|
Re: Getting 401 for newly created users using aaa-cli-jar
Ryan Goulding <ryandgoulding@...>
Have you created a grant for the user? Otherwise, it should return 401…
toggle quoted messageShow quoted text
|
|
|
|
Getting 401 for newly created users using aaa-cli-jar
Naveen Kumar Verma
Hi all,
I am trying to create users using aaa-cli-jar, the users are getting created but I am getting 401 when I try to use that user.
Did anything changed recently?
Any idea what I am doing wrong:
# ~/odl_repo/integration-distribution/karaf/target/assembly/data (master) $ java -jar ~/Downloads/aaa-cli-jar-0.5.0-20170522.110416-143.jar -dbd . -l [main] INFO org.opendaylight.aaa.api.StoreBuilder - Checking if default entries must be created in IDM store [main] INFO org.opendaylight.aaa.api.StoreBuilder - Found default domain in IDM store, skipping insertion of default data User names: admin
# ~/odl_repo/integration-distribution/karaf/target/assembly/data (master) $ java -jar ~/Downloads/aaa-cli-jar-0.5.0-20170522.110416-143.jar -dbd . --nu naveen -a -p naveen [main] INFO org.opendaylight.aaa.api.StoreBuilder - Checking if default entries must be created in IDM store [main] INFO org.opendaylight.aaa.api.StoreBuilder - Found default domain in IDM store, skipping insertion of default data New user created, as admin: naveen
# ~/odl_repo/integration-distribution/karaf/target/assembly/data (master) $ java -jar ~/Downloads/aaa-cli-jar-0.5.0-20170522.110416-143.jar -dbd . -l [main] INFO org.opendaylight.aaa.api.StoreBuilder - Checking if default entries must be created in IDM store [main] INFO org.opendaylight.aaa.api.StoreBuilder - Found default domain in IDM store, skipping insertion of default data User names: admin naveen
# ~/odl_repo/integration-distribution/karaf/target/assembly/data (master)
# ~ $ curl -u naveen:naveen -v -H 'Content-type: application/json' -X GET http://localhost:8181/auth/v1/users | python -mjson.tool Note: Unnecessary use of -X or --request, GET is already inferred. * timeout on name lookup is not supported * Trying ::1... * TCP_NODELAY set % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Connected to localhost (::1) port 8181 (#0) * Server auth using Basic with user 'naveen' > GET /auth/v1/users HTTP/1.1 > Host: localhost:8181 > Authorization: Basic bmF2ZWVuOm5hdmVlbg== > User-Agent: curl/7.51.0 > Accept: */* > Content-type: application/json > < HTTP/1.1 401 Unauthorized < Set-Cookie: rememberMe=deleteMe; Path=/; Max-Age=0; Expires=Mon, 16-Jul-2018 16:29:04 GMT * Authentication problem. Ignoring this. < WWW-Authenticate: BASIC realm="application" < Content-Length: 0 < * Curl_http_done: called premature == 0 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 * Connection #0 to host localhost left intact Expecting value: line 1 column 1 (char 0)
# ~
Thanks, Naveen
|
|
|
|
Re: [release] Autorelease oxygen failed to build aaa-shiro from aaa
Tom Pantelis
toggle quoted messageShow quoted text
On Sat, Jul 14, 2018 at 8:43 PM, Jenkins <jenkins-dontreply@...> wrote: Attention aaa-devs,
|
|
|
|
[release] Autorelease oxygen failed to build aaa-shiro from aaa
Jenkins <jenkins-dontreply@...>
Attention aaa-devs,
Autorelease oxygen failed to build aaa-shiro from aaa in build 353. Attached is a snippet of the error message related to the failure that we were able to automatically parse as well as console logs. Console Logs: https://logs.opendaylight.org/releng/vex-yul-odl-jenkins-1/autorelease-release-oxygen/353 Jenkins Build: https://jenkins.opendaylight.org/releng/job/autorelease-release-oxygen/353/ Please review and provide an ETA on when a fix will be available. Thanks, ODL releng/autorelease team
|
|
|
|
Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT
Tom Pantelis
On Sun, Jul 8, 2018 at 4:33 AM, Ariel Adam <aadam@...> wrote:
I have an idea for this - will push patch soon.
|
|
|
|
Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT
Ariel Adam <aadam@...>
Ryan, can you take a look? Thanks.
