Results 1 to 6 of 6

Thread: Mail Queue exception during auth on ZCS 7.1.3 CentOS6_64

  1. #1
    Join Date
    Sep 2009
    Location
    Sintra, Portugal
    Posts
    12
    Rep Power
    6

    Default Mail Queue exception during auth on ZCS 7.1.3 CentOS6_64

    Hi

    I've installed a fresh copy of CentOS 6 64bit and ZCS 7.1.3, and migrated from my previous ZCS 7.1.2 on CentOS 5 64bit.

    The migration was manual since we only have 4 accounts and 2 distribution lists, so I installed a fresh copy configured everything manualy and exported the mailboxes from preferences in the user account from old server into the new server importing the same way.

    Everything went well but today I was looking arround in the admin board and had this problem:

    Mail Queue Monitoring - Zimbra :: Wiki

    Message: system failure: exception during auth {RemoteManager: MAIL.DOMAIN.COM->zimbra@MAIL.DOMAIN.COM:22}
    com.zimbra.cs.service.ServiceException: system failure: exception during auth {RemoteManager:
    MAIL.DOMAIN.COM->zimbra@MAIL.DOMAIN.COM:22}


    I have followed all instructions from wiki and from google results and can't put this to work!

    I've even tried and configured root to access in a similar way by ssh with RSA/DSA key and it worked very well and easy.

    Could it be a problem of CentOS 6? SSH on CentOS 6 is 5.3 and on CentOS 5 is 4.3...

    Any one as this configuration working? (CentOS 6 / ZCS 7.1.3)
    Release 7.1.4_GA_2555.RHEL6_64_20120105094542 CentOS6_64 FOSS edition.

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Quote Originally Posted by MNPF View Post
    Any one as this configuration working? (CentOS 6 / ZCS 7.1.3)
    Yes, of course it works. So you've followed all the instructions from the wiki, does that include regenerating the certificates? What errors do you now now see? Have you changed the ssh port from 22 to something else?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    Join Date
    Sep 2009
    Location
    Sintra, Portugal
    Posts
    12
    Rep Power
    6

    Default

    Yes I had regenerated. The port for ssh is 22.

    Here is the output of the test:

    Code:
    [zimbra@mfserver ~]$ ssh -vi .ssh/zimbra_identity -o strictHostKeyChecking=no zimbra@mfserver.mnpf.net
    OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Applying options for *
    debug1: Connecting to mfserver.mnpf.net [192.168.5.55] port 22.
    debug1: Connection established.
    debug1: identity file .ssh/zimbra_identity type 2
    debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
    debug1: match: OpenSSH_5.3 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_5.3
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-ctr hmac-md5 none
    debug1: kex: client->server aes128-ctr hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug1: Host 'mfserver.mnpf.net' is known and matches the RSA host key.
    debug1: Found key in /opt/zimbra/.ssh/known_hosts:1
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
    debug1: Next authentication method: gssapi-keyex
    debug1: No valid Key exchange context
    debug1: Next authentication method: gssapi-with-mic
    debug1: Unspecified GSS failure.  Minor code may provide more information
    Credentials cache file '/tmp/krb5cc_500' not found
    
    debug1: Unspecified GSS failure.  Minor code may provide more information
    Credentials cache file '/tmp/krb5cc_500' not found
    
    debug1: Unspecified GSS failure.  Minor code may provide more information
    
    
    debug1: Next authentication method: publickey
    debug1: Offering public key: .ssh/zimbra_identity
    debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
    debug1: Next authentication method: password
    Release 7.1.4_GA_2555.RHEL6_64_20120105094542 CentOS6_64 FOSS edition.

  4. #4
    Join Date
    Sep 2009
    Location
    Sintra, Portugal
    Posts
    12
    Rep Power
    6

    Default

    Note: After testing everything from wiki I reverted changes to the original settings of CentOS installation (sshd_config, etc...) because on my other server it works with that settings, and I thought its better to start debugging with the community from the clean installation.

    Thank you.
    Release 7.1.4_GA_2555.RHEL6_64_20120105094542 CentOS6_64 FOSS edition.

  5. #5
    Join Date
    Sep 2009
    Location
    Sintra, Portugal
    Posts
    12
    Rep Power
    6

    Default

    Hello once again!

    I was here comparing the system that work with the new one and noticed this.

    The one that works:
    Code:
    debug1: Next authentication method: publickey
    debug1: Offering public key: .ssh/zimbra_identity
    debug1: Remote: Forced command: /opt/zimbra/libexec/zmrcd
    debug1: Server accepts key: pkalg ssh-dss blen 435
    debug1: read PEM private key done: type DSA
    debug1: Remote: Forced command: /opt/zimbra/libexec/zmrcd
    debug1: Authentication succeeded (publickey).
    The new one:

    Code:
    debug1: Next authentication method: publickey
    debug1: Offering public key: .ssh/zimbra_identity
    debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
    debug1: Next authentication method: password
    The new doesn't use the "Forced command: /opt/zimbra/libexec/zmrcd" to read the key, could it be the problem? Any thoughts about this?

    Thank you.
    Release 7.1.4_GA_2555.RHEL6_64_20120105094542 CentOS6_64 FOSS edition.

  6. #6
    Join Date
    May 2010
    Posts
    1
    Rep Power
    5

    Default Disable SELinux

    Had the same problem with 7.1.3 and CentOS6, being looking for a solution for days...

    I installer 7.1.3 on CentOS5 and workfine, problem is I already have 7.1.3 on CentOS6 on a production Environment.

    I solve the problem disabling selinux, just do

    #setenforce 0
    This will disable SELinux on running system, if you want the change to be boot persistant edit

    /etc/selinux/config and set
    SELINUX=disabled
    I will try to find a better way...

Similar Threads

  1. 7.1.1 not working
    By rosch in forum Administrators
    Replies: 4
    Last Post: 07-05-2011, 06:08 AM
  2. Replies: 7
    Last Post: 02-03-2011, 07:01 AM
  3. Replies: 2
    Last Post: 02-12-2008, 11:55 AM
  4. receiveing mail
    By maybethistime in forum Administrators
    Replies: 15
    Last Post: 12-09-2005, 04:55 PM
  5. Mail not getting to mail boxes
    By ehults in forum Installation
    Replies: 5
    Last Post: 10-31-2005, 09:24 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •