Knife bootstrap not authenticating


#1

I’m currently unable to bootstrap a node that I’ve verified I can ssh into.

The strange thing is the ERROR at the bottom of the stacktrace, as it is repeating my hostname.

If anyone has any insight into further troubleshooting, and suggestions are appreciated!

Chef: 11.8.0

curtstewart@curtis-mbp:$ knife bootstrap my.server.comhttp://my.server.com -x cstewart --sudo -i ~/.ssh/id_rsa -E sandbox -VV
Called ‘load’ without the :safe option – defaulting to safe mode.
You can avoid this warning in the future by setting the SafeYAML::OPTIONS[:default_mode] option (to :safe or :unsafe).

DEBUG: Looking for bootstrap template in /Users/curtstewart/.rvm/gems/ruby-1.9.3-p484@myproj/gems/chef-11.8.0/lib/chef/knife/bootstrap
DEBUG: Found bootstrap template in /Users/curtstewart/.rvm/gems/ruby-1.9.3-p484@myproj/gems/chef-11.8.0/lib/chef/knife/bootstrap
Bootstrapping Chef on my.server.comhttp://my.server.com
DEBUG: Adding my.server.comhttp://my.server.com
DEBUG: establishing connection to my.server.comhttp://my.server.com:22
DEBUG: connection established
INFO: negotiating protocol version
DEBUG: remote is SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1' DEBUG: local isSSH-2.0-Ruby/Net::SSH_2.8.0 x86_64-darwin13.0.0’
DEBUG: read 984 bytes
DEBUG: received packet nr 0 type 20 len 980
INFO: got KEXINIT from server
INFO: sending KEXINIT
DEBUG: queueing packet nr 0 type 20 len 1620
DEBUG: sent 1624 bytes
INFO: negotiating algorithms
DEBUG: negotiated:

