I am working on the OpenStack glance. after I entered the command
su -s /bin/sh -c "glance-manage db_sync" glance
beside the deprecated messages, I get lots of other errors that are relevant to python errors and *Access denied for user 'glance'#'x.x.x.x'"*error.
I have used the OpenStack document for Ubuntu step by step.
This is the source address: https://docs.openstack.org/glance/pike/install/install-ubuntu.html
How should I fix the permission error?
The error has to do with connecting to the DB with user 'glance'#'x.x.x.x'. See if you can access your DB (probably MySQL) with the same username + password that you have configured in Glance.
[database]
# ...
connection = mysql+pymysql://glance:GLANCE_DBPASS#controller/glance
Verify the user + password used in your connection settings.
If you are able to connect with the user + password then you need to look into your grants for the user. See which grants you have setup:
mysql> show grants;
Setup grants using a wildcard if you don't want to use specific IP addresses.
The older guides have the steps listed, while the newer guides do not:
https://docs.openstack.org/ocata/install-guide-ubuntu/glance-install.html
GRANT ALL PRIVILEGES ON glance.* TO 'glance'#'%' IDENTIFIED BY 'GLANCE_DBPASS';
Related
I've created a new instance of AMI Oracle Database 11.2.0.1 64-bit Standard Edition; ami-3f739c56 supplied by Oracle. I've tried to access the instance via SSH from my Windows 10 PC (also from my Mac) but I get the error "Server refused our key. Disconnected: No supported authentication methods available (server sent: publickey, gssapi-with-mic)". I've tried:
User IDs: root; oracle; admin; ec2-user
restarting the instance
rebuilding the key-pairs
Searching Stack Overflow for anything related to this type of problem (everything I've found is out of date by several years and seem to related only to Ubuntu)
searching Oracle's site
searching the Internet
The key-pair that I initially used is fine for my Ubuntu instance that I'm able to connect (User ID: admin).
Everything that I've found so far points to the problem being with me using the wrong default User ID but I don't have anything to tell me what the correct User ID should be.
Any suggestions will be greatly appreciated.
Thanks.
In the AWS Marketplace, navigate to the AMI page
Click on the Usage tab
Click on View Usage Instructions
Note that if the vendor is clckwrk Ltd, then the user is clckwrk
(I did not find OP's "ami-3f739c56")
check health of your AMI:
In the navigation pane, choose Instances, and select the instance.
Choose Actions, Instance Settings, Get System Log.
Write to AWS support.
In my experience there are very "stupid" mistakes:
instance not allow ssh connection, check aws security groups and network acl
you have a typo when you connect via ssh
you have wrong permissions to the ssh key,
or you use wrong ssh key )
try -vvv parameters for ssh command, maybe you can see the erors
The user 'root' worked for me. When I logged in for the first time using 'root' user, it walked me though the Oracle setup process.
I faced the problem too. The username is: clckwrk
I am using FileZilla to log in to an SFTP host with my credentials. However, I need to use an equivalent of sudo su - user (as used in linux) to change the user. There are no passwords set for this general user, and hence direct login is not allowed.
What FTP command can I use with the "Enter custom command.." option in FileZilla to switch users after connecting?
(This is required so I can transfer files as a different user and not my login.)
SFTP protocol doesn't support changing user in the middle of transfer session (so no case to login and then change user with some custom command). But you can launch sftp server under needed user using sudo, by changing SFTP client configuration. Don't know whether this trick is supported by FileZilla, but it's supported by PuTTY or WinSCP. There in the sftp server settings you can specify something like "sudo /bin/sftp-server" in order to launch transfer session under different user.
For example, instruction how to do this with WinSCP:
https://winscp.net/eng/docs/faq_su#sudo
I'm trying to edit some files on a remote server with Vim. I've managed this on other servers without trouble in the past, but in this case when I type:
$ vim ftp://username#xxxxxx.com/
I'm prompted for a password, I type it in and I see this:
Name (notixvalet.com:george): User cannot log in.
Please login with USER and PASS.
Please login with USER and PASS.
Please login with USER and PASS.
ftp: Login failed
'george' is my username on my local machine (Mac OS X 10.8.) Vim seems to be ignoring the username I give it and trying to log on as 'george', no matter what I do. To test this I created a new account on my MacBook with the same username as the username on the server I'm trying to log in as, then from that account I can log in fine. This is obviously a VERY hacky solution - how can I connect using the right username from my regular account?
