Re: several questions on running cfengine

[Mark . Burgess]

0.* root=b80n11.sdsc.edu,
> Path: /etc (encrypt=0)
>    Admit: 192.168.240.* root=b80n11.sdsc.edu,
> Path: /usr/local/apps/sbin/cfagent (encrypt=0)
>    Admit: 192.168.240.* root=
> 
> 
> the client is still not trusted:
> Connect to b80cw = 192.168.240.254 on port cfengine
> Loaded /var/cfengine/ppkeys/root-192.168.240.254.pub
> cfengine:b80n11: Strong authentication of server=b80cw connection
> confirmed
> Checking copy from b80cw://etc/inetd.conf.nodes to /etc/inetd.conf
> cfengine:b80n11: Server returned error:  Host authentication failed. Did
> you forget the domain name?
> 
> 


You are still not telling us what the server says during the dialogue
with -d2. Since it is the server that is breaking off, we need to see
where it is happening.

> I put the domain name in all and every configuration file just to make
> sure cfengine wouldn't miss it. Still the cfagent on the client machine
> returns the same error with no further explaination (even in -d3). The
> internal network adapter names are in no DNS and they are not the
> hostname. They are in the /etc/hosts file:
> 192.168.240.11 b80n11e b80n11e.sdsc.edu

Ok. Guess that's not the whole story then.

> The /etc/hosts file it kept the same on all nodes in the cluster by
> a scp script, one of the things I hoped to be able to do with cfengine.

Might be a name lookup issue. Please send the cfservd -d2 output  from
the dialogue.

> Where else should I put the domain name or whatever to allow the copy?
> Maybe I should just run the scp with ssh authentication rather than use
> the cfengine authentication?

You are better off understanding the mechanism. This will allow you to
do more than just copy files around.

M

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Work: +47 22453272            Email:  Mark.Burgess@iu.hio.no
Fax : +47 22453205            WWW  :  http://www.iu.hio.no/~mark
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~