Skip to main content

Glassfish and ssh authentication

5 replies [Last post]
glavriba
Offline
Joined: 2012-11-22
Points: 0

Dear All,
Could you please help to solve issue.
We have GlassFish 3.1.2.2 b4.
And several AIX host.
GF domain was successfully installed on host1.
When I tried to create additional node on host2, I have following issues:

1) If user@host2 have setup password:
$GF_HOME/bin/asadmin ssh-setup host2
Enter remote password for user@host2>
SSH key setup failed: Unexpected end of sftp stream.
Command setup-ssh failed.

2) If user@host2 have no password:
Failed to connect or authenticate: Authentication method publickey not
supported by the server at this stage.
Enter remote password for user@host2>
Failed to connect or authenticate: Authentication method publickey not
supported by the server at this stage.
SSH key setup failed: Password authentication failed.
Command setup-ssh failed.

Additiona: asadmin fails when executing
‘create-ssh-node’, below is the entry from server.log:
[#|2012-11-14T20:25:33.232+0200|WARNING|glassfish3.1.2|javax.enterprise.system.tools.admin.com.sun.enterprise.v3.admin.cluster|_ThreadID=8;_ThreadName=Thread-11;|Could
not connect to host host2 using SSH.: Could not authenticate. :
host=host2 port=22 user=user password=null
keyFile=/home/user/.ssh/id_rsa keyPassPhrase=null authType=null
knownHostFile=/home/user/.ssh/known_hosts|#]

It possible to create additional nodes/setups by ssh without password?
I newbie on GF...

could you please help me?

Thank you

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
jfdipol
Offline
Joined: 2007-08-16
Points: 0

This could be an environmental/os config issue, so first I'd make sure SSH is working outside of GlassFish. While on host1 try "ssh user@host2" and authenticate using the password. Then try sftp as well. If those work outside of GlassFish then setup-ssh should work.

The second error seems to imply the server does not support public key authentication. On host2 you may need to alter the sshd settings and set PubkeyAuthentication to yes. More details and some additional trouble shooting on Yamini's Blog

Joe

glavriba
Offline
Joined: 2012-11-22
Points: 0

Thank you for your answer!
But my issue still is actually.
All operation is successful if user have password on OS, but fail, if user passwordless (usage public keys to auth, is failed too).

jfdipol
Offline
Joined: 2007-08-16
Points: 0

So SSH key authentication does not work in the OS? It appears as though you have two options.

Option 1: get SSH public key authentication working from host1 to host2 in the OS. You may need to edit sshd_config on host2 and make sure PubkeyAuthentication is set to "yes". There could be other issues as well. There are lots of tips on the web for setting up ssh public key authentication. For example a quick search found this: http://www.tek-tips.com/viewthread.cfm?qid=1221865

Option 2: use SSH password authentication with GlassFish and not bother with setup-ssh (which is used to help setup public key authentication).

In either case you should read the GlassFish documentation on configuring GlassFish with SSH:

http://docs.oracle.com/cd/E26576_01/doc.312/e24934/ssh-setup.htm

glavriba
Offline
Joined: 2012-11-22
Points: 0

I have no issues with auth by ssh in OS.
But my issue with GlassFish auth only.

debug1: Authentication succeeded (none).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug2: callback start

GF client doesn't support "none" auth per ssh...

glavriba
Offline
Joined: 2012-11-22
Points: 0

I just to know: possible to create node via ssh, if user have no password.
From my point view, this issue GF ssh client.
If so it is true, possible to create bug for it.