GateOne just scrolls that terminals are closed and doesn't load

[danodemano]

I wasn't really sure how to describe this so I shot a quick video of what it's doing: http://www.youtube.com/watch?v=VLHaIZc-bfM

I don't see anything odd in the webserver log: [I 111014 13:35:08 web:1359] 200 GET / (10.37.58.122) 6.09ms [I 111014 13:35:09 web:1359] 304 GET /static/gateone.css (10.37.58.122) 1.47ms [I 111014 13:35:09 web:1359] 304 GET /static/help/help.js (10.37.58.122) 1.13ms [I 111014 13:35:09 web:1359] 200 GET /static/gateone.js (10.37.58.122) 20.68ms [I 111014 13:35:09 web:1359] 304 GET /static/bookmarks/bookmarks.js (10.37.58.122) 0.76ms [I 111014 13:35:09 gateone:371] WebSocket closed (%anonymous) [I 111014 13:35:09 web:1359] 304 GET /static/logging/logging.js (10.37.58.122) 1.13ms [I 111014 13:35:09 web:1359] 304 GET /static/playback/playback.js (10.37.58.122) 1.11ms [I 111014 13:35:09 web:1359] 304 GET /static/ssh/ssh.js (10.37.58.122) 1.13ms [I 111014 13:35:09 web:1359] 200 GET /favicon.ico (10.37.58.122) 1.35ms [I 111014 13:35:09 web:1359] 304 GET /style?scheme=black&container=gateone&prefix=go_ (10.37.58.122) 26.80ms [I 111014 13:35:09 web:1359] 200 GET /static/go_process.js (10.37.58.122) 1.35ms [I 111014 13:35:10 web:1359] 304 GET /static/dejavusansmono-webfont.woff (10.37.58.122) 1.07ms [I 111014 13:35:10 gateone:339] WebSocket opened (%anonymous) [I 111014 13:35:15 gateone:865] YmRmMTY3YTE5NjIyNDVkMmJhOGFhMTcxMGZlNDQwZDUzZ received quit()... Killing termio session. [I 111014 13:35:23 gateone:371] WebSocket closed (%anonymous) [I 111014 13:35:52 gateone:1200] Caught KeyboardInterrupt. Killing sessions...

I'm running it in with debug=true on port 4433 as root also but there is no output on the command line as to any errors. I'm running Fedora 15 if that makes a difference. Where else can I look?

[Gwindalmir]

Dup of issue #4. Install dtach or set "dtach = False" in server.conf Unfortunately the log doesn't tell you that part. ;) I think he's working on better error messages.

[danodemano]

I just set dtach = False in the server.conf and it still has the same behavior.

[danodemano]

Also tried installing dtach and it's still doing the same thing.

[Gwindalmir]

Ah, then check your tornado and python version. Tornado should be 2.1 Python >= 2.6 I mentioned that log was similar when the wrong version was installed in issue #4.

[danodemano]

Python 2.7.1 Looks like Tornado 2.1.1 but I'm was a little unsure how to check this. I see this folder /usr/lib/python2.7/site-packages/tornado-2.1.1-py2.7.egg-info that was modified today and I just installed Tornado today.

[Gwindalmir]

Sounds about right. In fact those are the same versions I have. Other debugging that's help me is to disable SSL temporarily, and try turning on debug and log everything. I guess I was wrong, it's not the same as 4.

Just a quick test, you have permission to execute dtach? What user do you run gateone.py as?

[danodemano]

You mean stop the SSH service on the Fedora machine that's running gateone.py? If so that will have to wait until I am home this evening as I am using SSH currently to get to the box from work. I have debugging turned on and logging = "info" in the conf file and other than the output I gave above it hasn't given me any other log info. I am running gateone.py as root to see if I could at least get it working properly before I set up a user for it to run under.

[Gwindalmir]

I meant disable SSL in gateone. It defaults to 443, but as I also run an Apache webserver on 443, I had to change the port. Run gateone.py --disable_ssl It'll use the same port, but without SSL.

