[Swift-devel] ssh data provider

Mihael Hategan hategan at mcs.anl.gov
Thu Dec 11 21:25:31 CST 2008


Uh. Sorry. Let me be more clear. They need to enable sftp in the openssh
server. This has little to do with whether the sftp client tool is
installed or not.

On Thu, 2008-12-11 at 21:00 -0600, Mihael Hategan wrote:
> Ok. Can you paste a link to the log file?
> 
> On Thu, 2008-12-11 at 20:57 -0600, Zhao Zhang wrote:
> > I tried to run sftp on IO nodes,
> > 
> > bash-3.1$ sftp
> > usage: sftp [-1Cv] [-B buffer_size] [-b batchfile] [-F ssh_config]
> >             [-o ssh_option] [-P sftp_server_path] [-R num_requests]
> >             [-S program] [-s subsystem | sftp_server] host
> >        sftp [[user@]host[:file [file]]]
> >        sftp [[user@]host[:dir[/]]]
> >        sftp -b batchfile [user@]host
> > 
> > it seems that there is a working version
> > 
> > zhao
> > 
> > Mihael Hategan wrote:
> > > You could ask the folks who administer the BG to enable sftp on the io
> > > nodes. This is enabled by default with openssh.
> > >
> > > On Thu, 2008-12-11 at 20:52 -0600, Zhao Zhang wrote:
> > >   
> > >> got this
> > >>
> > >> zzhang at login6.surveyor:~/swift/test> swift -sites.file ./sites.xml 
> > >> -tc.file ./tc.data first.swift
> > >> Swift svn swift-r2334 (Swift modified locally) cog-r2216
> > >>
> > >> RunID: 20081211-2021-oi8c3r0b
> > >> Progress:
> > >> echo started
> > >> Sorted: [bgp000:1,000.000(98.545):0/789 overload: 0]
> > >> Sorted: [bgp000:999.590(98.544):0/789 overload: 0]
> > >> Sorted: [bgp000:999.180(98.544):0/789 overload: 0]
> > >> echo failed
> > >> Execution failed:
> > >>         Could not initialize shared directory on bgp000
> > >> Caused by:
> > >>         org.globus.cog.abstraction.impl.file.FileResourceException: 
> > >> Error while communicating with the SSH server on 172.16.3.2:22
> > >> Caused by:
> > >>         Failed to start the SFTP subsystem on zzhang:<key>@172.16.3.2:22
> > >>
> > >>
> > >> Mihael Hategan wrote:
> > >>     
> > >>> now try swift
> > >>>
> > >>> On Thu, 2008-12-11 at 20:16 -0600, Zhao Zhang wrote:
> > >>>   
> > >>>       
> > >>>> Mihael Hategan wrote:
> > >>>>     
> > >>>>         
> > >>>>> On Thu, 2008-12-11 at 20:00 -0600, Zhao Zhang wrote:
> > >>>>>   
> > >>>>>       
> > >>>>>           
> > >>>>>> nope, we don't need to since ssh works for us.
> > >>>>>>     
> > >>>>>>         
> > >>>>>>             
> > >>>>> Mmm, obviously not. May I suggest typing "man ssh" and reading the
> > >>>>> section on authentication?
> > >>>>>   
> > >>>>>       
> > >>>>>           
> > >>>> By "it works" I mean it works for our ordinary use, we could login IO 
> > >>>> nodes with that host based authentication.
> > >>>>     
> > >>>>         
> > >>>>>   
> > >>>>>       
> > >>>>>           
> > >>>>>>  Besides, I have no idea 
> > >>>>>> where the ssh on IO nodes saves the public key.
> > >>>>>>     
> > >>>>>>         
> > >>>>>>             
> > >>>>> For public key authentication you need to put the public
> > >>>>> key (~/.ssh/id_rsa.pub) in ~/.ssh/authorized_keys on the remote
> > >>>>> machine. This is the public key that corresponds to your private key.
> > >>>>>   
> > >>>>>       
> > >>>>>           
> > >>>> Ha, it works now.
> > >>>>
> > >>>> zzhang at login6.surveyor:~/swift/test> ssh -v -o 
> > >>>> HostbasedAuthentication=no -l zzh
> > >>>> ang -i /home/zzhang/.ssh/id_rsa ion-1
> > >>>> OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005
> > >>>> debug1: Reading configuration data /etc/ssh/ssh_config
> > >>>> debug1: Applying options for *
> > >>>> debug1: /etc/ssh/ssh_config line 25: Deprecated option 
> > >>>> "RhostsAuthentication"
> > >>>> debug1: Connecting to ion-1 [172.16.3.1] port 22.
> > >>>> debug1: Connection established.
> > >>>> debug1: identity file /home/zzhang/.ssh/id_rsa type 1
> > >>>> debug1: Remote protocol version 2.0, remote software version OpenSSH_4.2
> > >>>> debug1: match: OpenSSH_4.2 pat OpenSSH*
> > >>>> debug1: Enabling compatibility mode for protocol 2.0
> > >>>> debug1: Local version string SSH-2.0-OpenSSH_4.2
> > >>>> debug1: SSH2_MSG_KEXINIT sent
> > >>>> debug1: SSH2_MSG_KEXINIT received
> > >>>> debug1: kex: server->client aes128-cbc hmac-md5 none
> > >>>> debug1: kex: client->server aes128-cbc hmac-md5 none
> > >>>> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
> > >>>> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> > >>>> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> > >>>> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> > >>>> debug1: Host 'ion-1' is known and matches the RSA host key.
> > >>>> debug1: Found key in /home/zzhang/.ssh/known_hosts:40
> > >>>> Warning: the RSA host key for 'ion-1' differs from the key for the IP 
> > >>>> address '172.16.3.1'
> > >>>> Offending key for IP in /home/zzhang/.ssh/known_hosts:3
> > >>>> Matching host key in /home/zzhang/.ssh/known_hosts:40
> > >>>> debug1: ssh_rsa_verify: signature correct
> > >>>> debug1: SSH2_MSG_NEWKEYS sent
> > >>>> debug1: expecting SSH2_MSG_NEWKEYS
> > >>>> debug1: SSH2_MSG_NEWKEYS received
> > >>>> debug1: SSH2_MSG_SERVICE_REQUEST sent
> > >>>> debug1: SSH2_MSG_SERVICE_ACCEPT received
> > >>>> debug1: Authentications that can continue: 
> > >>>> publickey,keyboard-interactive,hostbased
> > >>>> debug1: Next authentication method: publickey
> > >>>> debug1: Offering public key: /home/zzhang/.ssh/id_rsa
> > >>>> debug1: Server accepts key: pkalg ssh-rsa blen 277
> > >>>> debug1: read PEM private key done: type RSA
> > >>>> debug1: Authentication succeeded (publickey).
> > >>>> debug1: channel 0: new [client-session]
> > >>>> debug1: Entering interactive session.
> > >>>> Last login: Thu Dec 11 20:15:10 2008 from login6-data.surveyor.alcf.anl.gov
> > >>>>
> > >>>>
> > >>>> BusyBox v1.4.2 (2008-05-07 02:58:20 UTC) Built-in shell (ash)
> > >>>> Enter 'help' for a list of built-in commands.
> > >>>>
> > >>>> /gpfs/home/zzhang $
> > >>>>     
> > >>>>         
> > >>>>>   
> > >>>>>       
> > >>>>>           
> > >>>>>> zhao
> > >>>>>>
> > >>>>>> Mihael Hategan wrote:
> > >>>>>>     
> > >>>>>>         
> > >>>>>>             
> > >>>>>>> Have you installed the public key on ion-1?
> > >>>>>>>
> > >>>>>>> On Thu, 2008-12-11 at 19:10 -0600, Zhao Zhang wrote:
> > >>>>>>>   
> > >>>>>>>       
> > >>>>>>>           
> > >>>>>>>               
> > >>>>>>>> Then it failed
> > >>>>>>>>
> > >>>>>>>> zzhang at login6.surveyor:~/swift/test> ssh -v -o 
> > >>>>>>>> HostbasedAuthentication=no -l zzh
> > >>>>>>>> ang -i /home/zzhang/.ssh/id_rsa ion-7
> > >>>>>>>> OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005
> > >>>>>>>> debug1: Reading configuration data /etc/ssh/ssh_config
> > >>>>>>>> debug1: Applying options for *
> > >>>>>>>> debug1: /etc/ssh/ssh_config line 25: Deprecated option 
> > >>>>>>>> "RhostsAuthentication"
> > >>>>>>>> debug1: Connecting to ion-7 [172.16.3.7] port 22.
> > >>>>>>>> debug1: Connection established.
