question Re: Exhausted available authentication methods during the step "Install Agents" in Support Questions

Exhausted available authentication methods during the step "Install Agents"

Gregonmac — Thu, 26 Dec 2019 13:38:13 GMT

Hello I try to install CDM 6.3.1~1466458.ubuntu1804 on a server A to handle installation of HBASE on a server B.

But I have a problem during the step "Install Agents".

I have found some post on the forum which speak about NOPASSWD to add into the sudoers file of the server B, but in my case I can established a ssh connexion from the server A to the server B in command line and run a sudo command without any password, so I think my servers was correctly configured.

Does anyone can help me ?

Re: Exhausted available authentication methods during the step "Install Agents"

Gregonmac — Thu, 02 Jan 2020 08:56:28 GMT

Hello everybody and happy new year 2020.

To complete my previous post, I have to indicate that in my case I try to connect my servers by using a private key.

I have generate a key couple in server A by using the following command :

ssh-keygen -t rsa

And after a add the content of the generated file .ssh/id_rsa.pub into the .ssh/authorized_keys file of server B

After a retry I obtain the same result

I found this trace in the log file

2020-01-02 09:48:39,559 WARN NodeConfiguratorThread-22-0:com.cloudera.server.cmf.node.NodeConfigurator: Could not authenticate to SERVER_B
net.schmizz.sshj.userauth.UserAuthException: Exhausted available authentication methods
at net.schmizz.sshj.SSHClient.auth(SSHClient.java:232)
at net.schmizz.sshj.SSHClient.auth(SSHClient.java:208)
at com.cloudera.server.cmf.node.NodeConfigurator.connect(NodeConfigurator.java:416)
at com.cloudera.server.cmf.node.NodeConfigurator.configure(NodeConfigurator.java:1028)
at com.cloudera.server.cmf.node.NodeConfigurator.run(NodeConfigurator.java:1106)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: net.schmizz.sshj.userauth.UserAuthException: Problem getting public key from PKCS8KeyFile{resource=[PrivateKeyStringResource]}
at net.schmizz.sshj.userauth.method.KeyedAuthMethod.putPubKey(KeyedAuthMethod.java:46)
at net.schmizz.sshj.userauth.method.AuthPublickey.buildReq(AuthPublickey.java:62)
at net.schmizz.sshj.userauth.method.AuthPublickey.buildReq(AuthPublickey.java:81)
at net.schmizz.sshj.userauth.method.AbstractAuthMethod.request(AbstractAuthMethod.java:63)
at net.schmizz.sshj.userauth.UserAuthImpl.authenticate(UserAuthImpl.java:68)
at net.schmizz.sshj.SSHClient.auth(SSHClient.java:226)
... 9 more
Caused by: java.io.IOException: unrecognised object: OPENSSH PRIVATE KEY
at org.bouncycastle.openssl.PEMParser.readObject(Unknown Source)
at net.schmizz.sshj.userauth.keyprovider.PKCS8KeyFile.readKeyPair(PKCS8KeyFile.java:132)
at net.schmizz.sshj.userauth.keyprovider.PKCS8KeyFile.getPublic(PKCS8KeyFile.java:78)
at net.schmizz.sshj.userauth.method.KeyedAuthMethod.putPubKey(KeyedAuthMethod.java:44)
... 14 more

Re: Exhausted available authentication methods during the step "Install Agents"

GangWar — Thu, 02 Jan 2020 12:57:02 GMT

@Gregonmac You have to perform below steps (cross check if already performed).

Login to the first node (e. g.: CM_Server)
Run ssh-keygen -t rsa, it will generate new files id_rsa and id_rsa.pub files.
Copy the contents of id_rsa.pub to authorized_keys - cat id_rsa.pub >> authorized_keys
You need to copy the contents of id_rsa.pub on to all the nodes in the cluster.

Most Important thing to check the permission of the private key as your stack is complaining about the key is not accessible.

Caused by: java.io.IOException: unrecognised object: OPENSSH PRIVATE KEY
at org.bouncycastle.openssl.PEMParser.readObject(Unknown Source)

You can also refer to this document from Cloudera - https://www.cloudera.com/documentation/director/latest/topics/director_gcp_config_tools.html

Re: Exhausted available authentication methods during the step "Install Agents"

stevenmatison — Thu, 02 Jan 2020 13:25:37 GMT

Are the FQDN hostnames properly setup and properly listed in /etc/hosts, before ssh-keygen?

After you add SERVER A key to authorized_keys on SERVER B, do a ssh from Server A to B: ssh root@fqdn.serverb.com and you should get a prompt to accept the login (y/n), choose y and enter. Then test Install Agent.

If the SERVER A to B root login step does not work , you do not have the keys correct in ~/.ssh/authorized_keys.

Re: Exhausted available authentication methods during the step "Install Agents"

Gregonmac — Thu, 02 Jan 2020 13:39:24 GMT

Thanks a lot, the issue seem to be occur because I does not put the public key in the authorized_auth of server A (I only put it on the other server).