Forum: CFEngine Help Subject: cf-runagent failure on two hosts Author: jgreer Link to topic: https://cfengine.com/forum/read.php?3,23042,23042#msg-23042
I'm unable to connect to two remote clients from my server via cf-runagent - they fail with this error: $ sudo /var/cfengine/bin/cf-runagent -H BAD: Unspecified server refusal (see verbose server output) !! Authentication dialogue with failed Unable to establish connection with When I restart cf-serverd on the client with "-vvv" and reattempt connection from cf-runagent, I see: cf3 Allowing to connect without (re)checking ID cf3 Non-verified Host ID is (Using skipverify) cf3 Non-verified User ID seems to be root (Using skipverify) cf3 Private decrypt failed = block type is not 02 cf3 Auth dialogue error cf3 From (host=,user=root,ip=) cf3 REFUSAL of request from connecting host: (SAUTH y 256 37 c) I've tried: - removing /var/cfengine/ppkeys/root-.pub (client) - moving /var/cfengine/cf_lastseen.db out of the way (client) - removing client pubkey (server); we trust client keys, and this came back as expected, after a successful cf-agent run Also noticed something interesting in the lastseen db on the server. These clients are two of six boxes that run the same policy. The other four, which can be hailed successfully by cf-runagent on the server, have two entries in the lastseen db, per: sudo /var/cfengine/bin/cf-key -s | sort | uniq -c | sort -n The two errant clients each have just one entry. Please advise. Running the 3.1.2 RPM. Thanks, -Jessica _______________________________________________ Help-cfengine mailing list [email protected] https://cfengine.org/mailman/listinfo/help-cfengine
