Thank you for all the suggestions everyone. I have implemented all of them; however, I am still not able to copy files from a remote host. Have I satisfied the following from the Tutorials page? I have provided more info regarding my config.
http://www.cfengine.org/manuals/cf3-tutorial.html "Permission to connect to the server, and The server control body must grant access to your computer and public key by name or IP address, by listing it in one of the lists (see below). Your public key must be trusted by the server, and you must trust the server's public key By mutually trusting each others' keys, client and server agree to use that key as a sufficient identifier for the computer. Permission to access something Your host name or IP address must be mentioned in an access promise inside a server bundle, made by the file that you are trying to access." Here is the version I am running. "# rpm -qa | grep cfen cfengine-community-3.1.5-1.el5" IP Addresses of hosts: Server => 5.6.7.8 client => 1.2.3.4 Here is my cf file. "# toe in the water body common control { bundlesequence => { "main","copyFile" }; ignore_missing_bundles => "true"; require_comments => "true"; inputs => { "/var/cfengine/inputs/cfengine_stdlib.cf" }; } body server control { allowconnects => { "127.0.0.1" , "1.2.3" }; allowallconnects => { "127.0.0.1" , "1.2.3" }; trustkeysfrom => { "127.0.0.1" , "1.2.3" }; } bundle agent main { files: "/tmp/toe_in_water_folder_create/." comment => "main create dir", perms => mog("755", "user", "group"), create => "true"; "/tmp/toe_in_water_folder_create/toe_in_water_file_create.txt" comment => "main create file", perms => mog("666", "user", "group"), create => "true"; } bundle server access_rules() { access: "/tmp/toe_in_water_folder_create/" comment => "provide access to folder", admit => { "1.2.3.4" }; #or whatever IP address/address range you want to be able to access that directory } bundle agent copyFile { files: "/tmp/toe_in_water_folder_create/toe_in_water_file_copy.txt" comment => "copyFile copy main file", copy_from => local_cp("/tmp/toe_in_water_folder_create/toe_in_water_file_create.txt"); "/tmp/toe_in_water_folder_create/host_from_remote" comment => "copyFile copy from remote", skipidentify => "true", skipverify => { "1.2.3.4" }, copy_from => secure_cp("/etc/hosts","1.2.3.4"); }" Here is the command I use to run: "/usr/local/sbin/cf-agent -K -v -f /tmp/toe_in_the_water.cf" I am getting the following errors: "cf3> ......................................................... cf3> Promise handle: cf3> Promise made by: /tmp/toe_in_water_folder_create/host_from_remote cf3> cf3> Comment: copyFile copy from remote cf3> ......................................................... cf3> cf3> -> Copy file /tmp/toe_in_water_folder_create/host_from_remote from /etc/hosts check cf3> No existing connection to 1.2.3.4 is established... cf3> Set cfengine port number to 5308 = 5308 cf3> Set connection timeout to 10 cf3> -> Connect to 1.2.3.4 = 1.2.3.4 on port 5308 cf3> -> Did not find new key format /var/cfengine/ppkeys/root-.pub cf3> -> Trying old style /var/cfengine/ppkeys/root-1.2.3.4.pub cf3> -> Could not map key file to new format - we have no digest yet (using /var/cfengine/ppkeys/root-1.2.3.4.pub) cf3> -> Going to secondary storage for key cf3> Couldn't send cf3> !!! System error for send: "Connection reset by peer" cf3> Couldn't send cf3> !!! System error for send: "Broken pipe" cf3> Couldn't send cf3> !!! System error for send: "Broken pipe" cf3> Challenge response from server 1.2.3.4/1.2.3.4 was incorrect! cf3> I: Report relates to a promise with handle "" cf3> I: Made in version 'not specified' of '/tmp/toe_in_the_water.cf' near line 48 cf3> I: Comment: copyFile copy from remote cf3> !! Authentication dialogue with 1.2.3.4 failed cf3> Unable to establish connection with 1.2.3.4 cf3> -> No suitable server responded to hail cf3> Promise (version not specified) belongs to bundle 'copyFile' in file '/tmp/toe_in_the_water.cf' near line 48 cf3> Comment: copyFile copy from remote" I have done the following: 01) Copied /var/cfengine/ppkeys/localhost.pub of client as /var/cfengine/ppkeys/root-1.2.3.4.pub in server. 02) Copied /var/cfengine/ppkeys/localhost.pub of server as /var/cfengine/ppkeys/root-5.6.7.8.pub in client. 02) Ran cf-agent command as root on the server. What am I missing from the requirements to have a successful server connection? Regards, j
_______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
