Bug 232492 - RFE: Feature request for ssh capabilities in fence_drac script
Summary: RFE: Feature request for ssh capabilities in fence_drac script
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: cman (Show other bugs)
(Show other bugs)
Version: 5.0
Hardware: All Linux
medium
medium
Target Milestone: ---
: ---
Assignee: Jim Parsons
QA Contact: Cluster QE
URL:
Whiteboard:
Keywords: FutureFeature
Depends On: 437166 438028
Blocks: 445926
TreeView+ depends on / blocked
 
Reported: 2007-03-15 19:03 UTC by Charlie Wyse
Modified: 2009-04-16 22:34 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-01-20 21:51:18 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Add ssh capability (4.66 KB, patch)
2008-02-28 17:09 UTC, Marek Grac
no flags Details | Diff


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2009:0189 normal SHIPPED_LIVE cman bug-fix and enhancement update 2009-01-20 16:05:55 UTC

Description Charlie Wyse 2007-03-15 19:03:31 UTC
The Dell DRAC 5.0 by defaults starts up with ssh enabled.  Currently the
fence_drac script uses telnet to connect and fence out a node.  Many secured
agencies do not like to use telnet for the obvious security risk of clear text
passwords traveling over the network.  I would like to request that this
funcionality be put into the script to make for a more secure fencing mechanism.

Comment 1 Kiersten (Kerri) Anderson 2007-04-23 16:48:21 UTC
Fixing Product Name.  Cluster Suite was merged into Red Hat Enterpise Linux for
5.0.  In addition dlm, fence and ccs were merged into the cman package, so
bugzilla should reflect package name where those utilities are located.

Comment 2 Kiersten (Kerri) Anderson 2007-05-03 17:25:01 UTC
ILO also has ssh support, so if we figure out how to do this one, then we can
solve that one as well.

Comment 4 Kiersten (Kerri) Anderson 2007-06-19 16:25:44 UTC
Moving to 5.2. 

Comment 5 Thomas Krieger 2007-10-05 07:45:19 UTC
I've the same problem which is very urgent for us. We can not go live because of
this problem.

Comment 6 Thomas Krieger 2007-10-08 05:57:03 UTC
The problem get's very serious for me because it is a show stopper. 
Telnet is not allowed in my environment and the fence_drac module does not allow
to configure the port to connect to.
Please provide a bugfix as soon as possible.

Comment 7 Jim Parsons 2007-10-08 18:28:16 UTC
This is in development.

Comment 8 Thomas Krieger 2007-10-09 05:27:21 UTC
(In reply to comment #7)
> This is in development.

Any idea when this will be shipped? A bugfix package would be appreciated.

Comment 9 Bret Silberman 2007-11-14 23:46:45 UTC
In regards to the SSH DRAC commands, you can also enable telnet for the new
interface.

To enable, http to the DRAC card,
then go to System > Remote Access, 
then go Configuration at the top menu, 
then go Services on the menu below the top menu, 
then go Telnet and enable it.

Although this not a secure channel, it will enable the DRAC to work.

Comment 11 Marek Grac 2008-02-28 17:09:12 UTC
Created attachment 296238 [details]
Add ssh capability

This patch adds a capability to connect to drac using ssh. It needs two perl
modules: Net::SSH::Perl and Math::Bigint::GMP. If you would like to use ssh
connection you have to specify it from command line '-x' or from stdin 'secure'

Comment 15 errata-xmlrpc 2009-01-20 21:51:18 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2009-0189.html


Note You need to log in before you can comment on or make changes to this bug.