Opened 3 years ago

Closed 3 years ago

#10940 closed Bug/Something is broken (fixed)

can't access mx3

Reported by: https://id.mayfirst.org/jamie Owned by: https://id.mayfirst.org/jamie
Priority: Urgent Component: Tech
Keywords: mx3 Cc:
Sensitive: no

Description

I tried via ssh and it times out. I tried via the virtual guest console and the password we have for root/mx3 doesn't work.

Erq: are you able to access this server??

Change History (5)

comment:1 Changed 3 years ago by https://id.mayfirst.org/jamie

  • Owner set to https://id.mayfirst.org/erq
  • Status changed from new to assigned

comment:2 Changed 3 years ago by https://id.mayfirst.org/erq

  • Owner changed from https://id.mayfirst.org/erq to https://id.mayfirst.org/jamie

no Jamie, I'm not able to access it, i wonder if ssh service is down, while other services remain working. For example, http://lists.laneta.apc.org/

should we restart the the host server?

comment:3 Changed 3 years ago by https://id.mayfirst.org/jaimev

I do get a response from ssh server on mx3 however it does not allow me to login.

0 jaimev@mayday:~$ ssh root@mx3.mayfirst.org
-------------------- Monkeysphere warning -------------------
Monkeysphere found OpenPGP keys for this hostname, but none had full validity.
Could not retrieve RSA host key from mx3.mayfirst.org.
Keys found with less than marginal validity: 1
Run the following command for more info about the found keys:
gpg --check-sigs --list-options show-uid-validity =ssh://mx3.mayfirst.org
-------------------- ssh continues below --------------------
Password:

The password for mx3 listed in keyringer is rejected.

Also its gpg key does not appear to be signed by any of the admins.

0 jaimev@mayday:~$ gpg --check-sigs --list-options show-uid-validity =ssh://mx3.mayfirst.org
pub   2048R/0xC577899539C36898 2011-12-13
      Key fingerprint = DC6B EE42 0A41 C8EA 77C5  E231 C577 8995 39C3 6898
uid                 [ unknown] ssh://mx3.mayfirst.org
sig!3        0xC577899539C36898 2011-12-13  ssh://mx3.mayfirst.org

comment:4 Changed 3 years ago by https://id.mayfirst.org/jaimev

I changed root password for mx3 by first logging into malaka and shutting down runit process for mx3. Then I followed jamie's instructions

14:00 < jamie> i would suggest ensuring you have proper console access (as ssh mx3@malaka.mayfirst.org)
14:00 < jamie> then, stop the grub process
14:00 < jamie> edit the grub kernel line, adding init=/bin/bash
14:00 < jamie> then, grub will launch the server and immediately drop you into a bash shell
14:01 < jamie> the root partition will be read-only, but you can change that with:
14:01 < jamie> mount -oremount,rw /
14:01 < jamie> then run:
14:01 < jamie> passwd
14:01 < jamie> to update the password
14:01 < jamie> then, re-mount: mount -oremount,ro /

And finally "shutdown -r now"

Restart runit process and was able to access root login through screen console session. I updated puppet with new remotes for allende and pulled in latest changes, noticing that changes had not been received since Sep 2014.

freepuppet-run complained about an error in mx3.pp that appeared to be a typo. Fixed that , pushed ot origin, pulled in changes to mx3 again and freepuppet-run finished without errors.

I then ran freepuppet-helper shgk:mx3 locally since monkeysphere sill compained about host guest key validity. I can now ssh into mx3.

I was never able to properly run freepuppet-helper srgk:mx3 to sign the root key though.

comment:5 Changed 3 years ago by https://id.mayfirst.org/jaimev

  • Resolution set to fixed
  • Status changed from assigned to closed

Please login to add comments to this ticket.

Note: See TracTickets for help on using tickets.