[Swift-devel] ssh data provider
Zhao Zhang
zhaozhang at uchicago.edu
Thu Dec 11 20:57:32 CST 2008
I tried to run sftp on IO nodes,
bash-3.1$ sftp
usage: sftp [-1Cv] [-B buffer_size] [-b batchfile] [-F ssh_config]
[-o ssh_option] [-P sftp_server_path] [-R num_requests]
[-S program] [-s subsystem | sftp_server] host
sftp [[user@]host[:file [file]]]
sftp [[user@]host[:dir[/]]]
sftp -b batchfile [user@]host
it seems that there is a working version
zhao
Mihael Hategan wrote:
> You could ask the folks who administer the BG to enable sftp on the io
> nodes. This is enabled by default with openssh.
>
> On Thu, 2008-12-11 at 20:52 -0600, Zhao Zhang wrote:
>
>> got this
>>
>> zzhang at login6.surveyor:~/swift/test> swift -sites.file ./sites.xml
>> -tc.file ./tc.data first.swift
>> Swift svn swift-r2334 (Swift modified locally) cog-r2216
>>
>> RunID: 20081211-2021-oi8c3r0b
>> Progress:
>> echo started
>> Sorted: [bgp000:1,000.000(98.545):0/789 overload: 0]
>> Sorted: [bgp000:999.590(98.544):0/789 overload: 0]
>> Sorted: [bgp000:999.180(98.544):0/789 overload: 0]
>> echo failed
>> Execution failed:
>> Could not initialize shared directory on bgp000
>> Caused by:
>> org.globus.cog.abstraction.impl.file.FileResourceException:
>> Error while communicating with the SSH server on 172.16.3.2:22
>> Caused by:
>> Failed to start the SFTP subsystem on zzhang:<key>@172.16.3.2:22
>>
>>
>> Mihael Hategan wrote:
>>
>>> now try swift
>>>
>>> On Thu, 2008-12-11 at 20:16 -0600, Zhao Zhang wrote:
>>>
>>>
>>>> Mihael Hategan wrote:
>>>>
>>>>
>>>>> On Thu, 2008-12-11 at 20:00 -0600, Zhao Zhang wrote:
>>>>>
>>>>>
>>>>>
>>>>>> nope, we don't need to since ssh works for us.
>>>>>>
>>>>>>
>>>>>>
>>>>> Mmm, obviously not. May I suggest typing "man ssh" and reading the
>>>>> section on authentication?
>>>>>
>>>>>
>>>>>
>>>> By "it works" I mean it works for our ordinary use, we could login IO
>>>> nodes with that host based authentication.
>>>>
>>>>
>>>>>
>>>>>
>>>>>
>>>>>> Besides, I have no idea
>>>>>> where the ssh on IO nodes saves the public key.
>>>>>>
>>>>>>
>>>>>>
>>>>> For public key authentication you need to put the public
>>>>> key (~/.ssh/id_rsa.pub) in ~/.ssh/authorized_keys on the remote
>>>>> machine. This is the public key that corresponds to your private key.
>>>>>
>>>>>
>>>>>
>>>> Ha, it works now.
>>>>
>>>> zzhang at login6.surveyor:~/swift/test> ssh -v -o
>>>> HostbasedAuthentication=no -l zzh
>>>> ang -i /home/zzhang/.ssh/id_rsa ion-1
>>>> OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005
>>>> debug1: Reading configuration data /etc/ssh/ssh_config
>>>> debug1: Applying options for *
>>>> debug1: /etc/ssh/ssh_config line 25: Deprecated option
>>>> "RhostsAuthentication"
>>>> debug1: Connecting to ion-1 [172.16.3.1] port 22.
>>>> debug1: Connection established.
>>>> debug1: identity file /home/zzhang/.ssh/id_rsa type 1
>>>> debug1: Remote protocol version 2.0, remote software version OpenSSH_4.2
>>>> debug1: match: OpenSSH_4.2 pat OpenSSH*
>>>> debug1: Enabling compatibility mode for protocol 2.0
>>>> debug1: Local version string SSH-2.0-OpenSSH_4.2
>>>> debug1: SSH2_MSG_KEXINIT sent
>>>> debug1: SSH2_MSG_KEXINIT received
>>>> debug1: kex: server->client aes128-cbc hmac-md5 none
>>>> debug1: kex: client->server aes128-cbc hmac-md5 none
>>>> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
>>>> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
>>>> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
>>>> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
>>>> debug1: Host 'ion-1' is known and matches the RSA host key.
