Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-9708

SSH Agent TImeout too small / Not tunable

    XMLWordPrintable

    Details

    • Type: Incident report
    • Status: Closed
    • Priority: Major
    • Resolution: Duplicate
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Server (S)
    • Labels:
    • Environment:
      Centos 6.3 x64

      Description

      Hello,

      I have two hosts "hostA" and "hostB". I'm trying to perform an ssh agent check and I'm getting:

      26110:20120713:215807.165 item [hostB:ssh.run[test]] became not supported: Cannot obtain authentication methods: Would block requesting userauth list

      The item is set up with the root user in the check. The public key is id_dsa.pub and the private key is id_dsa. I've added the public keygen key for zabbix server account to the authorized_keys2 file and I've verified I can ssh into hostB from hostA without a password. (sudo -u zabbix ssh root@hostB) I've also modified the server config file to point to the correct path of the id_dsa files (/home/zabbix/.ssh)

      The script is just a simple "service sshd status" (I'm using this as a test)

      I set up a watch on /var/log/secure and I can see that it is connecting, but it appears to be timing out:

      Jul 13 22:10:54 hostB sshd[6059]: Received disconnect from 11.22.33.44: 11: Normal Shutdown

      I created /etc/hosts entries on both machines, and it finally worked!

      THE PROBLEM IS THIS:

      The ssh agent tries to do a name lookup upon connecting, and when there isn't an entry for that host, it just gives up after a while and logs you in. The Zabbix timeout period is much less than the ssh login time. The Zabbix Server error message is very misleading and poorly worded.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              xocolate Arthur Ivanov
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: