Re: Key Authentication for <host> failed, Unable to establish connection

help-cfengine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Key Authentication for <host> failed, Unable to establish connection

From:	Mark . Burgess
Subject:	Re: Key Authentication for <host> failed, Unable to establish connection with <server>
Date:	Wed, 3 Jul 2002 08:08:51 +0200 (MET DST)

I used to see these too, but not any more. I have no explanation for them
at all. Maybe try a newer openssl. That is really the only source
of the error that I can think of. 

This message occurs when either decryption of the challenge(response)
fails or transmitted keys do not match previously known keys. Either
way, it's all openssl stuff, or "trust" settings. 

Of course, it could be a disk read error....

I don't know what to say. Try upgrading to the latest openssl and
recompiling,and let me know if it helps. I don't know why the problem
went away here, but I do know that it has often been that one host
didn't receive the public key of another and that this then kicks
in when they try to talk.

Mark

On  2 Jul, Frank Smith wrote:
> --On Tuesday, July 02, 2002 19:04:38 -0700 "Lumpkin, Buddy" 
> <Buddy.Lumpkin@nordstrom.com> wrote:
> 
>> I run cfexecd -F on about 80 hosts every hour with a splaytime of 50
>> minutes.  I feel pretty confident that our network doesn't have very
>> many hiccups, yet I get a few of these error messages every day.
>> Has anyone else had intermittent problems with this?
> 
> I run it on over 60 hosts with a splaytime of 10 minutes (and most of
> them through VPNs to remote sites), and get one of those errors every
> couple of days (although there are the occasional days with 3 to 4
> of them.  They seem to have no correlation to network traffic, system
> load (client or server) or even phase of the moon.
>    Never dug in the code to see if it retried, just figured that the
> occasional packet got dropped and it didn't retry.  If it was easily
> reproducible I would turn up debugging on both ends and watch, but it
> doesn't happen often enough to be practical.
>    If anyone has any explanations I'd like to hear it.
> 
> Frank
> 
> 
> --
> Frank Smith                                             fsmith@hoovers.com
> Systems Administrator                                  Voice: 512-374-4673
> Hoover's Online                                          Fax: 512-374-4501

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Work: +47 22453272            Email:  Mark.Burgess@iu.hio.no
Fax : +47 22453205            WWW  :  http://www.iu.hio.no/~mark
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Prev in Thread]

Current Thread

[Next in Thread]

Key Authentication for <host> failed, Unable to establish connection with <server>, Lumpkin, Buddy, 2002/07/02
- Re: Key Authentication for <host> failed, Unable to establish connection with <server>, Frank Smith, 2002/07/03
  - Re: Key Authentication for <host> failed, Unable to establish connection with <server>, Mark . Burgess <=
- RE: Key Authentication for <host> failed, Unable to establish connection with <server>, Lumpkin, Buddy, 2002/07/05
  - Re: Key Authentication for <host> failed, Unable to establish connection with <server>, Mark . Burgess, 2002/07/05

Prev by Date: Re: Key Authentication for <host> failed, Unable to establish connection with <server>
Next by Date: Mirroring / distributing large amounts of data
Previous by thread: Re: Key Authentication for <host> failed, Unable to establish connection with <server>
Next by thread: RE: Key Authentication for <host> failed, Unable to establish connection with <server>
Index(es):
- Date
- Thread