>>>> debug1: Found key in /home/zzhang/.ssh/known_hosts:40
>>>> Warning: the RSA host key for 'ion-1' differs from the key for the IP
>>>> address '172.16.3.1'
>>>> Offending key for IP in /home/zzhang/.ssh/known_hosts:3
>>>> Matching host key in /home/zzhang/.ssh/known_hosts:40
>>>> debug1: ssh_rsa_verify: signature correct
>>>> debug1: SSH2_MSG_NEWKEYS sent
>>>> debug1: expecting SSH2_MSG_NEWKEYS
>>>> debug1: SSH2_MSG_NEWKEYS received
>>>> debug1: SSH2_MSG_SERVICE_REQUEST sent
>>>> debug1: SSH2_MSG_SERVICE_ACCEPT received
>>>> debug1: Authentications that can continue:
>>>> publickey,keyboard-interactive,hostbased
>>>> debug1: Next authentication method: publickey
>>>> debug1: Offering public key: /home/zzhang/.ssh/id_rsa
>>>> debug1: Server accepts key: pkalg ssh-rsa blen 277
>>>> debug1: read PEM private key done: type RSA
>>>> debug1: Authentication succeeded (publickey).
>>>> debug1: channel 0: new [client-session]
>>>> debug1: Entering interactive session.
>>>> Last login: Thu Dec 11 20:15:10 2008 from login6-data.surveyor.alcf.anl.gov
>>>>
>>>>
>>>> BusyBox v1.4.2 (2008-05-07 02:58:20 UTC) Built-in shell (ash)
>>>> Enter 'help' for a list of built-in commands.
>>>>
>>>> /gpfs/home/zzhang $
>>>>
>>>>
>>>>>
>>>>>
>>>>>
>>>>>> zhao
>>>>>>
>>>>>> Mihael Hategan wrote:
>>>>>>
>>>>>>
>>>>>>
>>>>>>> Have you installed the public key on ion-1?
>>>>>>>
>>>>>>> On Thu, 2008-12-11 at 19:10 -0600, Zhao Zhang wrote:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>> Then it failed
>>>>>>>>
>>>>>>>> zzhang at login6.surveyor:~/swift/test> ssh -v -o
>>>>>>>> HostbasedAuthentication=no -l zzh
>>>>>>>> ang -i /home/zzhang/.ssh/id_rsa ion-7
>>>>>>>> OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005
>>>>>>>> debug1: Reading configuration data /etc/ssh/ssh_config
>>>>>>>> debug1: Applying options for *
>>>>>>>> debug1: /etc/ssh/ssh_config line 25: Deprecated option
>>>>>>>> "RhostsAuthentication"
>>>>>>>> debug1: Connecting to ion-7 [172.16.3.7] port 22.
>>>>>>>> debug1: Connection established.
>>>>>>>> debug1: identity file /home/zzhang/.ssh/id_rsa type 1
>>>>>>>> debug1: Remote protocol version 2.0, remote software version OpenSSH_4.2
>>>>>>>> debug1: match: OpenSSH_4.2 pat OpenSSH*
>>>>>>>> debug1: Enabling compatibility mode for protocol 2.0
>>>>>>>> debug1: Local version string SSH-2.0-OpenSSH_4.2
>>>>>>>> debug1: SSH2_MSG_KEXINIT sent
>>>>>>>> debug1: SSH2_MSG_KEXINIT received
>>>>>>>> debug1: kex: server->client aes128-cbc hmac-md5 none
>>>>>>>> debug1: kex: client->server aes128-cbc hmac-md5 none
>>>>>>>> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
>>>>>>>> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
>>>>>>>> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
>>>>>>>> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
>>>>>>>> debug1: Host 'ion-7' is known and matches the RSA host key.