On Fri, Jul 6, 2018 at 6:29 AM, Tom Pantelis <tompantelis@...> wrote:
|
|
|
|
Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT
Tom Pantelis
On Thu, Jul 5, 2018 at 6:29 PM, Jamo Luhrsen <jluhrsen@...> wrote: Here is a jira to track this one: This is really a AAA issue so moved to https://jira.opendaylight.org/browse/AAA-176
|
|
|
|
Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT
Jamo Luhrsen <jluhrsen@...>
toggle quoted messageShow quoted text
On 07/03/2018 07:16 PM, Tom Pantelis wrote:
On Tue, Jul 3, 2018 at 9:39 PM, Vishal Thapar <vthapar@... <mailto:vthapar@...>> wrote:
|
|
|
|
Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT
Tom Pantelis
On Tue, Jul 3, 2018 at 9:39 PM, Vishal Thapar <vthapar@...> wrote:
The exception emanates from shiro code so that would be the place to start. Anyone have cycles now to try to look into this?
|
|
|
|
Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT
Vishal Thapar <vthapar@...>
On Wed, Jul 4, 2018 at 1:01 AM, Michael Vorburger <vorburger@...> wrote:
It gives information about which node is leader and which is follower for a given shard while diagstatus only gives information about if all services are up or not. It is used in monitoring tool of ODLTools. Unless every bit of information we get from jolokia can be provided through an alternate rest call, this needs to be addressed.
|
|
|
|
Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT
Faseela K <faseela.k@...>
Michael,
toggle quoted messageShow quoted text
The shard list is being dumped to make sure our single shard configuration is proper at different places of the CSIT. Not to check if cluster is ready. Thanks, Faseela
-----Original Message-----
From: Jamo Luhrsen [mailto:jluhrsen@...] Sent: Wednesday, July 04, 2018 3:31 AM To: Michael Vorburger <vorburger@...>; Faseela K <faseela.k@...> Cc: Sam Hague <shague@...>; aaa-dev@...; odl netvirt dev <netvirt-dev@...> Subject: Re: [Aaa-dev] [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT On 07/03/2018 12:31 PM, Michael Vorburger wrote: On Tue, Jul 3, 2018 at 7:21 AM, Faseela K <faseela.k@... <mailto:faseela.k@...>>wrote:even if that is a better thing for CSIT to do, it would just be a workaround to whatever problem is really there. JamO ____
|
|
|
|
Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT
Jamo Luhrsen <jluhrsen@...>
On 07/03/2018 12:31 PM, Michael Vorburger wrote:
On Tue, Jul 3, 2018 at 7:21 AM, Faseela K <faseela.k@... <mailto:faseela.k@...>>wrote:even if that is a better thing for CSIT to do, it would just be a workaround to whatever problem is really there. JamO ____ 2018-07-02T02:47:54,463 | INFO |
|
|
|
|
Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT
Michael Vorburger <vorburger@...>
|
|
|
|
Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT
Faseela K <faseela.k@...>
Tom, I couldn’t follow your response below completely. But, the URL whatever I am using in CSIT works most of the times, and only in some random cases it throws the shiro error. When I updated the CSIT to retry on failure, it works on subsequent retries. Below is the exception stack trace :
2018-07-02T02:47:54,463 | INFO | org.ops4j.pax.web.service.jetty.internal.LateInvalidatingHashSessionManager@38d77047Timer | LateInvalidatingHashSessionManager | 438 - org.ops4j.pax.web.pax-web-jetty - 6.0.9 | Timing out for 1 session(s) with id 3u5gk3qqbpby1c13f3hpivnge 2018-07-02T02:47:54,470 | INFO | org.ops4j.pax.web.service.jetty.internal.LateInvalidatingHashSessionManager@19c0aeb1Timer | LateInvalidatingHashSessionManager | 438 - org.ops4j.pax.web.pax-web-jetty - 6.0.9 | Timing out for 1 session(s) with id yev7cqw2kyjsy6978sf1nmrl 2018-07-02T02:48:05,934 | WARN | qtp1371496041-116 | HttpChannel | 156 - org.eclipse.jetty.util - 9.3.21.v20170918 | //10.30.170.46:8181/jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards org.apache.shiro.session.UnknownSessionException: There is no session with id [bf682403-082b-4520-993f-987a8804bd31] at org.apache.shiro.session.mgt.eis.AbstractSessionDAO.readSession(AbstractSessionDAO.java:170) [134:org.apache.shiro.core:1.3.2] at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSessionFromDataSource(DefaultSessionManager.java:236) [134:org.apache.shiro.core:1.3.2] at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSession(DefaultSessionManager.java:222) [134:org.apache.shiro.core:1.3.2] at org.apache.shiro.session.mgt.AbstractValidatingSessionManager.doGetSession(AbstractValidatingSessionManager.java:118) [134:org.apache.shiro.core:1.3.2] at