Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: SuSE 10.1 3.2M2 - Admin - Mail Queue - Not displaying

  1. #1
    Join Date
    Apr 2006
    Location
    Williamsburg, VA
    Posts
    451
    Rep Power
    9

    Default SuSE 10.1 3.2M2 - Admin - Mail Queue - Not displaying

    I have been working with someone who wants to demo 3.2M2 on their infrastructure. All is working except the Mail Queue monitor. It is failing at public key authentication. I re-ran the keygen and keyupdate (then restarted tomcat), no go. ssh is running on 22, RSA Authentication is specifically enabled in sshd_conf. Any thoughts?

    I get the following error from the admin web console when I try to access the mail queue:

    Code:
    Message:  system failure: exception during auth {RemoteManager: (removed real name)->zimbra@hostname (removed real name):22}
    com.zimbra.cs.service.ServiceException: system failure: exception during auth {RemoteManager: hostname (removed real name)->hostname (removed real name):22}
            at com.zimbra.cs.service.ServiceException.FAILURE(ServiceException.java:174)
            at com.zimbra.cs.rmgmt.RemoteManager.getSession(RemoteManager.java:193)
            at com.zimbra.cs.rmgmt.RemoteManager.execute(RemoteManager.java:130)
            at com.zimbra.cs.service.admin.GetMailQueueInfo.handle(GetMailQueueInfo.java:56)
            at com.zimbra.soap.SoapEngine.dispatchRequest(SoapEngine.java:261)
            at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.java:162)
            at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.java:84)
            at com.zimbra.soap.SoapServlet.doPost(SoapServlet.java:223)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
            at com.zimbra.cs.servlet.ZimbraServlet.service(ZimbraServlet.java:159)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
            at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
            at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
            at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
            at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
            at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
            at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
            at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
            at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541)
            at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
            at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
            at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:667)
            at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
            at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
            at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
            at java.lang.Thread.run(Thread.java:595)
    Caused by: java.io.IOException: Publickey authentication failed.
            at ch.ethz.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:259)
            at ch.ethz.ssh2.Connection.authenticateWithPublicKey(Connection.java:371)
            at ch.ethz.ssh2.Connection.authenticateWithPublicKey(Connection.java:422)
            at com.zimbra.cs.rmgmt.RemoteManager.getSession(RemoteManager.java:185)
            ... 24 more
    Caused by: java.io.IOException: The connection is closed.
            at ch.ethz.ssh2.auth.AuthenticationManager.deQueue(AuthenticationManager.java:77)
            at ch.ethz.ssh2.auth.AuthenticationManager.getNextMessage(AuthenticationManager.java:99)
            at ch.ethz.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:234)
            ... 27 more
    Caused by: java.io.IOException: Cannot read full block, EOF reached.
            at ch.ethz.ssh2.crypto.cipher.CipherInputStream.getBlock(CipherInputStream.java:81)
            at ch.ethz.ssh2.crypto.cipher.CipherInputStream.read(CipherInputStream.java:108)
            at ch.ethz.ssh2.transport.TransportConnection.receiveMessage(TransportConnection.java:231)
            at ch.ethz.ssh2.transport.TransportManager.receiveLoop(TransportManager.java:520)
            at ch.ethz.ssh2.transport.TransportManager$1.run(TransportManager.java:315)
            ... 1 more
    
    Error code:  service.FAILURE
    Method:  ZmCsfeCommand.prototype.invoke
    Details:soap:Receiver
    Last edited by KevinH; 08-14-2006 at 02:35 PM.

  2. #2
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    Did you try to ssh manually with the generated keys?
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  3. #3
    Join Date
    Apr 2006
    Location
    Williamsburg, VA
    Posts
    451
    Rep Power
    9

    Default

    Quote Originally Posted by KevinH
    Did you try to ssh manually with the generated keys?
    I did, it just prompts for a password, it doesn't like the keys for whatever reason. I then try to regenerate the keys as zimbra but it is viscious cycle. Have I mentioned I hate SuSE? It is different enough from RHEL to be frustrating.

  4. #4
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    14

    Default

    you might try
    zmsshkeygen rsa
    to force it to generate rsa keys. I know centos requires this.

    Also, verify that the sshd_config allows logins with keys.
    Bugzilla - Wiki - Downloads - Before posting... Search!

  5. #5
    Join Date
    Apr 2006
    Location
    Williamsburg, VA
    Posts
    451
    Rep Power
    9

    Default

    Quote Originally Posted by marcmac
    you might try
    zmsshkeygen rsa
    to force it to generate rsa keys. I know centos requires this.

    Also, verify that the sshd_config allows logins with keys.
    No go...same error.

    keys are specifically allowed in sshd_config.

  6. #6
    Join Date
    Apr 2006
    Location
    Williamsburg, VA
    Posts
    451
    Rep Power
    9

    Default

    Quote Originally Posted by gmsmith
    No go...same error.

    keys are specifically allowed in sshd_config.
    Curious twist of fate, now a dev box we have (was running OS X PPC - 3.2m2, now running 4.0RC1) exhibits the same behavior after the 4.0RC1 upgrade. I won't have a chance to go back and play with it today maybe late tonight. I tried generating new keys, updating them, and restarting tomcat without success.

    When I come back to it, I will blow away Zimbra and re-install.

  7. #7
    Join Date
    Nov 2005
    Posts
    518
    Rep Power
    11

    Default

    make sure the permissions are ok on /opt/zimbra/.ssh/ and its contents: nothing group writable, and authorized_keys should only be read/write for the owner

  8. #8
    Join Date
    Apr 2006
    Location
    Williamsburg, VA
    Posts
    451
    Rep Power
    9

    Default

    Quote Originally Posted by bobby
    make sure the permissions are ok on /opt/zimbra/.ssh/ and its contents: nothing group writable, and authorized_keys should only be read/write for the owner
    Here is what they are:

    drwx------ 2 zimbra zimbra 152 Aug 18 18:49 .ssh


    drwx------ 2 zimbra zimbra 152 Aug 18 18:49 .
    drwxr-xr-x 41 root root 1752 Aug 18 18:47 ..
    -rw-r--r-- 1 zimbra zimbra 645 Aug 18 18:49 authorized_keys
    -rw------- 1 zimbra zimbra 668 Aug 18 18:49 zimbra_identity
    -rw-r--r-- 1 zimbra zimbra 608 Aug 18 18:49 zimbra_identity.pub

    Should be fine, yes?

    I should mention the OS X issue was probably just from a beaten up dev install, it is working fine now. But the SuSE install is not working, even with wiping and starting fresh with 4.0RC1

  9. #9
    Join Date
    Nov 2005
    Posts
    518
    Rep Power
    11

    Default

    try chmod 600 authorized_keys

  10. #10
    Join Date
    Apr 2006
    Location
    Williamsburg, VA
    Posts
    451
    Rep Power
    9

    Default

    Quote Originally Posted by bobby
    try chmod 600 authorized_keys
    Sorry, no go.

Similar Threads

  1. Problems with port 25
    By yogiman in forum Installation
    Replies: 57
    Last Post: 06-13-2011, 02:55 PM
  2. Replies: 7
    Last Post: 02-03-2011, 07:01 AM
  3. fresh install down may be due to tomcat
    By gon in forum Installation
    Replies: 10
    Last Post: 07-25-2007, 09:09 AM
  4. DynDNS and Zimbra
    By afterwego in forum Installation
    Replies: 30
    Last Post: 04-01-2007, 04:34 PM
  5. receiveing mail
    By maybethistime in forum Administrators
    Replies: 15
    Last Post: 12-09-2005, 04:55 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •