xcat-core icon indicating copy to clipboard operation
xcat-core copied to clipboard

Published 20 hours ago verified publisher icon xcat2

2.16.4: accessing installer via ssh don't work

Open wrussian opened this issue 3 years ago • 2 comments

I'm running 2.16.4 on the MN and tried to debug an installation problem for sles15.3 (#7232) using xcatdebugmode=2 and the ssh login as described here : https://xcat-docs.readthedocs.io/en/stable/troubleshooting/os_installation/ssh_enable.html?highlight=sles%20debug%20installation

The root entry in passwd table exist: [root@vlxmn01 ~]# tabdump passwd #key,username,password,cryptmethod,authdomain,comments,disable "omapi","xcat_key","YYYYYYYYYYYYYYYYYYYYYYYYYYYYYY",,,, "system","root","ZZZZZZZZZZZZZZZZZZZZZZ",,,,

and the installation stops as described in the documentation listed above, but the password doesn't work. The password inside the passwd - table has been generated with help of keepass, contains upper/lower, digits and special characters (lenght 15) What is strange that the installation process indicates a BAD password (see attached png) and I can't login with the password stored in the passwd table. sles-debugLevel2-installation

I also changed the password in the autoyast file /install/autoinstall/<nodeName> in the user_password - attribute manually using openssl passwd -1 for encryptions with true and in cleartext with false but I still can't login to the node via ssh -X root@<nodeName>.mps.mpg.de The node is pingable and ssh seems to be operational as I get an login prompt and an error message form sshd after 4 failed login attempts.

I don't have an idea which password is used for session. Any advice would extremely helpful, as I'm stucked with my planned update related to #7232. Many thanks in advance.

wrussian avatar Aug 12 '22 07:08 wrussian

Sorry there's format error because of the ankle brackets in the autoyast element cited above (I hope it works now). The first one should reads as " < encrypted config:type="boolean">true " and the second on as " < encrypted config:type="boolean">false "

I forgot to mention that the MN is running OS version RH7

wrussian avatar Aug 12 '22 07:08 wrussian

I found a solution here: https://www.microfocus.com/documentation/open-enterprise-server/2018-SP3/pdfdoc/mgmt_bp_guide_lx/mgmt_bp_guide_lx.pdf page 64. aka use chdef -t node -o <nodeNAME addkcmdline="ssh=1 sshpassword=hurz123" (+ evtl. other options)

The installer will still complain about the bad password, but login will work with the password specified. I think it would be great if the described mechanism would be operational (using the root passwd from passwd table). Otherwise a correction inside of the xCAT docu would be helpful.

wrussian avatar Aug 12 '22 08:08 wrussian