org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupSession(AbstractNativeSessionManager.java:148) [134:org.apache.shiro.core:1.3.2] at org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupRequiredSession(AbstractNativeSessionManager.java:152) [134:org.apache.shiro.core:1.3.2] at org.apache.shiro.session.mgt.AbstractNativeSessionManager.getHost(AbstractNativeSessionManager.java:237) [134:org.apache.shiro.core:1.3.2] at org.apache.shiro.session.mgt.DelegatingSession.getHost(DelegatingSession.java:111) [134:org.apache.shiro.core:1.3.2] at org.apache.shiro.session.ProxiedSession.getHost(ProxiedSession.java:93) [134:org.apache.shiro.core:1.3.2] at org.apache.shiro.session.ProxiedSession.getHost(ProxiedSession.java:93) [134:org.apache.shiro.core:1.3.2] at org.apache.shiro.subject.support.DefaultSubjectContext.resolveHost(DefaultSubjectContext.java:270) [134:org.apache.shiro.core:1.3.2] at org.apache.shiro.mgt.DefaultSubjectFactory.createSubject(DefaultSubjectFactory.java:45) [134:org.apache.shiro.core:1.3.2] at org.apache.shiro.mgt.DefaultSecurityManager.doCreateSubject(DefaultSecurityManager.java:369) [134:org.apache.shiro.core:1.3.2] at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:344) [134:org.apache.shiro.core:1.3.2] at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:183) [134:org.apache.shiro.core:1.3.2] at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:283) [134:org.apache.shiro.core:1.3.2] at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) [134:org.apache.shiro.core:1.3.2] at org.opendaylight.aaa.authenticator.ODLAuthenticator.authenticate(ODLAuthenticator.java:42) [198:org.opendaylight.aaa.shiro:0.8.0.SNAPSHOT] at Proxyb44c2d91_1f07_4b19_be55_2f3cb0209c21.authenticate(Unknown Source) [?:?] at org.jolokia.osgi.security.ServiceAuthenticationHttpContext.handleSecurity(ServiceAuthenticationHttpContext.java:72) [189:org.jolokia.osgi:1.5.0] at org.ops4j.pax.web.service.internal.WebContainerContextWrapper.handleSecurity(WebContainerContextWrapper.java:46) [440:org.ops4j.pax.web.pax-web-runtime:6.0.9] at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:69) [438:org.ops4j.pax.web.pax-web-jetty:6.0.9] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) [153:org.eclipse.jetty.server:9.3.21.v20170918] at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548) [151:org.eclipse.jetty.security:9.3.21.v20170918] at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226) [153:org.eclipse.jetty.server:9.3.21.v20170918] at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180) [153:org.eclipse.jetty.server:9.3.21.v20170918] at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:284) [438:org.ops4j.pax.web.pax-web-jetty:6.0.9] at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512) [154:org.eclipse.jetty.servlet:9.3.21.v20170918] at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) [153:org.eclipse.jetty.server:9.3.21.v20170918] at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112) [153:org.eclipse.jetty.server:9.3.21.v20170918] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) [153:org.eclipse.jetty.server:9.3.21.v20170918] at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:80) [438:org.ops4j.pax.web.pax-web-jetty:6.0.9] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134) [153:org.eclipse.jetty.server:9.3.21.v20170918] at org.eclipse.jetty.server.Server.handle(Server.java:534) [153:org.eclipse.jetty.server:9.3.21.v20170918] at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:333) [153:org.eclipse.jetty.server:9.3.21.v20170918] at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251) [153:org.eclipse.jetty.server:9.3.21.v20170918] at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283) [145:org.eclipse.jetty.io:9.3.21.v20170918] at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:108) [145:org.eclipse.jetty.io:9.3.21.v20170918] at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93) [145:org.eclipse.jetty.io:9.3.21.v20170918] at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303) [156:org.eclipse.jetty.util:9.3.21.v20170918] at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148) [156:org.eclipse.jetty.util:9.3.21.v20170918] at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136) [156:org.eclipse.jetty.util:9.3.21.v20170918] at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671) [156:org.eclipse.jetty.util:9.3.21.v20170918] at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589) [156:org.eclipse.jetty.util:9.3.21.v20170918] at java.lang.Thread.run(Thread.java:748) [?:?]
