Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Exhausted available authentication methods during the step "Install Agents"

Solved Go to solution

Exhausted available authentication methods during the step "Install Agents"

New Contributor

Hello I try to install CDM 6.3.1~1466458.ubuntu1804 on a server A to handle installation of HBASE on a server B.

But I have a problem during the step "Install Agents".

 

I have found some post on the forum which speak about NOPASSWD to add into the sudoers file of the server B, but in my case I can established a ssh connexion from the server A to the server B in command line and run a sudo command without any password, so I think my servers was correctly configured.

 

Does anyone can help me ?

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Re: Exhausted available authentication methods during the step "Install Agents"

Expert Contributor

@Gregonmac You have to perform below steps (cross check if already performed).

  • Login to the first node (e. g.: CM_Server)
  • Run ssh-keygen -t rsa, it will generate new files id_rsa and id_rsa.pub files.
  • Copy the contents of id_rsa.pub to authorized_keys - cat id_rsa.pub >> authorized_keys
  • You need to copy the contents of id_rsa.pub on to all the nodes in the cluster.

Most Important thing to check the permission of the private key as your stack is complaining about the key is not accessible.

Caused by: java.io.IOException: unrecognised object: OPENSSH PRIVATE KEY
at org.bouncycastle.openssl.PEMParser.readObject(Unknown Source)

You can also refer to this document from Cloudera - https://www.cloudera.com/documentation/director/latest/topics/director_gcp_config_tools.html

4 REPLIES 4

Re: Exhausted available authentication methods during the step "Install Agents"

New Contributor

Hello everybody and happy new year 2020.

 

To complete my previous post, I have to indicate that in my case I try to connect my servers by using a private key.

I have generate a key couple in server A by using the following command :

ssh-keygen -t rsa

And after a add the content of the generated file .ssh/id_rsa.pub into the .ssh/authorized_keys file of server B

 

After a retry I obtain the same result

 

I found this trace in the log file

2020-01-02 09:48:39,559 WARN NodeConfiguratorThread-22-0:com.cloudera.server.cmf.node.NodeConfigurator: Could not authenticate to SERVER_B
net.schmizz.sshj.userauth.UserAuthException: Exhausted available authentication methods
at net.schmizz.sshj.SSHClient.auth(SSHClient.java:232)
at net.schmizz.sshj.SSHClient.auth(SSHClient.java:208)
at com.cloudera.server.cmf.node.NodeConfigurator.connect(NodeConfigurator.java:416)
at com.cloudera.server.cmf.node.NodeConfigurator.configure(NodeConfigurator.java:1028)
at com.cloudera.server.cmf.node.NodeConfigurator.run(NodeConfigurator.java:1106)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: net.schmizz.sshj.userauth.UserAuthException: Problem getting public key from PKCS8KeyFile{resource=[PrivateKeyStringResource]}
at net.schmizz.sshj.userauth.method.KeyedAuthMethod.putPubKey(KeyedAuthMethod.java:46)
at net.schmizz.sshj.userauth.method.AuthPublickey.buildReq(AuthPublickey.java:62)
at net.schmizz.sshj.userauth.method.AuthPublickey.buildReq(AuthPublickey.java:81)
at net.schmizz.sshj.userauth.method.AbstractAuthMethod.request(AbstractAuthMethod.java:63)
at net.schmizz.sshj.userauth.UserAuthImpl.authenticate(UserAuthImpl.java:68)
at net.schmizz.sshj.SSHClient.auth(SSHClient.java:226)
... 9 more
Caused by: java.io.IOException: unrecognised object: OPENSSH PRIVATE KEY
at org.bouncycastle.openssl.PEMParser.readObject(Unknown Source)
at net.schmizz.sshj.userauth.keyprovider.PKCS8KeyFile.readKeyPair(PKCS8KeyFile.java:132)
at net.schmizz.sshj.userauth.keyprovider.PKCS8KeyFile.getPublic(PKCS8KeyFile.java:78)
at net.schmizz.sshj.userauth.method.KeyedAuthMethod.putPubKey(KeyedAuthMethod.java:44)
... 14 more

Highlighted

Re: Exhausted available authentication methods during the step "Install Agents"

Expert Contributor

@Gregonmac You have to perform below steps (cross check if already performed).

  • Login to the first node (e. g.: CM_Server)
  • Run ssh-keygen -t rsa, it will generate new files id_rsa and id_rsa.pub files.
  • Copy the contents of id_rsa.pub to authorized_keys - cat id_rsa.pub >> authorized_keys
  • You need to copy the contents of id_rsa.pub on to all the nodes in the cluster.

Most Important thing to check the permission of the private key as your stack is complaining about the key is not accessible.

Caused by: java.io.IOException: unrecognised object: OPENSSH PRIVATE KEY
at org.bouncycastle.openssl.PEMParser.readObject(Unknown Source)

You can also refer to this document from Cloudera - https://www.cloudera.com/documentation/director/latest/topics/director_gcp_config_tools.html

Re: Exhausted available authentication methods during the step "Install Agents"

New Contributor

Thanks a lot, the issue seem to be occur because I does not put the public key in the authorized_auth of server A (I only put it on the other server).

Re: Exhausted available authentication methods during the step "Install Agents"

Super Collaborator

Are the FQDN hostnames properly setup and properly listed in /etc/hosts, before ssh-keygen?

 

After you add SERVER A key to authorized_keys on SERVER B,  do a ssh from Server A to B: ssh root@fqdn.serverb.com and you should get a prompt to accept the login (y/n), choose y and enter.    Then test Install Agent. 

 

If the SERVER A to B root login step does not work , you do not have the keys correct in ~/.ssh/authorized_keys.

 

 

Don't have an account?
Coming from Hortonworks? Activate your account here