Red Hat Bugzilla – Bug 1025810
[Admin Portal] Host re-install after previous installation failure offers SSH key auth access although SSH public key doesn't exist on the host
Last modified: 2016-02-10 14:32:56 EST
Created attachment 818349 [details]
Description of problem:
If host installation fails very early, then during next host re-installation UI offers a dialog where default is to use SSH key auth while connecting to host and executing re-installation procedure.
Problem is that during previous installation failure public SSH key wasn't uploaded to the host, thus SSH connection with key auth fails.
Host dell-r210ii-13 installation failed. SSH authentication to 'email@example.com' failed. Please verify provided credentials. Make sure key is authorized at host.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. a host which has never been part of setup
2. iptables -I OUTPUT -p tcp --dport 80 -j REJECT # to block access to repos
3. add the host into setup (this will obviously fail as rpm packages could not be installed)
4. iptables -D OUTPUT -p tcp --dport -j REJECT # remove previous fw rule
5. re-add/re-install the host from RHEVM ui
dialog shows ssh access via key auth as default, clicking 'OK' and then there's login failure into the host
if rhevm ui is not sure the ssh public key was uploaded to the host and it is there, it should not offer such authentication; thus offer just password auth.
Yaniv can we change the default access for this specific case where the host is in status "Install Failed" ?
Of-course we can.. will do
reproduced and verified on ovirt-3.4.0-0.7.beta2.
after installation failled due to non connectivity, tried to re-install.
default option was set to password authentication as requested.
ssh public key authorization is still a possible option which appears in menu and wasn't disabled completely.
If this is the expected and wanted result then I can verify.
Verified after talking with ybronheim. got the expected result - password authenctication is the default and ssh public key authentication option is possible in case user chooses to set it manually on host e.g.
although the reporter wrote : "Expected results:
if rhevm ui is not sure the ssh public key was uploaded to the host and it is there, it should not offer such authentication; thus offer just password auth."
still it is possible to use the ssh PK authentication method by manually copy the key as in first additional of the host. this fix only changes the default option, so that clicking automatically OK won't fail the operation without user's intervention
Closing as part of 3.4.0