I recently installed Cloudmin GPL alongside my existing Virtualmin GPL installation, and think I've found a bug.
When I create a XEN machine, one of the steps is to regenerate the SSH keys, which are then stored on the Cloudmin Master in /root/.ssh/known_hosts. Now, I would assume that when regenerating, it should replace the previous key for the image (which it seems to add at the very beginning of the creation), but instead it adds a second key, thus causing SSH connections to the XEN guest to fail with the NO SSH error. I have to manually remove all entries, and then tell it to clear the ssh keys to sucessfully gain SSH access.
Also, when removing a guest, it doesn't remove the keys, which would be helpful, in case you attempt to re-add a guess with the same IP as the old one.
PS. Running on Ubuntu 8.04 64-bit, latest updates for both the system, Webmin, Usermin, Virtuamin and . I can provide any logs, etc upon request
Comments
Submitted by JamieCameron on Mon, 05/31/2010 - 13:24 Comment #1
Sounds like the SSH keys are in a format other than what Cloudmin expects..
Would it be possible for you to post some of the lines from
known_hosts
that you had to remove? There should be no security risk from this information ..Submitted by staticanime on Mon, 05/31/2010 - 16:39 Comment #2
Ok, well, I'm gonna include the known_hosts file with one xen machine, and then I'll include a second/third one after adding a new xen machine, and you will see that the new one has two extra lines instead of one. Seems while creating the machine it adds one key, and then regenerates the key, but instead of replacing the previous one, it appends a new key
The error message is: Regenerating SSH host keys .. .. failed : Failed to generate /etc/ssh/ssh_host_rsa_key : Connection failed
Installing Webmin from http://www.webmin.com/download/webmin-current.tar.gz .. .. install failed : Perl and Wget are required to install Webmin, but cannot be automatically installed Fetching current status .. .. status successfully retrieved (No SSH)
known_hosts.old is from before I added the new machine. known_host.new1 is during creation when it fails, and known_host.new2 is after I remove one line to make the xen machine work
I can give you access to my machine if you need to, just let me know
Submitted by JamieCameron on Tue, 06/01/2010 - 00:00 Comment #3
Ok, I see the problem .. the issue is that your hostnames in the known_hosts file are hashed, and Cloudmin doesn't know how to remove those. I will fix this in the next release (version 4.6).
Till then, the work-around is to edit
~root/.ssh/known_hosts
and add (or update) the line :HashKnownHosts no
Then remove any existing Cloudmin-managed hosts from known_hosts.
Submitted by staticanime on Tue, 06/01/2010 - 05:08 Comment #4
I added that line, and emptied out the file, then added a new host. I'm still getting the NO SSH errors as before, and now my known_hosts file has 3 entries in it.
Submitted by JamieCameron on Tue, 06/01/2010 - 11:15 Comment #5
Sorry, I gave the instructions wrong .. you need to add
HashKnownHosts no
to~root/.ssh/config
Submitted by staticanime on Tue, 06/01/2010 - 12:03 Comment #6
It's working now, thanks!!
Submitted by JamieCameron on Tue, 06/01/2010 - 12:09 Comment #7
Great - thanks for reporting this bug!
Submitted by staticanime on Tue, 06/01/2010 - 12:12 Comment #8
No problem, glad to be of help!!
Submitted by Issues on Thu, 06/17/2010 - 05:21 Comment #9
Automatically closed -- issue fixed for 2 weeks with no activity.