help-cfengine
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: authentication issues


From: Alex Laslavic \(Lenox\)
Subject: Re: authentication issues
Date: Thu, 19 Jan 2006 09:26:40 -0500

Thats the ticket there.  Aparently in order to proclaim itself as
belonging to a domain, a client has to be able to get that domain by
doing a reverse lookup on it's own IP.  If it doesn't get a domain name
back, it just identifies itself as its IP address, which was denied by
my cfservd ACL's in the admit: section.  


On Thu, 2006-01-19 at 11:10 +0100, Mark Burgess wrote:
> Run the daemon with option -d2 and you will see the reason.
> 
> M
> 
> On Wed, 2006-01-18 at 14:32 -0500, Alex Laslavic (Lenox) wrote:
> > Maybe someone can shed some light on this:
> > 
> > When running cfagent -v on the client machine, its gets the error
> > message below:
> > 
> > Server returned error:  Host authentication failed. Did you forget the
> > domain name or IP/DNS address registration (for ipv4 or ipv6)?
> > 
> > So far I have:
> > -Verified All keys are happy
> > -Further verified keys using strace and tcpdump (I see an 'OK: key
> > accepted' message)
> > -Edited /etc/hosts to resolve the fqdn of all machines (no DNS yet, so I
> > have to use /etc/hosts for the moment)
> > -Made sure the domain returned by gethostbyaddr() on the server is the
> > same as the domain hardcoded in cfagent.conf        
> >     domain = ( domain.com )
> > 
> > So, umm, now I am not sure what to check.  Any clues?
> > 
> > Thanks, 
> > 
> > ~alex
> > 
> > 
> > 
> > _______________________________________________
> > Help-cfengine mailing list
> > address@hidden
> > http://lists.gnu.org/mailman/listinfo/help-cfengine
> 

Attachment: signature.asc
Description: This is a digitally signed message part


reply via email to

[Prev in Thread] Current Thread [Next in Thread]