I recopied the authorized keys from the engine host, did restorecon -RFv /root, and chmod 644 on .ssh. I’ll try it again.

 

Eric Evans

Digital Data Services LLC.

304.660.9080

 

From: Maton, Brett <matonb@ltresources.co.uk>
Sent: Saturday, March 14, 2020 7:44 AM
To: eevans@digitaldatatechs.com
Cc: Strahil Nikolov <hunter86_bg@yahoo.com>; Ovirt Users <users@ovirt.org>
Subject: [ovirt-users] Re: upgrade from 4.38 to 4.39

 

I think all you need on the inaccessible host is

/root/.ssh/authorized_keys

copied from a working host (with the same ownership, permissions and SELinux context)

 

On Sat, 14 Mar 2020 at 11:15, <eevans@digitaldatatechs.com> wrote:

It worked with the password.
I recopied the authorized keys and ssh keys from engine host to it and copied it's keys back.
What do I need to look at to prevent this in the future?

Eric Evans
Digital Data Services LLC.
304.660.9080


-----Original Message-----
From: Strahil Nikolov <hunter86_bg@yahoo.com>
Sent: Saturday, March 14, 2020 5:24 AM
To: users@ovirt.org; eevans@digitaldatatechs.com
Subject: [ovirt-users] Re: upgrade from 4.38 to 4.39

