i had was from my laptop, dont remember providing magna002)
vasu@magna002:~/teuthology/teuthology/virtualenv/bin$ ssh -v vasu@clara005 [15/1554] OpenSSH_7.2p2 Ubuntu-4ubuntu2.1, OpenSSL 1.0.2g 1 Mar 2016 debug1: Reading configuration data /home/vasu/.ssh/config debug1: /home/vasu/.ssh/config line 1: Applying options for clara* debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 18: Applying options for * debug1: /etc/ssh/ssh_config line 66: Applying options for * debug1: Connecting to clara005 [10.8.129.5] port 22. debug1: Connection established. debug1: identity file /home/vasu/.ssh/id_rsa type 1 debug1: key_load_public: No such file or directory debug1: identity file /home/vasu/.ssh/id_rsa-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.1 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1 debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000 debug1: Authenticating to clara005:22 as 'vasu' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: curve25519-sha256@libssh.org debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ecdsa-sha2-nistp256 SHA256:jeG9/O7AYm+Y+7UJwg8+TfgaS3ALVhyK0jTRvHkgylM Warning: Permanently added 'clara005,10.8.129.5' (ECDSA) to the list of known hosts. debug1: rekey after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: rekey after 134217728 blocks debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Next authentication method: gssapi-keyex debug1: No valid Key exchange context debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information No Kerberos credentials available debug1: Unspecified GSS failure. Minor code may provide more information No Kerberos credentials available
Updated by Zack Cerza almost 7 years ago
Perhaps if you put one of your three keys on the machine it would work as expected?
Updated by Josh Durgin over 2 years ago
- Status changed from New to Can't reproduce
Actions