Bug #27000
open
Remote execution fails with error: Authentication failed for user root@1.2.3.4
Description
I upgraded from 1.21.3 to 1.22.0, puppet 5 to 6 so far everything is working except for the remote execution feature. It used to work with 1.21.3.
Error initializing command: Net::SSH::AuthenticationFailed - Authentication failed for user root@1.2.3.4
Exit status: EXCEPTION
Looks like it keeps trying to connect from root user instead of a normal user. I tried the advance feature and put the normal user but it still tried from root. effective and ssh user are already configured in the settings. Please help.
Thanks
Updated by Tomer Brisker over 5 years ago
- Project changed from Foreman to Foreman Remote Execution
- Category deleted (
47)
Updated by Elias Pereira over 5 years ago
Kevin V wrote:
I upgraded from 1.21.3 to 1.22.0, puppet 5 to 6 so far everything is working except for the remote execution feature. It used to work with 1.21.3.
Error initializing command: Net::SSH::AuthenticationFailed - Authentication failed for user root@1.2.3.4
Exit status: EXCEPTIONLooks like it keeps trying to connect from root user instead of a normal user. I tried the advance feature and put the normal user but it still tried from root. effective and ssh user are already configured in the settings. Please help.
Thanks
Hello Kevin,
I'm also having similar problems. Mine is about the change of self-signed certificates that I made for access to the foreman webgui. Do you also get access via https on your foreman server?
Updated by Marek Hulán over 3 years ago
I seem to suffer from the same. The target is fedora 33. The jobs says
Error initializing command: Net::SSH::AuthenticationFailed - Authentication failed for user root@tony-wl.hu.lan
When I try the following
sudo -u foreman-proxy ssh root@tony-wl.hu.lan -i /var/lib/foreman-proxy/ssh/id_rsa_foreman_proxy
it works just fine. Running ansible from Foreman on this host also works fine. It seems it's something with net-ssh, when the connection is opened. The secure log from the target host says
Apr 21 19:41:33 tony sshd[14977]: userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedKeyTypes [preauth] Apr 21 19:41:33 tony sshd[14977]: Connection closed by authenticating user root 192.168.22.101 port 35932 [preauth]
Of course I tried to configure PubkeyAcceptedKeyTypes and allow ssh-rsa but it didn't help.
Versions:
foreman 2.4.0
foreman rex 4.2.2
foreman tasks 4.0.0
foreman ansible 6.2.0
rubygem-net-ssh-4.2.0-2.el8.noarch (this is centos8 stream installation which offers newer, but rex has this version pinned)
Updated by Adam Ruzicka over 3 years ago
We are using rather old version of net-ssh. If I recall correctly it uses cryptographic and hashing functions which do not meet the requirements set by crypto policies in newer fedoras. Hopefully this should go away when we update to a current net-ssh (latest is currently 6.1.0)