> > >>>>>>>> debug1: identity file /home/zzhang/.ssh/id_rsa type 1
> > >>>>>>>> debug1: Remote protocol version 2.0, remote software version OpenSSH_4.2
> > >>>>>>>> debug1: match: OpenSSH_4.2 pat OpenSSH*
> > >>>>>>>> debug1: Enabling compatibility mode for protocol 2.0
> > >>>>>>>> debug1: Local version string SSH-2.0-OpenSSH_4.2
> > >>>>>>>> debug1: SSH2_MSG_KEXINIT sent
> > >>>>>>>> debug1: SSH2_MSG_KEXINIT received
> > >>>>>>>> debug1: kex: server->client aes128-cbc hmac-md5 none
> > >>>>>>>> debug1: kex: client->server aes128-cbc hmac-md5 none
> > >>>>>>>> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
> > >>>>>>>> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> > >>>>>>>> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> > >>>>>>>> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> > >>>>>>>> debug1: Host 'ion-7' is known and matches the RSA host key.
> > >>>>>>>> debug1: Found key in /home/zzhang/.ssh/known_hosts:43
> > >>>>>>>> debug1: ssh_rsa_verify: signature correct
> > >>>>>>>> debug1: SSH2_MSG_NEWKEYS sent
> > >>>>>>>> debug1: expecting SSH2_MSG_NEWKEYS
> > >>>>>>>> debug1: SSH2_MSG_NEWKEYS received
> > >>>>>>>> debug1: SSH2_MSG_SERVICE_REQUEST sent
> > >>>>>>>> debug1: SSH2_MSG_SERVICE_ACCEPT received
> > >>>>>>>> debug1: Authentications that can continue: 
> > >>>>>>>> publickey,keyboard-interactive,hostbased
> > >>>>>>>> debug1: Next authentication method: publickey
> > >>>>>>>> debug1: Offering public key: /home/zzhang/.ssh/id_rsa
> > >>>>>>>> debug1: Authentications that can continue: 
> > >>>>>>>> publickey,keyboard-interactive,hostbased
> > >>>>>>>> debug1: Next authentication method: keyboard-interactive
> > >>>>>>>> debug1: Authentications that can continue: 
> > >>>>>>>> publickey,keyboard-interactive,hostbased
> > >>>>>>>> debug1: No more authentication methods to try.
> > >>>>>>>> Permission denied (publickey,keyboard-interactive,hostbased).
> > >>>>>>>> zzhang at login6.surveyor:~/swift/test>
> > >>>>>>>>
> > >>>>>>>>
> > >>>>>>>> Mihael Hategan wrote:
> > >>>>>>>>     
> > >>>>>>>>         
> > >>>>>>>>             
> > >>>>>>>>                 
> > >>>>>>>>> I looked at the ssh logs, and it seems like you're logging in using
> > >>>>>>>>> hostbased authentication.
> > >>>>>>>>>
> > >>>>>>>>> Try ssh -v -o HostBasedAuthenticatiosn=no -l zzhang
> > >>>>>>>>> -i /home/zzhang/.ssh/id_rsa ion-1
> > >>>>>>>>>
> > >>>>>>>>> Also, note that you misspelled "id_rsa": Warning: Identity
> > >>>>>>>>> file /home/zzhang/.ssh/ir_rsa not accessible: No such 
> > >>>>>>>>> file or directory.
> > >>>>>>>>>
> > >>>>>>>>>
> > >>>>>>>>> On Thu, 2008-12-11 at 18:51 -0600, Zhao Zhang wrote:
> > >>>>>>>>>   
> > >>>>>>>>>       
> > >>>>>>>>>           
> > >>>>>>>>>               
> > >>>>>>>>>                   
> > >>>>>>>>>> Ha, you are right, i put a wrong log here.
> > >>>>>>>>>>
> > >>>>>>>>>> I rerun it, if failed with the following message.
