recovery can't work as described because of ssh keys issue

[agaldemas]

Hello,

I discover while trying recovery process (step 4), described in doc/RECOVERY.md, that the ssh connection from barman container can't work as written, because the ssh keys are not properly deployed for the root user, so the command "ssh pgmaster" ask for a password. to fix this issue, I modified /src/ssh/entrypoint.sh to add 2 lines:

cp -r  /home/postgres/.ssh /root/.
chmod 755 /root/.ssh/*

after the line: cat /home/postgres/.ssh/id_rsa.pub >> /home/postgres/.ssh/authorized_keys and to be able to connect to pgmaster I use in remote-ssh-command ssh -i /home/postgres/.ssh/id_rsa pgmaster to be able to use the barman recover command.

the step 5 doesn't work: psql -U monkey_user monkey_db -c "SELECT * from t" => you should tell to test on an existing table, or specify it's a table created during barman-simple-backup test ! psql -U postgres -c "SELECT pg_xlog_replay_resume()" => this is not ok when using postgres 10, the function have changed name: psql -U postgres -c "SELECT pg_wal_replay_resume()

Hope this will help

[S3RK]

As far as I remember the keys are for postgres user which is used by barman

https://github.com/paunin/PostDock/blob/982fbd1af1e80be2107a8d46c3f5a530cc392dc9/src/ssh/entrypoint.sh#L5 https://github.com/paunin/PostDock/blob/982fbd1af1e80be2107a8d46c3f5a530cc392dc9/src/barman/configs/barman.conf#L2

Did you change the user for barman?

[agaldemas]

No, but when you connect to container you are "root", so the barman command given in RECOVERY.md doesn't work because of the ssh command "ssh pgmaster" ! I've tried "su - postgres" but still no way to connect with "ssh pgmaster" asking for password, the only solution if found was to copy keys stuff for root user and adjust the permissions.

[paunin]

Ssh issue was resolved by fixing HOME directory See the test