Cfengine Help: Trustkeys not being shared

Fri, 09 Jul 2010 07:28:19 -0700 

Forum: Cfengine Help
Subject: Trustkeys not being shared
Author: elleeseb
Link to topic: https://cfengine.com/forum/read.php?3,17676,17676#msg-17676

I must be missing something, when I try to pull a file from the server to the 
client, I get broken pipe, and connection reset by peer. I am trying to follow 
the guide as close as possible :). Maybe I am confused on some things...what am 
I missing?

Trust keys are being shared to the server (client keys are seen in ppkeys on 
server), but I do not see a trust key for the server on the client side. 



Server Config (promises.cf)

body common control
{
bundlesequence => { "testbundle" };
}
bundle agent testbundle
{
reports:
linux::
"Hello world";
}

body  runagent control
{
hosts => {
"127.0.0.1","10.128.205.118","10.128.205.119"
};
}

body server control
{
allowconnects   => { "127.0.0.1","10.128.205.118","10.128.205.119" };
trustkeysfrom           => { "127.0.0.1","10.128.205.118","10.128.205.119" };
allowusers => { "root" };
}

bundle server access_rules()
{
access:
"/cfengine/cfengine/"
admit => { "10.128.205.118", "10.128.205.119" };
}



Client Config (promises.cf)

body common control
{
bundlesequence => { "testbundle" };
}

bundle agent testbundle
{
files:
"/tmp/test.txt"
copy_from       => remote_cp("/cfengine/cfengine/test.txt","10.128.205.118");
}

body  runagent control
{
hosts => {
"127.0.0.1","10.128.205.118","10.128.205.119"
};
}

body server control
{
allowconnects   => { "127.0.0.1","10.128.205.118","10.128.205.119" };
trustkeysfrom           => { "127.0.0.1","10.128.205.118","10.128.205.119" };
allowusers => { "root" };
}

body copy_from remote_cp(from,server)
{
source  => "$(from)";
copy_backup     => "true";
purge   => "true";
servers => { "$(server)" };
}



Here is the error seen on the client side

cf3  -> Handling file existence constraints on /tmp/test.txt
cf3  -> Copy file /tmp/test.txt from /cfengine/cfengine/test.txt check
cf3 No existing connection to 10.128.205.118 is established...
cf3 Set cfengine port number to 5308 = 5308
cf3 Connect to 10.128.205.118 = 10.128.205.118 on port 5308
cf3 LastSaw host 10.128.205.118 now
cf3  !! Not authorized to trust the server=10.128.205.118's public key 
(trustkey=false)
cf3 Promise (version not specified) belongs to bundle 'testbundle' in file 
'/var/cfengine/inputs/promises.cf' near line 18
cf3  !! Authentication dialogue with 10.128.205.118 failed
cf3 Unable to establish connection with 10.128.205.118
cf3 No suitable server responded to hail
cf3 Promise (version not specified) belongs to bundle 'testbundle' in file 
'/var/cfengine/inputs/promises.cf' near line 18
cf3

_______________________________________________
Help-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/help-cfengine

Reply via email to