  • kex: diffie-hellman-group-exchange-sha1
  • host_key: ssh-rsa
  • encryption_server: aes128-cbc
  • encryption_client: aes128-cbc
  • hmac_client: hmac-sha1
  • hmac_server: hmac-sha1
  • compression_client: none
  • compression_server: none
  • language_client:
  • language_server:
    DEBUG: exchanging keys
    DEBUG: queueing packet nr 1 type 34 len 20
    DEBUG: sent 24 bytes
    DEBUG: read 152 bytes
    DEBUG: received packet nr 1 type 31 len 148
    DEBUG: queueing packet nr 2 type 32 len 140
    DEBUG: sent 144 bytes
    DEBUG: read 720 bytes
    DEBUG: received packet nr 2 type 33 len 700
    DEBUG: queueing packet nr 3 type 21 len 20
    DEBUG: sent 24 bytes
    DEBUG: received packet nr 3 type 21 len 12
    DEBUG: beginning authentication of cstewart' DEBUG: queueing packet nr 4 type 5 len 28 DEBUG: sent 52 bytes DEBUG: read 52 bytes DEBUG: received packet nr 4 type 6 len 28 DEBUG: trying none DEBUG: queueing packet nr 5 type 50 len 44 DEBUG: sent 68 bytes DEBUG: read 52 bytes DEBUG: received packet nr 5 type 51 len 28 DEBUG: allowed methods: publickey DEBUG: none failed DEBUG: trying publickey DEBUG: trying publickey (87:fb:bb:2b:19:03:f0:39:25:03:d0:08:64:96:41:b1) DEBUG: queueing packet nr 6 type 50 len 348 DEBUG: sent 372 bytes DEBUG: read 52 bytes DEBUG: received packet nr 6 type 51 len 28 DEBUG: allowed methods: publickey ERROR: all authorization methods failed (tried none, publickey) Failed to authenticate cstewart - trying password auth Enter your password: DEBUG: Adding my.server.com<http://my.server.com> DEBUG: establishing connection to my.server.com<http://my.server.com>:22 DEBUG: connection established INFO: negotiating protocol version DEBUG: remote isSSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1’
    DEBUG: local is `SSH-2.0-Ruby/Net::SSH_2.8.0 x86_64-darwin13.0.0’
    DEBUG: read 984 bytes
    DEBUG: received packet nr 0 type 20 len 980
    INFO: got KEXINIT from server
    INFO: sending KEXINIT
    DEBUG: queueing packet nr 0 type 20 len 1620
    DEBUG: sent 1624 bytes
    INFO: negotiating algorithms
    DEBUG: negotiated:
  • kex: diffie-hellman-group-exchange-sha1
  • host_key: ssh-rsa
  • encryption_server: aes128-cbc
  • encryption_client: aes128-cbc
  • hmac_client: hmac-sha1
  • hmac_server: hmac-sha1
  • compression_client: none
  • compression_server: none
  • language_client:
  • language_server:
    DEBUG: exchanging keys
    DEBUG: queueing packet nr 1 type 34 len 20
    DEBUG: sent 24 bytes
    DEBUG: read 152 bytes
    DEBUG: received packet nr 1 type 31 len 148
    DEBUG: queueing packet nr 2 type 32 len 140
    DEBUG: sent 144 bytes
    DEBUG: read 720 bytes
    DEBUG: received packet nr 2 type 33 len 700
    DEBUG: queueing packet nr 3 type 21 len 20
    DEBUG: sent 24 bytes
    DEBUG: received packet nr 3 type 21 len 12
    DEBUG: beginning authentication of `cstewart’
    DEBUG: queueing packet nr 4 type 5 len 28
    DEBUG: sent 52 bytes
    DEBUG: read 52 bytes
    DEBUG: received packet nr 4 type 6 len 28
    DEBUG: trying none
    DEBUG: queueing packet nr 5 type 50 len 44
    DEBUG: sent 68 bytes
    DEBUG: read 52 bytes
    DEBUG: received packet nr 5 type 51 len 28
    DEBUG: allowed methods: publickey
    DEBUG: none failed
    DEBUG: trying publickey
    DEBUG: connecting to ssh-agent
    DEBUG: sending agent request 1 len 51
    DEBUG: received agent packet 2 len 5
    DEBUG: sending agent request 11 len 0
    DEBUG: received agent packet 12 len 5
    DEBUG: trying publickey (87:fb:bb:2b:19:03:f0:39:25:03:d0:08:64:96:41:b1)
    DEBUG: queueing packet nr 6 type 50 len 348
    DEBUG: sent 372 bytes
    DEBUG: read 52 bytes
    DEBUG: received packet nr 6 type 51 len 28
    DEBUG: allowed methods: publickey
    ERROR: all authorization methods failed (tried none, publickey)
    ERROR: Net::SSH::AuthenticationFailed: Authentication failed for user cstewart@my.server.commailto:cstewart@my.server.com@my.server.com

Thanks,
Curtis


#2

On Monday, February 17, 2014 at 6:48 PM, Stewart, Curtis wrote:

I’m currently unable to bootstrap a node that I’ve verified I can ssh into.

Do you have anything complicated in your .ssh/config ? The net-ssh library we use supports some but not all of the config file options/syntax, so this is a common source of confusion.

The strange thing is the ERROR at the bottom of the stacktrace, as it is repeating my hostname.

If anyone has any insight into further troubleshooting, and suggestions are appreciated!

Chef: 11.8.0

curtstewart@curtis-mbp:$ knife bootstrap my.server.com (http://my.server.com) -x cstewart --sudo -i ~/.ssh/id_rsa -E sandbox -VV
DEBUG: beginning authentication of `cstewart’

It’s odd that the error message has the weird hostname thing, but this debug message seems to indicate that it’s using ‘cstewart’ for the username.

Thanks,
Curtis

You might also check the server’s sshd logs to see if there’s any clues.


Daniel DeLeo