[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: authentication issues
From: |
Alex Laslavic (Lenox) |
Subject: |
Re: authentication issues |
Date: |
Thu, 19 Jan 2006 09:26:40 -0500 |
Thats the ticket there. Aparently in order to proclaim itself as
belonging to a domain, a client has to be able to get that domain by
doing a reverse lookup on it's own IP. If it doesn't get a domain name
back, it just identifies itself as its IP address, which was denied by
my cfservd ACL's in the admit: section.
On Thu, 2006-01-19 at 11:10 +0100, Mark Burgess wrote:
> Run the daemon with option -d2 and you will see the reason.
>
> M
>
> On Wed, 2006-01-18 at 14:32 -0500, Alex Laslavic (Lenox) wrote:
> > Maybe someone can shed some light on this:
> >
> > When running cfagent -v on the client machine, its gets the error
> > message below:
> >
> > Server returned error: Host authentication failed. Did you forget the
> > domain name or IP/DNS address registration (for ipv4 or ipv6)?
> >
> > So far I have:
> > -Verified All keys are happy
> > -Further verified keys using strace and tcpdump (I see an 'OK: key
> > accepted' message)
> > -Edited /etc/hosts to resolve the fqdn of all machines (no DNS yet, so I
> > have to use /etc/hosts for the moment)
> > -Made sure the domain returned by gethostbyaddr() on the server is the
> > same as the domain hardcoded in cfagent.conf
> > domain = ( domain.com )
> >
> > So, umm, now I am not sure what to check. Any clues?
> >
> > Thanks,
> >
> > ~alex
> >
> >
> >
> > _______________________________________________
> > Help-cfengine mailing list
> > Help-cfengine@gnu.org
> > http://lists.gnu.org/mailman/listinfo/help-cfengine
>
signature.asc
Description: This is a digitally signed message part
- authentication issues, Alex Laslavic (Lenox), 2006/01/18
- Re: authentication issues,
Alex Laslavic (Lenox) <=