[danodemano]

Yeah I tried it both with SSL enabled and disabled. Sorry, my mind read SSH for whatever reason. I did have to change the port, I made it 4433 just to keep it easy to remember. But it has the same behavior whether or not SSL is enabled.

[liftoff]

This can be a permissions issue... However, I can tell you that it is likely that GateOne/gateone/plugins/ssh/scripts/ssh_connect.py can't run for whatever reason. Can you try running that by hand in a regular terminal (not Gate One) and see what it says? It might give us clues as to what is causing this.

You could also try telling Gate One to run a different command: "sudo ./gateone.py --command=/bin/login" would force users to login to localhost (just like it were the console). If that works then it is definitely something wrong with Gate One's ability to run ssh_connect.py (which is just a little wrapper around the regular 'ssh' command).

[danodemano]

Alright, that ran just fine. I will post what I got after this message. It only bombed because the keys didn't match which is to be expected and it's been quite a while since I SSHed into that machine and it's been blown away since.

Running GateOne with the command you gave does change the behavior but now it does almost nothing. When I open the page I just get a little black box in the middle (like this: http://i.imgur.com/E1SUo.png) then it's blank. Clicking the new terminal box causes the same behavior.

This is what I got from running ssh_connect.py:

[root@fedoraserver scripts]# python ssh_connect.py [Press Shift-F1 for help]

Host/IP or SSH URL [localhost]: 192.168.9.1 Port [22]: User: root Connecting to: ssh://root@192.168.9.1:22

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is 55:ff:ef:71:c3:df:9d:3a:ea:99:16:d6:12:ae:18:09. Please contact your system administrator. Add correct host key in /root/.ssh/known_hosts to get rid of this message. Offending key in /root/.ssh/known_hosts:5 RSA host key for 192.168.9.1 has changed and you have requested strict checking. Host key verification failed. [Press Enter to close this terminal]

[liftoff]

Every user's known_hosts file can be edited by clicking on the settings icon and then clicking the "Edit Known Hosts" button. I added it there precisely for this situation (host key changes). I plan to add line numbers in the future to make this easier but for now you'll just have to find the host key in question on your own :(

Let me know if you're still having trouble after deleting the offending key.

[danodemano]

There is nothing in the known hosts as I have never been able to get it to connect. That error was when I attempted to run the ssh_connect.py file manually as you requested. I need to edit my known_hosts file for that user to clear it, I just haven't done that.

The problem still remains that I get the scrolling "Closed Term" as specified in my first post with the video (or when running sudo ./gateone.py --command=/bin/login just the black box in the middle as per my picture). I have never even gotten a login prompt when attempting to access GateOne through my web browser.

[Gwindalmir]

@liftoff: Would ssh_connect cause the known_hosts file under the running user to be read (ie. root)? @danodemano: Did you look at the known_hosts on the machine (if you're running GateOne as root, check /root/.ssh/known_hosts)?

EDIT: Actually, looking at the message you posted, that's EXACTLY what's going on: "Add correct host key in /root/.ssh/known_hosts to get rid of this message." Just remove line 5 from that file.

I would of commented the other day, but I though you figured it out. ;)

[danodemano]

Yeah and I removed that entry for the host I was trying to connect to and I AM able to do it through ssh_connect.py but I am still having the same problems with the web interface of GateOne, the scrolling in the video or black box in the picture. I am never prompted for any server information on the web interface at all.

Here is what I get when I use ssh_connect.py in case it matters:

[root@fedoraserver scripts]# python ssh_connect.py [Press Shift-F1 for help]

Host/IP or SSH URL [localhost]: 192.168.9.1 Port [22]: User: root Connecting to: ssh://root@192.168.9.1:22

The authenticity of host '192.168.9.1 (192.168.9.1)' can't be established. RSA key fingerprint is 55:ff:ef:71:c3:df:9d:3a:ea:99:16:d6:12:ae:18:09. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.9.1' (RSA) to the list of known hosts. root@192.168.9.1's password: Permission denied, please try again. root@192.168.9.1's password: Linux untangle.12345.com 2.6.26-2-untangle-amd64 #1 SMP Thu May 12 04:20:33 PDT 2011 x86_64

Last login: Wed Aug 17 08:11:41 2011 from outbound.12345.com root@untangle# ~ # [root @ untangle]

[liftoff]

I think an explanation is in order...