(Incidentally, the username and password I'm using are 100% definitely right - I can use them to connect to the server through an FTP client such as FileZilla.)
The plugin you are using to edit the remote files is netrw, as noted by Ingo in the comments. You can read the plugin help file through :h netrw. In special:
NETRC *netrw-netrc*
The <.netrc> file, typically located in your home directory, contains lines
therein which map a hostname (machine name) to the user id and password you
prefer to use with it.
The typical syntax for lines in a <.netrc> file is given as shown below.
Ftp under Unix usually supports <.netrc>; ftp under Windows usually doesn't.
>
machine {full machine name} login {user-id} password "{password}"
default login {user-id} password "{password}"
Your ftp client must handle the use of <.netrc> on its own, but if the
<.netrc> file exists, an ftp transfer will not ask for the user-id or
password.
Note:
Since this file contains passwords, make very sure nobody else can
read this file! Most programs will refuse to use a .netrc that is
readable for others. Don't forget that the system administrator can
still read the file! Ie. for Linux/Unix: chmod 600 .netrc
Is there any chance that you forgot to copy the ~/.netrc file from the other servers where you can connect without problems? Or it has incorrect permissions, as mentioned on the last paragraph?
I'm use an Debian based OS here on my work an i've configured the service for test routines of ERP app...
This service (Tomcat+Java service) it's consumed via HTTP on intranet correctly...but the test leader sometimes need chance the database used by service application and uses SSH to access my machine to change database on config file and restart the service...eventually this person change some service or O.S. config throwing problems to me (on my O.S and others things..).
What i want know is if can i change my password only for SSH service (doesn't change to my KDE/Gnome session), just because the company's policy requires everyone to have a default password on stations...
Remebering that i'm a manager of config, maintenance and others jobs of service to test team...and change database solicitations can made to me.
A simple example:
KDE login if user 'carlos' and password '123456'
SSH login if user 'carlos' and password '4nyJokeHere'
That it's possible ?
Thanks in advance.
Possible? Maybe. You'd probably have to fiddle with pam.d to get SSH authenticating via a different mechanism to KDE etc.
Coming from a different angle, I may be missing something, can you not create a second user for the SSH process, keeping your main user for KDE etc cleanly separate?
I'd really strongly recommend trying to "split" a user into multiple purposes/security groups with differing passwords for each!
You can use authorized_keys to restrict the SSH commands available, and/or sudo...
Update: Some expansion on the subject as requested by the OP
You can limit commands available via SSH by using ~/.ssh/authorised_keys file - see O'Reilly for a good explanation.
I'm was solved this case applying a single rule here. On SSH service i'm was locked access of my user 'carlos --> sudoers' and enable access only for a user called 'padrao' (padrao translated to english is 'default').
This user 'padrao' doesn't have sudoers permissions. If i needed access with SSH my machine i'm do:
ssh padrao#my.intranet.machine
password: ***
$ su carlos
password: ***
This is not the best way to solve, but solved my problem here.
Thanks.
It's strange, but i've searched around for this source of configuration but couldnt find it out.
Im currently using opensuse 11.3 with postgresql 9.
Every postgresql command line that i issue will ask the current user password, like psql, createdb, dropdb, and i have to enter the password of the current user (which is postgres) to make it work.
Doing dropdb xxx && createdb xxx will ask the password twice.
Please show me the light !
Thank you :-)
EDIT
Actually im already running as a postgres user (a user in my linux), so i can psql without supplying the database password, but i still have to supply the password for the system user postgres.
So if the database has a user of dbuser, and im running psql as the postgres (linux user), a password for the linux user (postgres) will be asked, not the dbuser password.
You can create a ~/.pgpass file (%APPDATA%\postgresql\pgpass.conf on Windows) with a line in the following format:
hostname:port:database:username:password
See the documentation for details.
If you're on opensuse you should be able to create a .pgpass file by running:
echo "hostname:port:database:username:password" > ~/.pgpass
chmod 0600 ~/.pgpass
With all of the correct information of course.
if you have a .pgpass file setup to allow a certain user access to a certain database (let's call it "myprojectdb"), recall that creatdb and dropdb aren't really acting on "myprojectdb" despite the fact that you may be asking them to create and drop that db.
You'll most likely want to add postgres' internal tables to your pgpass permissions (postgres / templates). Also don't forget to add the --no-password option on both createdb and dropdb to ignore interactive prompts (note this will only work if the user specified with the -U option can modify the internal postgres tables)