[ERROR] OBD-1013: root@xxxx connect failed: username or password error

[nicexiaowen]

Describe the bug

用key_file去deploy的时候会报这个，edit-config配置如下 user: username: root key_file: /root/.ssh/id_rsa port: 22

trace 结果如下： [2024-07-08 11:12:21.513] [DEBUG] - host: xxxx , port: 22, user: root, password: None [2024-07-08 11:12:21.610] [ERROR] Traceback (most recent call last): [2024-07-08 11:12:21.610] [ERROR] File "core.py", line 1511, in deploy_cluster [2024-07-08 11:12:21.610] [ERROR] File "core.py", line 1546, in _deploy_cluster [2024-07-08 11:12:21.610] [ERROR] File "core.py", line 193, in call_plugin [2024-07-08 11:12:21.611] [ERROR] File "core.py", line 259, in get_clients [2024-07-08 11:12:21.611] [ERROR] File "core.py", line 278, in get_clients_with_connect_status [2024-07-08 11:12:21.611] [ERROR] File "core.py", line 299, in ssh_clients_connect [2024-07-08 11:12:21.611] [ERROR] File "_stdio.py", line 895, in func_wrapper [2024-07-08 11:12:21.611] [ERROR] File "ssh.py", line 442, in connect [2024-07-08 11:12:21.611] [ERROR] File "_stdio.py", line 895, in func_wrapper [2024-07-08 11:12:21.611] [ERROR] File "ssh.py", line 399, in _login [2024-07-08 11:12:21.611] [ERROR] File "paramiko/client.py", line 435, in connect [2024-07-08 11:12:21.611] [ERROR] File "paramiko/client.py", line 766, in _auth [2024-07-08 11:12:21.611] [ERROR] File "paramiko/client.py", line 742, in _auth [2024-07-08 11:12:21.611] [ERROR] File "paramiko/transport.py", line 1634, in auth_publickey [2024-07-08 11:12:21.611] [ERROR] File "paramiko/auth_handler.py", line 258, in wait_for_response [2024-07-08 11:12:21.611] [ERROR] paramiko.ssh_exception.AuthenticationException: Authentication failed. [2024-07-08 11:12:21.611] [ERROR] [2024-07-08 11:12:21.611] [CRITICAL] [ERROR] OBD-1013: root@10.182.16.124 connect failed: username or password error [2024-07-08 11:12:21.642] [INFO] [ERROR] OBD-1013: root@10.182.16.124 connect failed: username or password error

这里没有使用passord，但仍然输出password，从源码来看是否使用pkey的方式来登录更好，key_filename的方式貌似并使用于私钥的身份认证，测试demo同样无法登录。另外是否判断一下yaml中的password是否配置再输出，是否更加友好。 https://github.com/oceanbase/obdiag/blob/master/common/ssh.py def _login(self, stdio=None, exit=True): if self.is_connected: return True err = None try: self.ssh_client.set_missing_host_key_policy(AutoAddPolicy()) stdio.verbose('host: %s, port: %s, user: %s, password: %s' % (self.config.host, self.config.port, self.config.username, self.config.password)) self.ssh_client.connect( self.config.host, port=self.config.port, username=self.config.username, password=self.config.password, key_filename=self.config.key_filename, timeout=self.config.timeout, disabled_algorithms=self._disabled_rsa_algorithms ) self.is_connected = True except AuthenticationException: stdio.exception('') err = EC_SSH_CONNECT.format(user=self.config.username, ip=self.config.host, message='username or password error') except NoValidConnectionsError: stdio.exception('') err = EC_SSH_CONNECT.format(user=self.config.username, ip=self.config.host, message='time out') except BaseException as e: stdio.exception('') err = EC_SSH_CONNECT.format(user=self.config.username, ip=self.config.host, message=e)

Environment

obd v2.0.0 centos 7.9

Fast reproduce steps

使用key_file执行 obd cluster deploy xxx -c xxx.yaml 注销或者删除yaml中的password字段 例如： user: username: root key_file: /root/.ssh/id_rsa port: 22

Expected behavior

No response

Actual behavior

No response

Additional context

No response

[Teingi]

obd项目友情链接：https://github.com/oceanbase/obdeploy

[gys-git]

You can check the SSH version using the command "ssh -V". It is known that the default encryption algorithm in version 6.x is not available in OBD. You can disable this algorithm by running the command "obd env set OBD_DISABLE_RSA_ALGORITHMS 1" and then redeploy.

[nicexiaowen]

You can check the SSH version using the command "ssh -V". It is known that the default encryption algorithm in version 6.x is not available in OBD. You can disable this algorithm by running the command "obd env set OBD_DISABLE_RSA_ALGORITHMS 1" and then redeploy.

Thanks，this problem is OK.