When you run ssh_connect.py on the command line with no options it essentially just wraps the ssh command with no extra options other than it ignores any custom ~/.ssh/config you've got. In other words, it turns regular SSH into a wizard-like series of questions (with the option of using an ssh:// URL).

When Gate One runs ssh_connect.py, it does so with a number of options. One of those options ('-oUserKnownHostsFile=%USERDIR%/%USER%/known_hosts') tells it to use a known_hosts file that exists in the (Gate One) user's directory. So if you run it without any options as root, it will just use root's known_hosts file (~/.ssh/known_hosts)

Having said all that, I think there's something else going on here based on the screenshot danodemano posted. That looks like a problem with the browser being able to download the proper/complete CSS file.

@danodemano: I know this might be tedious but can you post a list of browser extensions you have installed? Also, can you load up the browser's JavaScript tools and let me know if there's any errors in there? Specifically I want to know about JavaScript errors and any errors downloading files (CSS in particular). Also, which version of Fedora is this? I'll load up a VM with that running and see if I can replicate the problem.

[danodemano]

Ok...I think I'm loosing my mind. I think I might have finally tracked this down though why it was scrolling like it was I may never know. I started going through all the machines I could get to and trying it in Chrome and Firefox. I finally pulled up Chrome 14.something at home and got it to throw this: "/bin/sh: /opt/gateone/plugins/ssh/scripts/ssh_connect.py: Permission denied"

I thought that was really odd as I was able to run that command just fine as root and I'm executing gateone.py as root. Anyway I did a chmod 777 on it (ssh_connect.py) and that seems to have fixed the problem! Odd though what it was doing in my Chrome 16 and scrolling like that.

Just one more little problem but this is obviously something in my settings somewhere as it works on my other machine but the laptop I'm on in Chrome 16 is giving "A communications disruption can mean only one thing..." I suspect one of my extensions might be messing with it.

Thanks so much for all your help!

[liftoff]

OK, I'm going to close this issue. For reference, "chmod 777" anything is a bad idea. You should've "chmod 775" :)

[arturoera]

Just a quick comment... I was stuck in same error... OS: Ubuntu 10.10 Python: 2.6.6 Tornado: 2.1.1

All versions were ok, however while trying to execute ssh_connect.py from terminal: ./ssh_connect.py Traceback (most recent call last): File "./ssh_connect.py", line 20, in from subprocess import Popen, check_output ImportError: cannot import name check_output

And this was due to wrong version of Python. So, I replace shebang in ssh_connect.py to explicitly use python2.7:

!/usr/bin/env python2.7

And also, make sure that Tornado is installed in python2.7 path...

All this mess, just because Ubuntu must have different versions of python for compatibility issues, and it defaults to 2.6.6

[Gwindalmir]

Python 2.6 is supported. Unless the developer changed that, it should work (if it doesn't, that's a bug) However I suspect he uses 2.7 daily, so issues with it not running under 2.6 may creep in.

Gentoo also keeps multiple versions of Python, but it has a utility to switch the default version, "eselect python". Perhaps Ubuntu has something similar to change the system default version.

[liftoff]

I actually test all my changes with Python 2.6 now but I have to manually run gateone.py using python2.6. Unfortunately this doesn't work on the ssh_connect.pt script. So it seems an issue has creeped in. I'll fix this in the next commit (easy).

[liftoff]

I just pushed a fix for this. Turns out ssh_connect.py wasn't even using check_output, LOL. So I just got rid of that import--problem solved.

Please verify and close this issue. Thanks.