Thanks, Faseela
From: Tom Pantelis [mailto:tompantelis@...]
Sent: Monday, July 02, 2018 10:29 PM To: Sam Hague <shague@...> Cc: Vishal Thapar <vthapar@...>; odl netvirt dev <netvirt-dev@...>; aaa-dev@...; Faseela K <faseela.k@...> Subject: Re: [Aaa-dev] [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT
jolokia has a different security code path than restconf that interfaces with shiro. It starts with:
.... at org.apache.shiro.subject.support.DefaultSubjectContext.resolveHost(DefaultSubjectContext.java:270) [130:org.apache.shiro.core:1.3.2] at org.apache.shiro.mgt.DefaultSubjectFactory.createSubject(DefaultSubjectFactory.java:45) [130:org.apache.shiro.core:1.3.2] at org.apache.shiro.mgt.DefaultSecurityManager.doCreateSubject(DefaultSecurityManager.java:369) [130:org.apache.shiro.core:1.3.2] at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:344) [130:org.apache.shiro.core:1.3.2] at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:183) [130:org.apache.shiro.core:1.3.2] at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:283) [130:org.apache.shiro.core:1.3.2] at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) [130:org.apache.shiro.core:1.3.2] at org.opendaylight.aaa.authenticator.ODLAuthenticator.authenticate(ODLAuthenticator.java:42) [188:org.opendaylight.aaa.shiro:0.8.0.SNAPSHOT] at Proxy02007817_e19a_4a1a_8178_e2f238fd17a0.authenticate(Unknown Source) [?:?] at org.jolokia.osgi.security.ServiceAuthenticationHttpContext.handleSecurity(ServiceAuthenticationHttpContext.java:72) [179:org.jolokia.osgi:1.5.0] at org.ops4j.pax.web.service.internal.WebContainerContextWrapper.handleSecurity(WebContainerContextWrapper.java:46) [312:org.ops4j.pax.web.pax-web-runtime:6.0.9] at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:69) [310:org.ops4j.pax.web.pax-web-jetty:6.0.9]
On Mon, Jul 2, 2018 at 12:44 PM, Sam Hague <shague@...> wrote:
|
|
|
|
Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT
Tom Pantelis
jolokia has a different security code path than restconf that interfaces with shiro. It starts with: .... at org.apache.shiro.subject.support.DefaultSubjectContext.resolveHost(DefaultSubjectContext.java:270) [130:org.apache.shiro.core:1.3.2] at org.apache.shiro.mgt.DefaultSubjectFactory.createSubject(DefaultSubjectFactory.java:45) [130:org.apache.shiro.core:1.3.2] at org.apache.shiro.mgt.DefaultSecurityManager.doCreateSubject(DefaultSecurityManager.java:369) [130:org.apache.shiro.core:1.3.2] at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:344) [130:org.apache.shiro.core:1.3.2] at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:183) [130:org.apache.shiro.core:1.3.2] at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:283) [130:org.apache.shiro.core:1.3.2] at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) [130:org.apache.shiro.core:1.3.2] at org.opendaylight.aaa.authenticator.ODLAuthenticator.authenticate(ODLAuthenticator.java:42) [188:org.opendaylight.aaa.shiro:0.8.0.SNAPSHOT] at Proxy02007817_e19a_4a1a_8178_e2f238fd17a0.authenticate(Unknown Source) [?:?] at org.jolokia.osgi.security.ServiceAuthenticationHttpContext.handleSecurity(ServiceAuthenticationHttpContext.java:72) [179:org.jolokia.osgi:1.5.0] at org.ops4j.pax.web.service.internal.WebContainerContextWrapper.handleSecurity(WebContainerContextWrapper.java:46) [312:org.ops4j.pax.web.pax-web-runtime:6.0.9] at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:69) [310:org.ops4j.pax.web.pax-web-jetty:6.0.9]
On Mon, Jul 2, 2018 at 12:44 PM, Sam Hague <shague@...> wrote:
|
|
|
|
Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT
Sam Hague <shague@...>
Could this be related to the clustering bugs Vic and Jamo are following like [1] that deal with 500 responses?