> > >>>>>>>>>>
> > >>>>>>>>>> zzhang at login6.surveyor:~/swift/test> swift -sites.file ./sites.xml 
> > >>>>>>>>>> -tc.file ./tc.data first.swift
> > >>>>>>>>>> Swift svn swift-r2334 (Swift modified locally) cog-r2216
> > >>>>>>>>>>
> > >>>>>>>>>> RunID: 20081211-1850-rcrr2fk0
> > >>>>>>>>>> Progress:
> > >>>>>>>>>> echo started
> > >>>>>>>>>> Sorted: [bgp000:1,000.000(98.545):0/789 overload: 0]
> > >>>>>>>>>> Sorted: [bgp000:999.590(98.544):0/789 overload: 0]
> > >>>>>>>>>> Sorted: [bgp000:999.180(98.544):0/789 overload: 0]
> > >>>>>>>>>> echo failed
> > >>>>>>>>>> Execution failed:
> > >>>>>>>>>>         Could not initialize shared directory on bgp000
> > >>>>>>>>>> Caused by:
> > >>>>>>>>>>         org.globus.cog.abstraction.impl.file.FileResourceException: 
> > >>>>>>>>>> Error while communicating with the SSH server on 172.16.3.7:22
> > >>>>>>>>>> Caused by:
> > >>>>>>>>>>         Public Key Authentication failed
> > >>>>>>>>>>
> > >>>>>>>>>> zhao
> > >>>>>>>>>>
> > >>>>>>>>>> Mihael Hategan wrote:
> > >>>>>>>>>>     
> > >>>>>>>>>>         
> > >>>>>>>>>>             
> > >>>>>>>>>>                 
> > >>>>>>>>>>                     
> > >>>>>>>>>>> On Thu, 2008-12-11 at 18:38 -0600, Zhao Zhang wrote:
> > >>>>>>>>>>>   
> > >>>>>>>>>>>       
> > >>>>>>>>>>>           
> > >>>>>>>>>>>               
> > >>>>>>>>>>>                   
> > >>>>>>>>>>>                       
> > >>>>>>>>>>>> sure, it is 172.16.3.6.passphrase=
> > >>>>>>>>>>>>     
> > >>>>>>>>>>>>         
> > >>>>>>>>>>>>             
> > >>>>>>>>>>>>                 
> > >>>>>>>>>>>>                     
> > >>>>>>>>>>>>                         
> > >>>>>>>>>>> I don't believe you. Can you paste the file?
> > >>>>>>>>>>>
> > >>>>>>>>>>>   
> > >>>>>>>>>>>       
> > >>>>>>>>>>>           
> > >>>>>>>>>>>               
> > >>>>>>>>>>>                   
> > >>>>>>>>>>>                       
> > >>>>>>>>>>>> Mihael Hategan wrote:
> > >>>>>>>>>>>>     
> > >>>>>>>>>>>>         
> > >>>>>>>>>>>>             
> > >>>>>>>>>>>>                 
> > >>>>>>>>>>>>                     
> > >>>>>>>>>>>>                         
> > >>>>>>>>>>>>> On Thu, 2008-12-11 at 18:30 -0600, Zhao Zhang wrote:
> > >>>>>>>>>>>>>   
> > >>>>>>>>>>>>>       
> > >>>>>>>>>>>>>           
> > >>>>>>>>>>>>>               
> > >>>>>>>>>>>>>                   
> > >>>>>>>>>>>>>                       
> > >>>>>>>>>>>>>                           
> > >>>>>>>>>>>>>> Hi, Mihael
> > >>>>>>>>>>>>>>
> > >>>>>>>>>>>>>> If I put .passphrase= there, I got this:
> > >>>>>>>>>>>>>>     
> > >>>>>>>>>>>>>>         
> > >>>>>>>>>>>>>>             
> > >>>>>>>>>>>>>>                 
> > >>>>>>>>>>>>>>                     
> > >>>>>>>>>>>>>>                         
> > >>>>>>>>>>>>>>                             
> > >>>>>>>>>>>>> With the IP address before .passphrase, of course. I.e.
> > >>>>>>>>>>>>> 172.16.3.6.passphrase=
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>>   
> > >>>>>>>>>>>>>       
> > >>>>>>>>>>>>>           
> > >>>>>>>>>>>>>               
> > >>>>>>>>>>>>>                   
> > >>>>>>>>>>>>>                       
> > >>>>>>>>>>>>>                           
> > >>>>>>>>>>>   
> > >>>>>>>>>>>       
> > >>>>>>>>>>>           
> > >>>>>>>>>>>               
> > >>>>>>>>>>>                   
> > >>>>>>>>>>>                       
> > >>>>>>>>>   
> > >>>>>>>>>       
> > >>>>>>>>>           
> > >>>>>>>>>               
> > >>>>>>>>>                   
> > >>>>>>>   
> > >>>>>>>       
> > >>>>>>>           
> > >>>>>>>               
> > >>>>>   
> > >>>>>       
> > >>>>>           
> > >>>   
> > >>>       
> > >
> > >
> > >   
> 
> _______________________________________________
> Swift-devel mailing list
> Swift-devel at ci.uchicago.edu
> http://mail.ci.uchicago.edu/mailman/listinfo/swift-devel




More information about the Swift-devel mailing list