On March 14, 2020 1:34:46 AM GMT+02:00, eevans@digitaldatatechs.com wrote:
>This is from the secure log, /var/log/secure
>
>Mar 13 19:23:17 kvm01 sshd[46045]: Accepted publickey for root from
>192.168.254.240 port 39668 ssh2: RSA
>SHA256:FobQnekaxOaUQ75xNh1OuZg5orcGbw+BgLDtr+el5VY
>Mar 13 19:23:18 kvm01 sshd[46045]: pam_unix(sshd:session): session
>opened for user root by (uid=0) Mar 13 19:24:14 kvm01 sshd[46207]:
>Connection closed by 192.168.254.240 port 39760 [preauth] Mar 13
>19:24:23 kvm01 sudo: pam_unix(sudo:session): session opened for user
>root by root(uid=0) Mar 13 19:24:23 kvm01 sudo: pam_unix(sudo:session):
>session closed for user root Mar 13 19:24:24 kvm01 sudo:
>pam_unix(sudo:session): session opened for user root by root(uid=0) Mar
>13 19:24:24 kvm01 sudo: pam_unix(sudo:session): session closed for user
>root Mar 13 19:26:08 kvm01 sshd[46368]: Connection closed by
>192.168.254.240 port 39894 [preauth] Mar 13 19:26:15 kvm01 sudo:
>pam_unix(sudo:session): session opened for user root by root(uid=0) Mar
>13 19:26:15 kvm01 sudo: pam_unix(sudo:session): session closed for user
>root Mar 13 19:26:15 kvm01 sudo: pam_unix(sudo:session): session opened
>for user root by root(uid=0) Mar 13 19:26:15 kvm01 sudo:
>pam_unix(sudo:session): session closed for user root Mar 13 19:29:06
>kvm01 cockpit-session: pam_unix(cockpit:session):
>session closed for user root
>Mar 13 19:32:14 kvm01 sshd[46840]: Connection closed by 192.168.254.240
>port 40368 [preauth] Mar 13 19:32:23 kvm01 sshd[46851]: Connection
>closed by 192.168.254.240 port 40382 [preauth] Mar 13 19:32:31 kvm01
>sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
>Mar 13 19:32:31 kvm01 sudo: pam_unix(sudo:session): session closed for
>user root Mar 13 19:32:31 kvm01 sudo: pam_unix(sudo:session): session
>opened for user root by (uid=0) Mar 13 19:32:31 kvm01 sudo:
>pam_unix(sudo:session): session closed for user root Mar 13 19:32:32
>kvm01 sudo: pam_unix(sudo:session): session opened for user root by
>(uid=0) Mar 13 19:32:32 kvm01 sudo: pam_unix(sudo:session): session
>closed for user root Mar 13 19:32:34 kvm01 sudo:
>pam_unix(sudo:session): session opened for user root by (uid=0) Mar 13
>19:32:34 kvm01 sudo: pam_unix(sudo:session): session closed for user
>root Mar 13 19:32:34 kvm01 sudo: pam_unix(sudo:session): session opened
>for user root by (uid=0) Mar 13 19:32:34 kvm01 sudo:
>pam_unix(sudo:session): session closed for user root Mar 13 19:32:34
>kvm01 sudo: pam_unix(sudo:session): session opened for user root by
>(uid=0) Mar 13 19:32:35 kvm01 sudo: pam_unix(sudo:session): session
>closed for user root Mar 13 19:32:35 kvm01 sudo:
>pam_unix(sudo:session): session opened for user root by (uid=0) Mar 13
>19:32:35 kvm01 sudo: pam_unix(sudo:session): session closed for user
>root Mar 13 19:32:36 kvm01 sudo: pam_unix(sudo:session): session opened
>for user root by (uid=0) Mar 13 19:32:36 kvm01 sudo:
>pam_unix(sudo:session): session closed for user root Mar 13 19:32:36
>kvm01 sudo: pam_unix(sudo:session): session opened for user root by
>(uid=0) Mar 13 19:32:36 kvm01 sudo: pam_unix(sudo:session): session
>closed for user root Mar 13 19:32:36 kvm01 sudo:
>pam_unix(sudo:session): session opened for user root by (uid=0) Mar 13
>19:32:37 kvm01 sudo: pam_unix(sudo:session): session closed for user
>root Mar 13 19:32:38 kvm01 sudo: pam_unix(sudo:session): session opened
>for user root by (uid=0) Mar 13 19:32:38 kvm01 sudo:
>pam_unix(sudo:session): session closed for user root Mar 13 19:32:38
>kvm01 sudo: pam_unix(sudo:session): session opened for user root by
>(uid=0) Mar 13 19:32:38 kvm01 sudo: pam_unix(sudo:session): session
>closed for user root Mar 13 19:32:39 kvm01 sudo:
>pam_unix(sudo:session): session opened for user root by (uid=0) Mar 13
>19:32:39 kvm01 sudo: pam_unix(sudo:session): session closed for user
>root Mar 13 19:32:39 kvm01 sudo: pam_unix(sudo:session): session opened
>for user root by (uid=0) Mar 13 19:32:39 kvm01 sudo:
>pam_unix(sudo:session): session closed for user root Mar 13 19:32:39
>kvm01 sudo: pam_unix(sudo:session): session opened for user root by
>(uid=0) Mar 13 19:32:40 kvm01 sudo: pam_unix(sudo:session): session
>closed for user root Mar 13 19:32:40 kvm01 sudo:
>pam_unix(sudo:session): session opened for user root by (uid=0) Mar 13
>19:32:40 kvm01 sudo: pam_unix(sudo:session): session closed for user
>root Mar 13 19:32:40 kvm01 sudo: pam_unix(sudo:session): session opened
>for user root by (uid=0) Mar 13 19:32:40 kvm01 sudo:
>pam_unix(sudo:session): session closed for user root Mar 13 19:32:40
