[GPL] Creating XEN host succeeds with No SSH error

I recently installed Cloudmin GPL alongside my existing Virtualmin GPL installation, and think I've found a bug.

When I create a XEN machine, one of the steps is to regenerate the SSH keys, which are then stored on the Cloudmin Master in /root/.ssh/known_hosts. Now, I would assume that when regenerating, it should replace the previous key for the image (which it seems to add at the very beginning of the creation), but instead it adds a second key, thus causing SSH connections to the XEN guest to fail with the NO SSH error. I have to manually remove all entries, and then tell it to clear the ssh keys to sucessfully gain SSH access.

Also, when removing a guest, it doesn't remove the keys, which would be helpful, in case you attempt to re-add a guess with the same IP as the old one.

PS. Running on Ubuntu 8.04 64-bit, latest updates for both the system, Webmin, Usermin, Virtuamin and . I can provide any logs, etc upon request

Status: 
Closed (fixed)

Comments

Sounds like the SSH keys are in a format other than what Cloudmin expects..

Would it be possible for you to post some of the lines from known_hosts that you had to remove? There should be no security risk from this information ..

Ok, well, I'm gonna include the known_hosts file with one xen machine, and then I'll include a second/third one after adding a new xen machine, and you will see that the new one has two extra lines instead of one. Seems while creating the machine it adds one key, and then regenerates the key, but instead of replacing the previous one, it appends a new key

The error message is: Regenerating SSH host keys .. .. failed : Failed to generate /etc/ssh/ssh_host_rsa_key : Connection failed

Installing Webmin from http://www.webmin.com/download/webmin-current.tar.gz .. .. install failed : Perl and Wget are required to install Webmin, but cannot be automatically installed Fetching current status .. .. status successfully retrieved (No SSH)

known_hosts.old is from before I added the new machine. known_host.new1 is during creation when it fails, and known_host.new2 is after I remove one line to make the xen machine work

I can give you access to my machine if you need to, just let me know

Ok, I see the problem .. the issue is that your hostnames in the known_hosts file are hashed, and Cloudmin doesn't know how to remove those. I will fix this in the next release (version 4.6).

Till then, the work-around is to edit ~root/.ssh/known_hosts and add (or update) the line :

HashKnownHosts no

Then remove any existing Cloudmin-managed hosts from known_hosts.

I added that line, and emptied out the file, then added a new host. I'm still getting the NO SSH errors as before, and now my known_hosts file has 3 entries in it.

Sorry, I gave the instructions wrong .. you need to add HashKnownHosts no to ~root/.ssh/config

It's working now, thanks!!

Great - thanks for reporting this bug!

No problem, glad to be of help!!

Automatically closed -- issue fixed for 2 weeks with no activity.