- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- Server Management - Remote Server Management
- >
- Re: ssh kills iLo3 if I my ssh agent is forwarded ...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-10-2011 06:01 AM
тАО06-10-2011 06:01 AM
ssh kills iLo3 if I my ssh agent is forwarded with a DSA key loaded
To access the iLo on these systems I hop through a jump box to get there.
I forward my ssh agent because that's how I auth with other systems behind this jump box.
If I then try to ssh to the iLo of any one of my systems (and I have a DSA key loaded up in my ssh agent) I never get a login prompt to the iLo and it becomes unresponsive to any sort of connection after that other than ping. Before it will work again I have to use hponcfg -r to reset the iLo.
If I remove the DSA key from my forwarded agent (or if I only have RSA keys loaded) then my ssh connection works fine.
Although the workaround of removing the keys works, it's not going to be long before one of my users forgets and breaks the iLo of a system that's broken (so I can't login and use hponcfg -r to reset it).
My systems are running the most recent iLo firmware (which according to hponcfg is v1.20 on the DL360G7s).
Does anyone have an idea if there's some sort of setting that can be changed to fix this or whether I need to get HP to look into it?
If it's something that only HP can fix do they regularly monitor these forums or do bugs like this have to be reported in a different way?
Thanks
Gary
- Tags:
- ssh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-10-2011 12:48 PM
тАО06-10-2011 12:48 PM
Re: ssh kills iLo3 if I my ssh agent is forwarded with a DSA key loaded
Could you please call HP support, log a case and provide all the details that can help us reproduce this hang?
Once you get a case number, please post it here and I'll get the case elevated. Thanks
__________________________________________________
If you feel this was helpful please click the KUDOS! thumb below!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-14-2011 08:16 PM
тАО06-14-2011 08:16 PM
Re: ssh kills iLo3 if I my ssh agent is forwarded with a DSA key loaded
I have now "broken" at least 3 different ILO3's with SSH from a Ubuntu 11.04 server.
I will look into raising a support case also
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-16-2011 12:58 AM
тАО06-16-2011 12:58 AM
Re: ssh kills iLo3 if I my ssh agent is forwarded with a DSA key loaded
I made a ticket about this. Case ID: 4631007373
I am using ILO3 v1.25 on a 380G7
Let me know if you need any more details additionally to the ticket.
Thanks for help,
A
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-16-2011 06:14 AM
тАО06-16-2011 06:14 AM
Re: ssh kills iLo3 if I my ssh agent is forwarded with a DSA key loaded
*** NOTES June 16,2011 12:55:14 [June 16,2011 14:55:14 EET-2EEST FI]
Action Type: Default
Called to customer
Putty works.
Ssh from ubuntu fails to login and freezes (OpenSSH_5.8p1 Debian-1ubuntu3, OpenSSL 0.9.8o 01 Jun 2010 )
Ssh from redhat works.
customer agreed to close this case
*** CASE CLOSE June 16,2011 12:55:24 [June 16,2011 14:55:24 EET-2EEST FI]
__________________________________________________
If you feel this was helpful please click the KUDOS! thumb below!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-16-2011 07:02 AM
тАО06-16-2011 07:02 AM
Re: ssh kills iLo3 if I my ssh agent is forwarded with a DSA key loaded
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-12-2011 03:23 PM - edited тАО07-12-2011 04:11 PM
тАО07-12-2011 03:23 PM - edited тАО07-12-2011 04:11 PM
Re: ssh kills iLo3 if I my ssh agent is forwarded with a DSA key loaded
It's not Ubuntu's problem - that's complete nonsense. The same happens with PuTTY combined with Pageant and Pageant option checked in PuTTY connection settings to an ILO3. I've just hung my ILO3 by inadvertently connecting to it with my Pageant on and this checkbox checked (connection copied from another one where I use key-based authentication). Firmware 1.20 but as I read above the same applies to 1.25.
Is it really so hard for HP to reproduce this problem? AntsInPants, just tell them to download PuTTY and Pageant, load any DSA key to Pageant and connect to the ILO with "Connection -> SSH -> Auth -> Attempt authentication using Pageant" option enabled.
I would open a ticket myself if I owned the server but unfortunately it don't. Anyway, it's scary that anyone can hang my ILO in a dedicated server in a datacenter, running on a public IP.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-19-2011 03:35 PM
тАО07-19-2011 03:35 PM
Re: ssh kills iLo3 if I my ssh agent is forwarded with a DSA key loaded
I was able to reproduce the issue using putty and a 4096 bits private DSA key that I created using puttygen
I have uploaded an iLO3 1.26 beta2 to the below FTP. Please test it and let me know if it fixes your issue as well.
FTP Access: ftp://tempilo3:1wantiLO@ftp.usa.hp.com/
or: ftp://tempilo3:1wantiLO@15.192.32.78/
__________________________________________________
If you feel this was helpful please click the KUDOS! thumb below!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-20-2011 10:16 PM
тАО07-20-2011 10:16 PM
Re: ssh kills iLo3 if I my ssh agent is forwarded with a DSA key loaded
Hi Oscar, and all.
Yes, I was able to reproduce the problem to HP Support with redhat and Ubuntu both, so they agreed the problem not to be platform specific.
Oscar, I tested your 1.26 beta3, and the problem does not seem to reproduce again! So from my point of view turn beta3 into a production release! :-)
Thanks again.