On Mon, Jul 2, 2018 at 2:27 AM Vishal Thapar <vthapar@...> wrote:
|
|
|
|
Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT
Vishal Thapar <vthapar@...>
I've seen this in my local testing during bringup or during ownership change. Sometimes it persists even post ownership change.
On Mon, Jul 2, 2018 at 11:24 AM, Faseela K <faseela.k@...> wrote:
|
|
|
|
Random errors while fetching JOLOKIA URLs in 3 node CSIT
Faseela K <faseela.k@...>
Hello aaa-dev, I am trying to dump some of the MDSAL exposed MBeans with jolokia over HTTP , while am experimenting with some of the 3 node netvirt CSIT activities [0]. The HTTP requests work most of the cases, but sometimes hit the below error randomly? Any pointers?
<html> <head> <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/> <title>Error 500 </title> </head> <body> <h2>HTTP ERROR: 500</h2> <p>Problem accessing /jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards. Reason: <pre> org.apache.shiro.session.UnknownSessionException: There is no session with id [4050ca12-d12d-4965-8204-d3c11cb16e1b]</pre></p> <hr /> </body> </html>
Thanks, Faseela
|
|
|
|
Re: ssh passwordless login to Karaf
Ryan Goulding <ryandgoulding@...>
I don't know, I don't use or maintain this code. Ask the people who do: Regards, Ryan Goulding
On Wed, Jun 13, 2018 at 1:00 PM, A Vamsikrishna <a.vamsikrishna@...> wrote:
|
|
|
|
Re: ssh passwordless login to Karaf
A Vamsikrishna
Hi Ryan,
I want to do passwordless login using the userid: egjmnnq . I am following https://karaf.apache.org/manual/latest/security
below are the changes made but no luck as it's still prompting for password:
1. etc/users.properties:
egjmnnq = egjmnnq,_g_:admingroup _g_\:admingroup = group,admin,manager,viewer,systembundles
2. Generated keys as follows on my openSSH client:
ssh-keygen -t dsa -f karaf.id_dsa -N karaf
[egjmnnq.PF0KDF1U] ➤ ls -lrt total 6 -rw-r--r-- 1 egjmnnq UsersGrp 393 Jun 13 18:01 README.txt lrwxrwxrwx 1 egjmnnq UsersGrp 33 Jun 13 18:01 MyDocuments -> /drives/C/Users/egjmnnq/DOCUME~1/ lrwxrwxrwx 1 egjmnnq UsersGrp 61 Jun 13 18:01 LauncherFolder -> /drives/C/Users/egjmnnq/Desktop/NEWFOL~1/ERICSS~1/MOBAXT~1.2/ lrwxrwxrwx 1 egjmnnq UsersGrp 32 Jun 13 18:01 Desktop -> /drives/C/Users/egjmnnq/Desktop/ -rw-r--r-- 1 egjmnnq UsersGrp 606 Jun 13 18:23 karaf.id_dsa.pub -rw-r--r-- 1 egjmnnq UsersGrp 751 Jun 13 18:23 karaf.id_dsa
