sarroutbi
commented
1 year ago Can you please execute next command and paste output?:
Open nemihome opened 1 year ago
sarroutbi
commented
1 year ago Can you please execute next command and paste output?:
nemihome
commented
1 year ago % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 curl: (56) Recv failure: Connection reset by peer
It's the same on two different servers running with ubuntu 22.04
sarroutbi
commented
1 year ago Sorry, I can not figure out what the problem is.
Which clevis version are you using? How did you change port number where clevis is reading? Did you try with other port?
I will try to reproduce this and if I come to a conclusion, I will let you know
nemihome
commented
1 year ago I changed the port via /etc/systemd/system/tangd.socket.d/override.conf
[Socket] ListenStream= ListenStream=7500
I have tried different ports now. After that the error message is different. Now the message is as following; url: (7) Failed to connect to vpsmail.de port 7500 after 5 ms: Connection refused url: (7) Failed to connect to vpsmail.de port 7300 after 5 ms: Connection refused url: (7) Failed to connect to vpsmail.de port 7200 after 5 ms: Connection refused I checked with systemctl show tangd.socket -p Listen if tang is listening to the port and this show 7500, 7300 and 7200
How can I see the clevis version? With apt-show-versions clevis I'm getting 18-1ubuntu1
sergio-correia
commented
1 year ago Please, post the output of systemctl status tangd.socket
Also, please check the permissions in /var/lib/tang: ls -ld /var/lib/tang/
nemihome
commented
1 year ago systemctl status tangd.socket ● tangd.socket - Tang Server socket Loaded: loaded (/lib/systemd/system/tangd.socket; enabled; vendor preset: enabled) Drop-In: /etc/systemd/system/tangd.socket.d └─override.conf Active: active (listening) since Sun 2022-11-13 09:46:12 CET; 3 days ago Listen: [::]:7500 (Stream) Accepted: 10; Connected: 0; Tasks: 0 (limit: 4625) Memory: 0B CPU: 12ms CGroup: /system.slice/tangd.socket
Notice: journal has been rotated since unit was started, output may be incomplete.
ls -ld /var/lib/tang/ drwxr-xr-x 1 _tang _tang 0 Nov 13 09:31 /var/lib/tang/
nemihome
commented
1 year ago The accepted connections did count up as I had the old error curl: (56) Recv failure: Connection reset by peer. Since I changed the port and switched back it does not count up anymore.
sarroutbi
commented
1 year ago Can you execute "curl" with verbose option, to try to see if there is more info there?
curl --verbose http://localhost:7500/adv
Also, check your /etc/hosts, as it is weird that it is trying to resolve localhost to a named host:
Failed to connect to vpsmail.de port 7500
nemihome
commented
1 year ago curl --verbose http://localhost:7500/adv
Trying 127.0.0.1:7500... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Connected to localhost (127.0.0.1) port 7500 (#0)
GET /adv HTTP/1.1 Host: localhost:7500 User-Agent: curl/7.81.0 Accept: /
Recv failure: Connection reset by peer
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
sarroutbi
commented
1 year ago Sorry, I can not figure out what the issue could be .... ¿do you have firewalld running?
nemihome
commented
1 year ago Hello, firewalld is running but the effect is the same on localhost (where firewalld has no effect) or when the port is open in firewalld for runtime and permanent configuration. I would assume that a closed port in firewall would not be a connection reset instead there would be no connection at all because the port would not be accessible at al. Currently I'm running Ubuntu 22.04.2.
nemihome
commented
10 months ago Seems to be a configuration setting. I have two servers running on Ubuntu 22.04.3 which are upgraded (not sure what the install version was 18 or maybe even earlier). And I have another one also 22.04.3 which I have installed later (maybe with 20.04). On this one this message is not showing up and I'm getting the key insteat of the curl error. This seems to be a config setting not directly tang related which I have not found so far.
Output is identical apart the result: Working Tang Server A - Ubuntu 22.04.3:
curl -v http://localhost:7500/adv
GET /adv HTTP/1.1 Host: localhost:7500 User-Agent: curl/7.81.0 Accept: /
Not working Tang Server B - Ubuntu 22.04.3:
curl -v http://localhost:7500/adv
Trying 127.0.0.1:7500... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
GET /adv HTTP/1.1 Host: localhost:7500 User-Agent: curl/7.81.0 Accept: /
I have installed tang on ubuntu 22.04 LTS. I changed the port to 7500:
systemctl show tangd.socket -p Listen Listen=[::]:7500 (Stream)
tangd.socket - Tang Server socket Loaded: loaded (/lib/systemd/system/tangd.socket; enabled; vendor preset: enabled) Drop-In: /etc/systemd/system/tangd.socket.d └─port.conf Active: active (listening) since Sat 2022-11-12 21:12:47 CET; 44min ago Triggers: ● tangd@13-127.0.0.1:7500-127.0.0.1:58504.service ● tangd@12-127.0.0.1:7500-127.0.0.1:59830.service Listen: [::]:7500 (Stream) Accepted: 14; Connected: 0; Tasks: 0 (limit: 35918) Memory: 4.0K CPU: 9ms CGroup: /system.slice/tangd.socket
If I try the follwing: tang-show-keys 7500
The result is this: curl: (56) Recv failure: Connection reset by peer
I deactivated the firewall for test purposes but that makes not difference. And it should not be if this is a request on the same host.