SSH Connection only works with the system user #5878
philipphomberger
started this conversation in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi,
I have a default User and a Privat Key setup in the st2.conf.
If I using that User everything working fine.
But If I want to change the User in the Action GUI or with the cli because for some other application I have other User with the same Privat Key in that case.
Than the connection is failing because the Key have not exact the right length.
See it with the cli:
[eco_adm@cg3d383c911-groot-s301 ~]$ st2 run core.remote cmd=whoami hosts=cg3-mstr-e601.sys.schwarz username=eco_adm private_key=/home/eco_adm/id_rsa
...
id: 63d8c49d3aae2920c58b5d58
action.ref: core.remote
context.user: hombergerp
parameters:
cmd: whoami
hosts: cg3-mstr-e601.sys.schwarz
private_key: '********'
username: eco_adm
status: succeeded
start_timestamp: Tue, 31 Jan 2023 07:34:53 UTC
end_timestamp: Tue, 31 Jan 2023 07:34:57 UTC
result:
cg3-mstr-e601.sys.schwarz:
failed: false
return_code: 0
stderr: ''
stdout: eco_adm
succeeded: true
[eco_adm@cg3d383c911-groot-s301 ~]$ st2 run core.remote cmd=whoami hosts=cg3-mstr-e601.sys.schwarz username=mstr_adm private_key=/home/eco_adm/id_rsa
...
id: 63d8c4ba3aae2920c58b5d5b
action.ref: core.remote
context.user: hombergerp
parameters:
cmd: whoami
hosts: cg3-mstr-e601.sys.schwarz
private_key: '********'
username: mstr_adm
status: failed
start_timestamp: Tue, 31 Jan 2023 07:35:22 UTC
end_timestamp: Tue, 31 Jan 2023 07:35:26 UTC
result:
error: "Unable to connect to any one of the hosts: ['cg3-mstr-e601.sys.schwarz'].
connect_errors={
"cg3-mstr-e601.sys.schwarz": {
"failed": true,
"succeeded": false,
"timeout": false,
"return_code": 255,
"stdout": "",
"stderr": "",
"error": "Failed connecting to host cg3-mstr-e601.sys.schwarz. q must be exactly 160, 224, or 256 bits long",
"traceback": "Traceback (most recent call last):
File "/opt/stackstorm/st2/lib/python3.8/site-packages/st2common/runners/parallel_ssh.py", line 278, in _connect
client.connect()
File "/opt/stackstorm/st2/lib/python3.8/site-packages/st2common/runners/paramiko_ssh.py", line 171, in connect
self.client = self._connect(host=self.hostname, socket=self.bastion_socket)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/st2common/runners/paramiko_ssh.py", line 787, in _connect
client.connect(**conninfo)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/paramiko/client.py", line 435, in connect
self._auth(
File "/opt/stackstorm/st2/lib/python3.8/site-packages/paramiko/client.py", line 682, in _auth
self._transport.auth_publickey(username, key)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/paramiko/transport.py", line 1634, in auth_publickey
return self.auth_handler.wait_for_response(my_event)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/paramiko/auth_handler.py", line 244, in wait_for_response
raise e
File "/opt/stackstorm/st2/lib/python3.8/site-packages/paramiko/transport.py", line 2163, in run
handler(self.auth_handler, m)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/paramiko/auth_handler.py", line 375, in _parse_service_accept
sig = self.private_key.sign_ssh_data(blob, algorithm)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/paramiko/dsskey.py", line 109, in sign_ssh_data
key = dsa.DSAPrivateNumbers(
File "/opt/stackstorm/st2/lib/python3.8/site-packages/cryptography/hazmat/primitives/asymmetric/dsa.py", line 244, in private_key
return backend.load_dsa_private_numbers(self)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 826, in load_dsa_private_numbers
dsa._check_dsa_private_numbers(numbers)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/cryptography/hazmat/primitives/asymmetric/dsa.py", line 282, in _check_dsa_private_numbers
_check_dsa_parameters(parameters)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/cryptography/hazmat/primitives/asymmetric/dsa.py", line 274, in _check_dsa_parameters
raise ValueError("q must be exactly 160, 224, or 256 bits long")
ValueError: q must be exactly 160, 224, or 256 bits long
"
}
}"
traceback: " File "/opt/stackstorm/st2/lib/python3.8/site-packages/st2actions/container/base.py", line 117, in _do_run
runner.pre_run()
File "/opt/stackstorm/st2/lib/python3.8/site-packages/st2common/runners/paramiko_ssh_runner.py", line 206, in pre_run
self._parallel_ssh_client = ParallelSSHClient(**client_kwargs)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/st2common/runners/parallel_ssh.py", line 90, in init
connect_results = self.connect(raise_on_any_error=raise_on_any_error)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/st2common/runners/parallel_ssh.py", line 131, in connect
raise NoHostsConnectedToException(msg)
"
The User eco_adm is the default user. Is a System User on the Server too.
The Other mstr_adm is the application user of the target Server not exist on the stackstorm application server.
Than I trying it with SSH from Server to Server everything is working fine too. But not in Stackstorm.
Any Idea?
STACKSTORM VERSION
Paste the output of st2 --version:
st2 --version
st2 3.8.0, on Python 3.8.13
OS, environment, install method
RHEL 8.6
Beta Was this translation helpful? Give feedback.
All reactions