Open GoogleCodeExporter opened 8 years ago
Please configure SSH public key authentication with no passphrase.
http://code.google.com/p/mysql-master-ha/wiki/Requirements#SSH_public_key_authen
tication
Original comment by Yoshinor...@gmail.com
on 5 Jan 2012 at 12:43
Hi, there isn't passphrase.
And a command line test rocks !
Have you see this error ? : [error][/usr/local/share/perl5/MHA/SSHCheck.pm,
ln63]
Original comment by cedric.p...@gmail.com
on 5 Jan 2012 at 8:49
Did no-passphrase ssh connection succeed from node1 to node2?
Original comment by Yoshinor...@gmail.com
on 5 Jan 2012 at 1:59
Yes, it did !
Original comment by cedric.p...@gmail.com
on 5 Jan 2012 at 9:57
I ran into this issue too when running the manager on the node2 of a 2 node
demo cluster; it totally did not occur to me that I'd also need to setup public
key authentication to/from local host of the second node.
Self referential, but necessary!
Example:
root@10.0.1.36:/# ssh-copy-id root@10.0.1.36
It's not a bug/defect in my book. -Simply addressing the potential for
confusion in tutorial may be enough.
Thanks for building this!
A
Original comment by estrov...@gmail.com
on 7 Mar 2012 at 11:40
@Cédric: You have to setup public key authentication from the MHA Manager to
every MySQL servers first and from the each MySQL server to the remaining (not
includes MHA Manager if it is separated server).
For example: assuming that you have a pair Master (server1), Slave (server2)
and MHA Manager is installed on another machine (server3). Make sure that you
can ssh without password prompting:
- from server3 to server1
- from server3 to server2
- from server1 to server2
- from server2 to server1
Original comment by quanta.l...@gmail.com
on 12 Apr 2012 at 10:30
No more problem since 0.53
Original comment by cedric.p...@gmail.com
on 25 Apr 2012 at 10:24
I have a three-node cluster, Ubuntu 12.04 in EC2, and all three nodes can SSH
to/from each other, and MHA manager can SSH to all three, but I get this error.
I'm using 0.53.
Any clues what caused this and/or how to fix it?
----------------------------------------------------------------------
ubuntu@ip-10-244-141-67:~$ masterha_manager -v
masterha_manager version 0.53.
----------------------------------------------------------------------
----------------------------------------------------------------------
Mon Aug 27 19:00:52 2012 - [info] Starting SSH connection tests..
Mon Aug 27 19:00:54 2012 - [error][/usr/share/perl5/MHA/SSHCheck.pm, ln63]
Mon Aug 27 19:00:52 2012 - [debug] Connecting via SSH from
ubuntu@10.248.86.135(10.248.86.135:22) to
ubuntu@10.248.109.158(10.248.109.158:22)..
Permission denied (publickey).
Mon Aug 27 19:00:54 2012 - [error][/usr/share/perl5/MHA/SSHCheck.pm, ln107] SSH
connection from ubuntu@10.248.86.135(10.248.86.135:22) to
ubuntu@10.248.109.158(10.248.109.158:22) failed!
Mon Aug 27 19:00:55 2012 - [error][/usr/share/perl5/MHA/SSHCheck.pm, ln63]
----------------------------------------------------------------------
----------------------------------------------------------------------
ubuntu@ip-10-248-86-135:~$ ssh ubuntu@10.248.109.158
Welcome to Ubuntu 12.04 LTS (GNU/Linux 3.2.0-25-virtual x86_64)
...[other successful login text snipped]...
ubuntu@ip-10-248-109-158:~$
----------------------------------------------------------------------
Original comment by timeless...@gmail.com
on 27 Aug 2012 at 7:04
Sorry to post comments so quick in succession, but I have an interesting
development. It looks like it has something to do with SSH key-pair management,
though I haven't yet figured out why. Look at this. The machine where I'm
running this is the MHA manager:
-----------------------------------------------------------------------------
ubuntu@ip-10-244-141-67:~$ ssh ubuntu@10.248.86.135 "ssh ubuntu@10.248.109.158
'ls'"
Permission denied (publickey).
ubuntu@ip-10-244-141-67:~$ ssh ubuntu@10.248.86.135 "ssh -i
~/.ssh/mha-ubuntu-keypair ubuntu@10.248.109.158 'ifconfig | grep addr:'"
inet addr:10.248.109.158 Bcast:10.248.109.191 Mask:255.255.255.192
inet6 addr: fe80::2000:aff:fef8:6d9e/64 Scope:Link
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
-----------------------------------------------------------------------------
So if I, on the MHA node, specify the private key file, then I can succeed on
this check, but if I don't specify it, it doesn't know the keypair to use. I
assume this is because it's trying for a default "id_dsa" rather than the
unusually-named SSH keypair.
I tested this theory, by linking the SSH privkey on all hosts:
-----------------------------------------------------------------------------
ubuntu@ip-10-248-86-135:~/.ssh$ ln -s mha-ubuntu-keypair id_dsa
-----------------------------------------------------------------------------
And sure enough!
-----------------------------------------------------------------------------
ubuntu@ip-10-244-141-67:~$ masterha_check_ssh
--conf=/etc/mha/palominoClusterTool.cnf
...[bunch of successful output]...
Mon Aug 27 19:11:16 2012 - [info] All SSH connection tests passed successfully.
-----------------------------------------------------------------------------
Original comment by timeless...@gmail.com
on 27 Aug 2012 at 7:13
Can anybody let me know what is the solution of above problem as i am also
getting same issue while connecting with masterha_check_ssh while it's
connecting via command line directoly but not with the utility.
Original comment by yogeshba...@gmail.com
on 1 Jan 2013 at 5:27
Using sudo user or root? if using sudo user, please ssh-keygen -t rsa and build
ssh connection under sudo user then
sudo su -
to root user and build ssh again, then everything work fine.
Original comment by gb.oldga...@gmail.com
on 2 Mar 2015 at 10:32
For whatever reason timeless' solution didn't work for me. What did was
actually modifying the ssh call in SSHCheck.pm and passing it: -i
~$src->{ssh_user}/.ssh/id_rsa or whatever the location of your private key is.
Original comment by ste...@shots.com
on 9 Mar 2016 at 5:52
Yes, changing SSHCheck.pm to specify the private key file seems a great
solution to me, in retrospect.
Original comment by timeless...@gmail.com
on 9 Mar 2016 at 6:18
Original issue reported on code.google.com by
cedric.p...@gmail.com
on 4 Jan 2012 at 3:58