Having an issue when executing 'knife ssh' command.
I've configured properly the SSH keys for remote connection so that seems to work fine when trying to connect manually doing: ssh root#myhost.domain.com cause it automatically gives me access to myhost.domain.com without request for a password.
After that, I tried to run the following knife command to execute a recipe in my remote machine but I'm getting this error:
# knife ssh -C 1 "tags:amx_host AND chef_environment:dev" "chef-client -o recipe[amx]" -i root_dev -x root
WARNING: Failed to connect to myhost.domain.com -- Net::SSH::AuthenticationFailed: Authentication failed for user root#myhost.domain.com#myhost.domain.com
Seems like knife is identifying an invalid user name root#myhost.domain.com which should be just root instead.
Please, does anyone have any clues on how can I avoid this error or why SSH is taking a wrong user: root#myhost.domain.com instead of just root?
Typo issue: was taking a non-existing identity key file: root-dev for the remote connection
Related
I followed this link https://docs.gitlab.com/ee/ci/ssh_keys/README.html#ssh-keys-when-using-the-shell-executor to install SSH key using shell executor.
all the steps were running fine but at the final step when I tried to log in to the remote server in order to accept the fingerprint
by this script ssh gitlab-runner#myserver.com
I receive the following error
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
I added the ssh public key in settings >> sshkey
also add it into variables as SSH_KNOWN_HOSTS
I couldnt find what is the issue , could you help me , thanks
Try a ssh -Tv gitlab-runner#myserver.com in order to check which exact key and paths are considered when trying to read the remote server.
That will give you a clue why the connection fails, when you compare those paths with the ones set up when you inject an SSH key into your build environment by extending your .gitlab-ci.yml.
I am trying to set up a simple CI/CD Pipeline for my app with Jenkins but am having difficulty logging into my node app's server as a root user following the instructions provided.
I am following this article.
Here's a link to an image for where I'm getting hung up.
Here's what I've tried in my terminal:
Entering ssh root#NODE.SERVER.IP verbatim into the terminal. (received response: ssh: Could not resolve hostname node.server.ip: nodename nor servname provided, or not known)
Entering ssh root#172.20.20.20 the terminal seems to become unresponsive to the following commands i.e. (adduser <lastname>)
When I login to the server, but 22 is already open for all upcoming connections still getting error as below,
ssh Server_Name
ssh: connect to host Server-IP port 22: Connection refused
I misleadingly change the the owner of the system and change root privileges with jenkins. So, right now I could not able to log into the system and port 22 is closed it's throwing the error.
I understood the error issue occurred because of wrong fstab file and wrong editing to sshd conf(Not sure). And, the directory of authorized_keys been messed up. I tried this solution but not working
I tried accessing via public DNS, via private IP address, detaching and re-attaching volumes driver after attaching it to other instance(but, once I attached to it, I could not able to ssh into that instance), etc. but no luck. Also, tried login with Jenkins user still not working. But, jenkins is still running fine on the server and I could access the Jenkins Dashboard and run the shell onto my instance. But, if I try any sudo command, it shows sudo: effective uid is not 0, is sudo installed setuid root?
Build step 'Execute shell' marked build as failure
Questions
Is there any way to get back my instance port 22 running fine as before ?
Is there a way I can run the sudo commands using Jenkins user by creating the job(By running the shell) inside Jenkins ?
I could trace on the IP which clearly shows port 22 is closed and I could not do anything because of it. Thanks in advance.
I am getting below error while installing BigInsight in my Linux machine (RedHat 6.6). Kindly help me how to resolve this.
[ERROR] Prerequisite check - Failed to use given credentials to access nodes.Either provide root password during add node or make sure BI admin user exists on new nodes and passwordless ssh is setup from management node to new nodes that are being added. Please revisit Secure Shell page from installer UI or SSH section in response file to make sure all prerequisites are satisfied, then re-run the command.
Execute the following as root on the server and rerun
ssh-keygen -t rsa ( leave blanks at all prompts )
cat /root/.ssh/*.pub >> /root/.ssh/authorized_keys
then try root#localhost , this should not ask you for a password.
I am trying to connect to a new user account I created via SSH with the command
useradd -s /bin/false -d /home/username james
I added/edited the password via SSH with the command
passwd james
When trying to connect to my server using this user and pass via FileZilla I get the following error messages.
Response: 331 User James OK. Password required
Command: PASS *****
Response: 530 Login authentication failed
Error: Critical error
Error: Could not connect to server
When I try to login with this user/pass through SFTP I get the following error messages
Status: Connected to domain.com
Error: Connection closed by server with exitcode 1
Error: Could not connect to server
Either way it seems it doesn't allow me to use this newuser anywhere.
My server details
Linux 2.6.18-308.11.1.el5 GNU/Linux
(Red Hat 4.1.2-52)
Centos
Regarding FTP, the FTP server commonly used on Linux systems requires users to have a shell that's listed in the file /etc/shells. For example, this online ftpd man page says that, among other things, "The user must have a standard shell returned by getusershell(3).". The page for getusershell() shows that it reads shells from /etc/shells.
You could probably make FTP work adding /bin/false to /etc/shells. Your Linux system might have a more suitable shell available, like /usr/sbin/nologin.
Regarding SFTP, the ssh server normally provides SFTP service by by invoking a program called sftp-server. If you examine the server's sshd_config file, you'll probably find a line like this:
Subsystem sftp /usr/lib/openssh/sftp-server
sshd runs the subsystem program as a shell command, using the user's shell. If you set the user's shell to /bin/false, then sshd ends up running the command:
/bin/false -c /usr/lib/openssh/sftp-server
/bin/false ignores its command-line arguments and exits with code 1, so the SFTP client's session drops immediately after it starts.
sshd has an internal SFTP server component that can be used instead of the external program. The usual way of limiting SSH access to SFTP for some users is to set up a Match group within sshd_config, forcing the internal-sftp command for certain classes of users. Here are a couple examples of that:
http://en.wikibooks.org/wiki/OpenSSH/Cookbook/SFTP#SFTP-only_Accounts
https://serverfault.com/questions/354615/allow-sftp-but-disallow-ssh
Dont use "-s /bin/false". Use "-s /sbin/nologin" instead and it should be fine.
Make sure your account password hasn't expired. Mine did, and Filezilla exited with error code 1.
After logging onto the server and updating the account password (prompted immediately after connecting), I am now able to connect with SFTP & Filezilla.
Probably is a password related issue, check account
chage -l <user>
account must not be expired.
FTP doesn't allow /usr/sbin/nologin user
Response: 220 Welcome to the Scent Library's File Service.
Command: USER ftpuser
Response: 331 Please specify the password.
Command: PASS ******
Response: 530 Login incorrect.
filezilla 530 error - but password is correct
vsftpd: 530 Login incorrect
530 Login or password incorrect!
How can I connect via FTP using FileZilla? I get a 530 error.
Response: 220 Welcome to Test FTP service.
Command: USER ftpuser
Response: 331 Please specify the password.
Command: PASS ******
Response: 530 Login incorrect.
Error: Critical error
Error: Could not connect to server
Change user's shell
usermod -s /usr/sbin/nologin username
Then edit "/etc/shells" file and add this line
/usr/sbin/nologin
In order to connect to the server using ftp, you also need to run a ftp server / service or daemon.
An example of such ftp server is "vsftpd"
After installing it, you will also need to configure it and allow anonymous ftp access or ftp access to existing users
You will find the configuration file in the path "/etc/vsftpd/vsftpd.conf"
The below link might be useful for you --
https://www.digitalocean.com/community/tutorials/how-to-set-up-vsftpd-on-centos-6--2