[egjmnnq.PF0KDF1U] ➤ cat karaf.id_dsa.pub ssh-dss AAAAB3NzaC1kc3MAAACBANNMOUvACwVH99GhyKzSB7m/Ovy+xAQZX1gUs5Pk2FeUyCtR3nVBDNtdiT/4Eg/RT/Be+RynTanWJ/5KBeu3hY3I3gOIi9H1rFztf1ObOc+BvUtFC6h4/dppXqxmHm1PX67DVLAmz7IdR+dvxoG5iplJKHUvdRA8PiHB4ffL/c77AAAAFQDFTP6Qn+8McN3WA4/ELTcoYMzdKwAAAIBqK/E8dsXUSH62Og/TdifJpfLadq90zA3DHS1zvLYAJ+iIBm3V6jrKGw5H036hfYKOPvzWQ5USpkWfj4WXecra+Bfpxfq+zxWL3Xs1c592oJne4h0T9RQC780/tC3hLXoMeotuL4avM1IiQrnXkk3FjMj04elUIUwGAdBeVhG5HAAAAIAaaGsbYUzpdKrEOMpo+1XQGXkL8lGTW1JJOGbAGeZAe6/6xLIl025HIlnYCrAWsmqL6xcRzbzI/Enk3s9ZddQ+XmLJddgURwj8tMIAGZq0p7emBczw4fOaiv4Tc2Z+vyQJ+n+P9V94g1j2hdyqq4H2Ew0oPvIUUAEGv2Yz+SGj7Q== egjmnnq@PF0KDF1U
3. copied pub key in etc/keys.properties
egjmnnq=ssh-dss AAAAB3NzaC1kc3MAAACBANNMOUvACwVH99GhyKzSB7m/Ovy+xAQZX1gUs5Pk2FeUyCtR3nVBDNtdiT/4Eg/RT/Be+RynTanWJ/5KBeu3hY3I3gOIi9H1rFztf1ObOc+BvUtFC6h4/dppXqxmHm1PX67DVLAmz7IdR+dvxoG5iplJKHUvdRA8PiHB4ffL/c77AAAAFQDFTP6Qn+8McN3WA4/ELTcoYMzdKwAAAIBqK/E8dsXUSH62Og/TdifJpfLadq90zA3DHS1zvLYAJ+iIBm3V6jrKGw5H036hfYKOPvzWQ5USpkWfj4WXecra+Bfpxfq+zxWL3Xs1c592oJne4h0T9RQC780/tC3hLXoMeotuL4avM1IiQrnXkk3FjMj04elUIUwGAdBeVhG5HAAAAIAaaGsbYUzpdKrEOMpo+1XQGXkL8lGTW1JJOGbAGeZAe6/6xLIl025HIlnYCrAWsmqL6xcRzbzI/Enk3s9ZddQ+XmLJddgURwj8tMIAGZq0p7emBczw4fOaiv4Tc2Z+vyQJ+n+P9V94g1j2hdyqq4H2Ew0oPvIUUAEGv2Yz+SGj7Q== egjmnnq@PF0KDF1U,_g_:admingroup _g_\:admingroup = group,admin,manager,viewer,systembundles
4. When I try to connect from my openSSH client it's still prompting for password.
[egjmnnq.PF0KDF1U] ➤ ssh -p 8101 -i karaf.id_dsa egjmnnq@... egjmnnq@...'s password:
________ ________ .__ .__ .__ __ \_____ \ ______ ____ ____ \______ \ _____ ___.__.| | |__| ____ | |___/ |_ / | \\____ \_/ __ \ / \ | | \\__ \< | || | | |/ ___\| | \ __\ / | \ |_> > ___/| | \| ` \/ __ \\___ || |_| / /_/ > Y \ | \_______ / __/ \___ >___| /_______ (____ / ____||____/__\___ /|___| /__| \/|__| \/ \/ \/ \/\/ /_____/ \/
Hit '<tab>' for a list of available commands and '[cmd] --help' for help on a specific command. Hit '<ctrl-d>' or type 'system:shutdown' or 'logout' to shutdown OpenDaylight.
opendaylight-user@root>
Am I missing anything ?
Thanks, Vamsi
From: Ryan Goulding [mailto:ryandgoulding@...]
Sent: Wednesday, June 13, 2018 7:26 PM To: A Vamsikrishna <a.vamsikrishna@...> Cc: aaa-dev@... Subject: Re: [Aaa-dev] ssh passwordless login to Karaf
Vamsi,
AAA does not control karaf's authentication; the two are configured separately. I suggest you engage the upstream Apache Karaf community.
HTH.
Regards, Ryan
Regards,
On Wed, Jun 13, 2018 at 5:27 AM, A Vamsikrishna <a.vamsikrishna@...> wrote:
|
|
|