Support Questions

cjervis · ‎12-26-2019

Hello I try to install CDM 6.3.1~1466458.ubuntu1804 on a server A to handle installation of HBASE on a server B.

But I have a problem during the step "Install Agents".

I have found some post on the forum which speak about NOPASSWD to add into the sudoers file of the server B, but in my case I can established a ssh connexion from the server A to the server B in command line and run a sudo command without any password, so I think my servers was correctly configured.

Does anyone can help me ?

GangWar · ‎01-02-2020

@Gregonmac You have to perform below steps (cross check if already performed).

Login to the first node (e. g.: CM_Server)
Run ssh-keygen -t rsa, it will generate new files id_rsa and id_rsa.pub files.
Copy the contents of id_rsa.pub to authorized_keys - cat id_rsa.pub >> authorized_keys
You need to copy the contents of id_rsa.pub on to all the nodes in the cluster.

Most Important thing to check the permission of the private key as your stack is complaining about the key is not accessible.

Caused by: java.io.IOException: unrecognised object: OPENSSH PRIVATE KEY
at org.bouncycastle.openssl.PEMParser.readObject(Unknown Source)

You can also refer to this document from Cloudera - https://www.cloudera.com/documentation/director/latest/topics/director_gcp_config_tools.html

Cheers!
Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.

View solution in original post

Gregonmac · ‎01-02-2020

Hello everybody and happy new year 2020.

To complete my previous post, I have to indicate that in my case I try to connect my servers by using a private key.

I have generate a key couple in server A by using the following command :

ssh-keygen -t rsa

And after a add the content of the generated file .ssh/id_rsa.pub into the .ssh/authorized_keys file of server B

After a retry I obtain the same result

I found this trace in the log file

2020-01-02 09:48:39,559 WARN NodeConfiguratorThread-22-0:com.cloudera.server.cmf.node.NodeConfigurator: Could not authenticate to SERVER_B
net.schmizz.sshj.userauth.UserAuthException: Exhausted available authentication methods
at net.schmizz.sshj.SSHClient.auth(SSHClient.java:232)
at net.schmizz.sshj.SSHClient.auth(SSHClient.java:208)
at com.cloudera.server.cmf.node.NodeConfigurator.connect(NodeConfigurator.java:416)
at com.cloudera.server.cmf.node.NodeConfigurator.configure(NodeConfigurator.java:1028)
at com.cloudera.server.cmf.node.NodeConfigurator.run(NodeConfigurator.java:1106)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: net.schmizz.sshj.userauth.UserAuthException: Problem getting public key from PKCS8KeyFile{resource=[PrivateKeyStringResource]}
at net.schmizz.sshj.userauth.method.KeyedAuthMethod.putPubKey(KeyedAuthMethod.java:46)
at net.schmizz.sshj.userauth.method.AuthPublickey.buildReq(AuthPublickey.java:62)
at net.schmizz.sshj.userauth.method.AuthPublickey.buildReq(AuthPublickey.java:81)
at net.schmizz.sshj.userauth.method.AbstractAuthMethod.request(AbstractAuthMethod.java:63)
at net.schmizz.sshj.userauth.UserAuthImpl.authenticate(UserAuthImpl.java:68)
at net.schmizz.sshj.SSHClient.auth(SSHClient.java:226)
... 9 more
Caused by: java.io.IOException: unrecognised object: OPENSSH PRIVATE KEY
at org.bouncycastle.openssl.PEMParser.readObject(Unknown Source)
at net.schmizz.sshj.userauth.keyprovider.PKCS8KeyFile.readKeyPair(PKCS8KeyFile.java:132)
at net.schmizz.sshj.userauth.keyprovider.PKCS8KeyFile.getPublic(PKCS8KeyFile.java:78)
at net.schmizz.sshj.userauth.method.KeyedAuthMethod.putPubKey(KeyedAuthMethod.java:44)
... 14 more

GangWar · ‎01-02-2020

@Gregonmac You have to perform below steps (cross check if already performed).

Login to the first node (e. g.: CM_Server)
Run ssh-keygen -t rsa, it will generate new files id_rsa and id_rsa.pub files.
Copy the contents of id_rsa.pub to authorized_keys - cat id_rsa.pub >> authorized_keys
You need to copy the contents of id_rsa.pub on to all the nodes in the cluster.

Most Important thing to check the permission of the private key as your stack is complaining about the key is not accessible.

Caused by: java.io.IOException: unrecognised object: OPENSSH PRIVATE KEY
at org.bouncycastle.openssl.PEMParser.readObject(Unknown Source)

You can also refer to this document from Cloudera - https://www.cloudera.com/documentation/director/latest/topics/director_gcp_config_tools.html

Cheers!
Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.

Gregonmac · ‎01-02-2020

Thanks a lot, the issue seem to be occur because I does not put the public key in the authorized_auth of server A (I only put it on the other server).

stevenmatison · ‎01-02-2020

Are the FQDN hostnames properly setup and properly listed in /etc/hosts, before ssh-keygen?

After you add SERVER A key to authorized_keys on SERVER B, do a ssh from Server A to B: ssh root@fqdn.serverb.com and you should get a prompt to accept the login (y/n), choose y and enter. Then test Install Agent.

If the SERVER A to B root login step does not work , you do not have the keys correct in ~/.ssh/authorized_keys.

Cloudera Community

Support Questions

Exhausted available authentication methods during the step "Install Agents"