zmrcd must be in libexec. Maybe there is a bug in upgrade. Does your /opt/zimbra/.ssh/authorized_keys command point at /opt/zimbra/bin or /opt/zimbra/libexec?
Code:[zimbra@mail ~]$ cat /opt/zimbra/.ssh/authorized_keys command="/opt/zimbra/bin/zmrcd" ssh-dss
Could you please elaborate a little more on exactly the steps you took to get the queue to work? A step by step would be nice.
Also, did you get a chance to file that bugzilla? If so, do you have an ID?
known_hosts is not in my .ssh folder
i made one and added the key but still get nothing.
do i need to remove the ssh-des part.
I agree, a step by step process to get queues working would be most welcomeOriginally Posted by wannabetenor
actually i think what you need is the zimbra user id in the authorized keys. n.b. make sure you have both arrows '>>' in order to append instead of overwrite (need i say run all this as zimbra):
cat ~/.ssh/zimbra_identity.pub >> ~/.ssh/authorized_keys
if the zimbra id isn't there you can set everything up like this:
i filed the bug:
Bug 7241 - ssh auth exception for queue manager
OK, I thought Id feedback what happened. First off I made a copyof authorized keys and I noticed that there was some extra stuff in there (see below)
command="/opt/zimbra/bin/zmrcd" ssh-dss AAAAB3NzaC1kc3MAAACBAOsnIF6CqtajdxUnCx8uOLj+oJ5Xuz grBtO6CEW9XdaLtViPe09Kt1Q8D0SxN5Hziy6BQ0Aif5psCHoa aPP+2+JpiBq4SBcQYXwA9haBUcG/7dFYgc+kOCMPJQF57Zn9BrevLNW7TshHY9IpqpLVDw2O+izGTO/H0CDqCQaE7R8RAAAAFQDe
Hmmm, so I removed all the lines and then did the first bit of your suggestion - the cat part
This didnt seem to work. Then I noticed that the owners of the files in .ssh seemed to be wrong also (see below)
ls .ssh/ -l
-rw-r--r-- 1 root root 614 Apr 18 19:00 authorized_keys
-rw-r--r-- 1 zimbra zimbra 438 Apr 17 13:43 known_hosts
-rw------- 1 zimbra zimbra 668 Apr 18 19:17 zimbra_identity
-rw-r--r-- 1 root root 614 Apr 15 12:56 zimbra_identity.pub
Notice two are owned by root, so chmoded them to zimbra - still now good
Finally I did the last part of what you suggested - the zmsskeygen lines - this worked a treat, so thank you very much for that. I think that I may have needed to do some of the other parts also, such as chmoding but i hope that helps anyone else with this problem
Im still totally impressed with this product, its an amazing bit of coding
I just did the upgrade to 4.0.2 and everything is working great, except...
I am also having Mail Queue problems.
I have done the following :
when I try "/opt/zimbra/libexec/zmrc mail.myserver.com", it asks for a password. After entering blank passwords I get
"Permission denied (publickey,gssapi-with-mic,password)."
The .ssh/zimbra_identity.pub is in .ssh/authorized_keys. I understand what a public key is (although I am fuzzy on the how), and I don't understand why it is asking for a password.
This box started out as a fresh minimal install of FC4, installed zimbra 3.0, upgraded to zimbra 3.0.1 (i think), finally upgraded to 4.0.2.
I obviously have something configured sideways somewhere... any ideas?
I fixed mine by adding zimbra to the allowed users in my ssh server.