Bug 2023206

Summary: Failed starting ssh while booting the temporary HE VM with OpenSCAP enabled.
Product: [oVirt] ovirt-ansible-collection Reporter: cshao <cshao>
Component: hosted-engine-setupAssignee: Asaf Rachmani <arachman>
Status: CLOSED DUPLICATE QA Contact: meital avital <mavital>
Severity: high Docs Contact:
Priority: unspecified    
Version: 1.2.1CC: arachman, bugs, cshao, lsvaty, lveyde, mavital, peyu, sanja, sbonazzo, shlei, weiwang, yaniwang
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-11-15 11:54:59 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Integration RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
VPP+scap.log
none
VPP+scap none

Description cshao 2021-11-15 08:26:06 UTC 
Created attachment 1841771 [details]
VPP+scap.log

Description of problem:
Failed starting ssh while booting the temporary HE VM with OpenSCAP enabled.

Test version:
RHVH ISO: RHVH-4.4-20210903.0-RHVH-x86_64-dvd1.iso
rhvm-appliance-4.4-20210827.0.el8ev.x86_64.rhevm.ova

Test Steps:
1. Install RHVH ISO host with VPP profile.
2. Upload current ova file for rhvm onto the RHVH.
3. Attempt to install SHE (Enable OpenSCAP)

Test result:
Failed to deploy HE when OpenSCAP enabled.

weiwang will try to reproduce this issue with the latest RHVH build.



==============================================================
failed starting ssh while booting the temporary HE VM. From journal:

 Starting OpenSSH server daemon...
 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
 @         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
 Permissions 0640 for '/etc/ssh/ssh_host_rsa_key' are too open.
 It is required that your private key files are NOT accessible by others.
 This private key will be ignored.
 Unable to load host key "/etc/ssh/ssh_host_rsa_key": bad permissions
 Unable to load host key: /etc/ssh/ssh_host_rsa_key
 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
 @         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
 Permissions 0640 for '/etc/ssh/ssh_host_ecdsa_key' are too open.
 It is required that your private key files are NOT accessible by others.
 This private key will be ignored.
 Unable to load host key "/etc/ssh/ssh_host_ecdsa_key": bad permissions
 Unable to load host key: /etc/ssh/ssh_host_ecdsa_key
 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
 @         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
 Permissions 0640 for '/etc/ssh/ssh_host_ed25519_key' are too open.
 It is required that your private key files are NOT accessible by others.
 This private key will be ignored.
 Unable to load host key "/etc/ssh/ssh_host_ed25519_key": bad permissions
 Unable to load host key: /etc/ssh/ssh_host_ed25519_key
 sshd: no hostkeys available -- exiting.
 sshd.service: Main process exited, code=exited, status=1/FAILURE
 sshd.service: Failed with result 'exit-code'.
 Failed to start OpenSSH server daemon.
Comment 1 cshao 2021-11-15 08:27:06 UTC 
Created attachment 1841772 [details]
VPP+scap
Comment 2 Asaf Rachmani 2021-11-15 11:54:59 UTC 

*** This bug has been marked as a duplicate of bug 2011309 ***