SSH Connection only works with the system user #5878
philipphomberger
started this conversation in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi,
I have a default User and a Privat Key setup in the st2.conf.
If I using that User everything working fine.
But If I want to change the User in the Action GUI or with the cli because for some other application I have other User with the same Privat Key in that case.
Than the connection is failing because the Key have not exact the right length.
See it with the cli:
[eco_adm@cg3d383c911-groot-s301 ~]$ st2 run core.remote cmd=whoami hosts=cg3-mstr-e601.sys.schwarz username=eco_adm private_key=/home/eco_adm/id_rsa
...
id: 63d8c49d3aae2920c58b5d58
action.ref: core.remote
context.user: hombergerp
parameters:
cmd: whoami
hosts: cg3-mstr-e601.sys.schwarz
private_key: '********'
username: eco_adm
status: succeeded
start_timestamp: Tue, 31 Jan 2023 07:34:53 UTC
end_timestamp: Tue, 31 Jan 2023 07:34:57 UTC
result:
cg3-mstr-e601.sys.schwarz:
failed: false
return_code: 0
stderr: ''
stdout: eco_adm
succeeded: true
[eco_adm@cg3d383c911-groot-s301 ~]$ st2 run core.remote cmd=whoami hosts=cg3-mstr-e601.sys.schwarz username=mstr_adm private_key=/home/eco_adm/id_rsa
...
id: 63d8c4ba3aae2920c58b5d5b
action.ref: core.remote
context.user: hombergerp
parameters:
cmd: whoami
hosts: cg3-mstr-e601.sys.schwarz
private_key: '********'
username: mstr_adm
status: failed
start_timestamp: Tue, 31 Jan 2023 07:35:22 UTC
end_timestamp: Tue, 31 Jan 2023 07:35:26 UTC
result:
error: "Unable to connect to any one of the hosts: ['cg3-mstr-e601.sys.schwarz'].
connect_errors={
"cg3-mstr-e601.sys.schwarz": {
"failed": true,
"succeeded": false,
"timeout": false,
"return_code": 255,
"stdout": "",
"stderr": "",
"error": "Failed connecting to host cg3-mstr-e601.sys.schwarz. q must be exactly 160, 224, or 256 bits long",
"traceback": "Traceback (most recent call last):
File "/opt/stackstorm/st2/lib/python3.8/site-packages/st2common/runners/parallel_ssh.py", line 278, in _connect
client.connect()
File "/opt/stackstorm/st2/lib/python3.8/site-packages/st2common/runners/paramiko_ssh.py", line 171, in connect
self.client = self._connect(host=self.hostname, socket=self.bastion_socket)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/st2common/runners/paramiko_ssh.py", line 787, in _connect
client.connect(**conninfo)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/paramiko/client.py", line 435, in connect
self._auth(
File "/opt/stackstorm/st2/lib/python3.8/site-packages/paramiko/client.py", line 682, in _auth
self._transport.auth_publickey(username, key)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/paramiko/transport.py", line 1634, in auth_publickey
return self.auth_handler.wait_for_response(my_event)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/paramiko/auth_handler.py", line 244, in wait_for_response
raise e
File "/opt/stackstorm/st2/lib/python3.8/site-packages/paramiko/transport.py", line 2163, in run
handler(self.auth_handler, m)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/paramiko/auth_handler.py", line 375, in _parse_service_accept
sig = self.private_key.sign_ssh_data(blob, algorithm)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/paramiko/dsskey.py", line 109, in sign_ssh_data
key = dsa.DSAPrivateNumbers(
File "/opt/stackstorm/st2/lib/python3.8/site-packages/cryptography/hazmat/primitives/asymmetric/dsa.py", line 244, in private_key
return backend.load_dsa_private_numbers(self)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 826, in load_dsa_private_numbers
dsa._check_dsa_private_numbers(numbers)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/cryptography/hazmat/primitives/asymmetric/dsa.py", line 282, in _check_dsa_private_numbers
_check_dsa_parameters(parameters)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/cryptography/hazmat/primitives/asymmetric/dsa.py", line 274, in _check_dsa_parameters
raise ValueError("q must be exactly 160, 224, or 256 bits long")
ValueError: q must be exactly 160, 224, or 256 bits long
"
}
}"
traceback: " File "/opt/stackstorm/st2/lib/python3.8/site-packages/st2actions/container/base.py", line 117, in _do_run
runner.pre_run()
File "/opt/stackstorm/st2/lib/python3.8/site-packages/st2common/runners/paramiko_ssh_runner.py", line 206, in pre_run
self._parallel_ssh_client = ParallelSSHClient(**client_kwargs)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/st2common/runners/parallel_ssh.py", line 90, in init
connect_results = self.connect(raise_on_any_error=raise_on_any_error)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/st2common/runners/parallel_ssh.py", line 131, in connect
raise NoHostsConnectedToException(msg)
"
The User eco_adm is the default user. Is a System User on the Server too.
The Other mstr_adm is the application user of the target Server not exist on the stackstorm application server.
Than I trying it with SSH from Server to Server everything is working fine too. But not in Stackstorm.
Any Idea?
STACKSTORM VERSION
Paste the output of st2 --version:
st2 --version
st2 3.8.0, on Python 3.8.13
OS, environment, install method
RHEL 8.6
Beta Was this translation helpful? Give feedback.
All reactions