>>>>>>>> debug1: Found key in /home/zzhang/.ssh/known_hosts:43
>>>>>>>> debug1: ssh_rsa_verify: signature correct
>>>>>>>> debug1: SSH2_MSG_NEWKEYS sent
>>>>>>>> debug1: expecting SSH2_MSG_NEWKEYS
>>>>>>>> debug1: SSH2_MSG_NEWKEYS received
>>>>>>>> debug1: SSH2_MSG_SERVICE_REQUEST sent
>>>>>>>> debug1: SSH2_MSG_SERVICE_ACCEPT received
>>>>>>>> debug1: Authentications that can continue:
>>>>>>>> publickey,keyboard-interactive,hostbased
>>>>>>>> debug1: Next authentication method: publickey
>>>>>>>> debug1: Offering public key: /home/zzhang/.ssh/id_rsa
>>>>>>>> debug1: Authentications that can continue:
>>>>>>>> publickey,keyboard-interactive,hostbased
>>>>>>>> debug1: Next authentication method: keyboard-interactive
>>>>>>>> debug1: Authentications that can continue:
>>>>>>>> publickey,keyboard-interactive,hostbased
>>>>>>>> debug1: No more authentication methods to try.
>>>>>>>> Permission denied (publickey,keyboard-interactive,hostbased).
>>>>>>>> zzhang at login6.surveyor:~/swift/test>
>>>>>>>>
>>>>>>>>
>>>>>>>> Mihael Hategan wrote:
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>> I looked at the ssh logs, and it seems like you're logging in using
>>>>>>>>> hostbased authentication.
>>>>>>>>>
>>>>>>>>> Try ssh -v -o HostBasedAuthenticatiosn=no -l zzhang
>>>>>>>>> -i /home/zzhang/.ssh/id_rsa ion-1
>>>>>>>>>
>>>>>>>>> Also, note that you misspelled "id_rsa": Warning: Identity
>>>>>>>>> file /home/zzhang/.ssh/ir_rsa not accessible: No such
>>>>>>>>> file or directory.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Thu, 2008-12-11 at 18:51 -0600, Zhao Zhang wrote:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>> Ha, you are right, i put a wrong log here.
>>>>>>>>>>
>>>>>>>>>> I rerun it, if failed with the following message.
>>>>>>>>>>
>>>>>>>>>> zzhang at login6.surveyor:~/swift/test> swift -sites.file ./sites.xml
>>>>>>>>>> -tc.file ./tc.data first.swift
>>>>>>>>>> Swift svn swift-r2334 (Swift modified locally) cog-r2216
>>>>>>>>>>
>>>>>>>>>> RunID: 20081211-1850-rcrr2fk0
>>>>>>>>>> Progress:
>>>>>>>>>> echo started
>>>>>>>>>> Sorted: [bgp000:1,000.000(98.545):0/789 overload: 0]
>>>>>>>>>> Sorted: [bgp000:999.590(98.544):0/789 overload: 0]
>>>>>>>>>> Sorted: [bgp000:999.180(98.544):0/789 overload: 0]
>>>>>>>>>> echo failed
>>>>>>>>>> Execution failed:
>>>>>>>>>> Could not initialize shared directory on bgp000
>>>>>>>>>> Caused by:
>>>>>>>>>> org.globus.cog.abstraction.impl.file.FileResourceException:
>>>>>>>>>> Error while communicating with the SSH server on 172.16.3.7:22
>>>>>>>>>> Caused by:
>>>>>>>>>> Public Key Authentication failed
>>>>>>>>>>
>>>>>>>>>> zhao
>>>>>>>>>>
>>>>>>>>>> Mihael Hategan wrote:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>> On Thu, 2008-12-11 at 18:38 -0600, Zhao Zhang wrote:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>> sure, it is 172.16.3.6.passphrase=
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>> I don't believe you. Can you paste the file?
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>> Mihael Hategan wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>> On Thu, 2008-12-11 at 18:30 -0600, Zhao Zhang wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Hi, Mihael
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> If I put .passphrase= there, I got this:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>> With the IP address before .passphrase, of course. I.e.
>>>>>>>>>>>>> 172.16.3.6.passphrase=
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>
>>>>>
>>>>>
>>>
>>>
>
>
>
More information about the Swift-devel
mailing list