knet-ci-bot
commented
3 years ago Can one of the admins verify this patch?
Closed watologo1 closed 3 years ago
knet-ci-bot
commented
3 years ago Can one of the admins verify this patch?
watologo1
commented
3 years ago Should be better now... ? Thanks for your quick review(s)!
oalbrigt
commented
3 years ago ok to test
oalbrigt
commented
3 years ago Looking good now. Just a bit too much cleanup, so just readd "secure" in device_opt and run make xml-check to see that it only complains about difference in description (and then run make xml-upload.
watologo1
commented
3 years ago Next round: Added secure, new xml test file, due to previous description modifs (removed ssh comments) and also added manpage to the file section this time.
oalbrigt
commented
3 years ago Nice.
I'll do some testing to find what needs changing to pass that delay-check :)
oalbrigt
commented
3 years ago You need to add "passwd" to device_opt (so you'll have to run make xml-upload again after doing so).
You can also add the "no_login", "no_password" combination if the devices support using SSH keys to login.
watologo1
commented
3 years ago Am Freitag, 25. Juni 2021, 09:37:04 CEST schrieb Oyvind Albrigtsen:
You need to add "passwd" to device_opt (so you'll have to run
make xml-uploadagain after doing so).
Ah, yes. No password option anymore.
You can also add the "no_login", "no_password" combination if the devices support using SSH keys to login.
I realized that the "secure" option implies: --ssh, --identify-file and some more.
I tried a bit, but I could not get ssh connection working (also not a native one using ssh executable).
First I run into: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1
then after adding: -oKexAlgorithms=+diffie-hellman-group1-sha1 I run into: no matching host key type found. Their offer: ssh-dss
I went the Sentry configs up and down, but I could not find anything related to ssh keys, neither in the ssh, nor in the user or whatever options.
So I would leave the "secure" option out. It can be added later if I or someone else finds out more...
Sending another version with "passwd" added...
Thanks,
Thomas
oalbrigt
commented
3 years ago Sounds good to me.
oalbrigt
commented
3 years ago LGTM. Thanks.
watologo1
commented
3 years ago LGTM. Thanks.
Thank you. This was a nice and efficient review/work. It's very much appreciated!
This fence has been found in a really old Ubuntu fence-agents version (distro precise from 2012) and was added by a separate tarball. It has been re-worked to be compatible with latest fence-agents mainline package, tested against a SENTRY power switch with firmware version 7.1a.
The original code has been written by Andres Rodriguez. Beside adding myself with a recent copyright notice reflecting my changes, the original license description on top of the sources (GPL) is untouched.
No idea why this never made it mainline, but I can confirm it convenient and working with the HW I tested against.
Main credits for the original fence development go to:
CC: Andres Rodriguez andres.rodriguez@canonical.com