>kvm01 sudo: pam_unix(sudo:session): session opened for user root by
>(uid=0) Mar 13 19:32:40 kvm01 sudo: pam_unix(sudo:session): session
>opened for user root by (uid=0) Mar 13 19:32:40 kvm01 sudo:
>pam_unix(sudo:session): session closed for user root Mar 13 19:32:40
>kvm01 sudo: pam_unix(sudo:session): session closed for user root Mar 13
>19:32:40 kvm01 sudo: pam_unix(sudo:session): session opened for user
>root by (uid=0) Mar 13 19:32:41 kvm01 sudo: pam_unix(sudo:session):
>session closed for user root Mar 13 19:32:41 kvm01 sudo:
>pam_unix(sudo:session): session opened for user root by (uid=0) Mar 13
>19:32:41 kvm01 sudo: pam_unix(sudo:session): session closed for user
>root
>
>Maybe an issuewith sudo? It should be installing as root, right?
>
>Eric Evans
>Digital Data Services LLC.
>304.660.9080
>
>
>-----Original Message-----
>From: eevans@digitaldatatechs.com <eevans@digitaldatatechs.com>
>Sent: Friday, March 13, 2020 2:10 PM
>To: 'Strahil Nikolov' <hunter86_bg@yahoo.com>; 'users@ovirt.org'
><users@ovirt.org>
>Subject: RE: [ovirt-users] Re: upgrade from 4.38 to 4.39
>
>When I try the reinstall it fails with this in events on the web
>interface:
>
>Host kvm01 installation failed. SSH authentication to
>'root@kvm01.digitaldatatechs.com' failed. Please verify provided
>credentials. Make sure key is authorized at host.
>
>I can ssh into the host from the engine host with no password and no
>problem.
>I will dig deeper until I hear from you.
>Thanks.
>
>Eric Evans
>Digital Data Services LLC.
>304.660.9080
>
>
>-----Original Message-----
>From: eevans@digitaldatatechs.com <eevans@digitaldatatechs.com>
>Sent: Friday, March 13, 2020 1:15 PM
>To: 'Strahil Nikolov' <hunter86_bg@yahoo.com>; 'users@ovirt.org'
><users@ovirt.org>
>Subject: RE: [ovirt-users] Re: upgrade from 4.38 to 4.39
>
>I'll try that and let you know.
>Thank you.
>
>Eric Evans
>Digital Data Services LLC.
>304.660.9080
>
>
>-----Original Message-----
>From: Strahil Nikolov <hunter86_bg@yahoo.com>
>Sent: Friday, March 13, 2020 12:54 AM
>To: eevans@digitaldatatechs.com; users@ovirt.org
>Subject: [ovirt-users] Re: upgrade from 4.38 to 4.39
>
>On March 10, 2020 5:33:18 PM GMT+02:00, eevans@digitaldatatechs.com
>wrote:
>>
>>
>>Since the upgrade, for some reason I get this message when checking
>for
>>upgrade on one host:
>>
>>Failed to check for available updates on host kvm01 with message
>>'Failed to run check-update of host 'kvm01.digitaldatatechs.com'.
>>Error: fatal:
>>[kvm01.digitaldatatechs.com]: FAILED! => {"changed": false, "msg":
>>"Failed
>>to connect to the host via ssh: Permission denied
>>(publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable":
>>true}
>>
>>
>>
>>I can ssh into the server from the ovirt server and re-copied the ssh
>>keys and authorized keys but the problem persists.
>>
>>I am still unable to manually migrate but auto load balance seems to
>be
>>working again.
>>
>>
>>
>>I am attaching the engine log for your review.
>>
>>
>>
>>Thank you so much for your help.
>>
>>
>>
>>Eric Evans
>>
>>Digital Data Services LLC.
>>
>>304.660.9080
>>
>>
>>
>>
>
>Hi Eric,
>
>Can you try the following:
>1. Set the node in maintenance
>2. From the Hosts section ->  Installation -> Reinstall 3. Fill in if
>the host is hosting the HostedEngine and the rest of the wizard  4.
>Start the install 5. If it succeeds  -> remove the maintenance
>
>Best Regards,
>Strahil Nikolov
>_______________________________________________
>Users mailing list -- users@ovirt.org
>To unsubscribe send an email to users-leave@ovirt.org Privacy
>Statement: https://www.ovirt.org/privacy-policy.html
>oVirt Code of Conduct:
>https://www.ovirt.org/community/about/community-guidelines/
>List Archives:
>https://lists.ovirt.org/archives/list/users@ovirt.org/message/DXHNAGGS4
>PIDSF5HEJN3LJMBKNWX3PNU/
>_______________________________________________
>Users mailing list -- users@ovirt.org
>To unsubscribe send an email to users-leave@ovirt.org Privacy
>Statement: https://www.ovirt.org/privacy-policy.html
>oVirt Code of Conduct:
>https://www.ovirt.org/community/about/community-guidelines/
>List Archives:
>https://lists.ovirt.org/archives/list/users@ovirt.org/message/AZETVUP4O
>7PXJVM6Y4A64LQN444HAI37/

Try  reinstalling by providing the root user's password.

Best Regards,
Strahil Nikolov
_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-leave@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/VSF5T3EF3Q6RBTBDHXSZUCM27DUUT5CH/
_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-leave@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/Z7CNSV3XJEORNA5TXJWWGKPSUKJSXMG6/