Replication tasks created with API generated key pairs fail to authenticate
Description
Problem/Justification
Impact
SmartDraw Connector
Katalon Manual Tests (BETA)
Activity
It isn't added. It's possible I was missing a step there.
I'm going ahead and closing since it is probably related to something there but we removed replication from VCP so it's not necessary any more.
Sorry, but is generated key added to vcptesting3.lab.ixsystems.net? I've tried to log in with the key you've posted and it was not accepted.
First I call "keychaincredential/generate_ssh_key_pair", which for instance creates what I put in the attribute for "/keychaincredential":
{"name":"vcenter_sshkey_vcenter_replication_tank/testvmfs75_1605639156433","type":"SSH_KEY_PAIR","attributes\":{"private_key":"----BEGIN OPENSSH PRIVATE KEY----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn
NhAAAAAwEAAQAAAQEAuXMkC5CV3tiQ29V1hqHIrSjRWniM/s3qNiJglWYgLnh+DI10SUWy
ZPk1l74BirQ/vy4w+6nEFtoKdGJuZZN5g28kuLA4jlwYqvNyClgLDi9bDHY27X5IougpG2
/sOQeh8a5h0mzr4Ne5jJFNP6tjqZ1Fw7jEUSL0nFM6n5hosJpk//qhqBAgwtLRnYqWu7fm
+7+FqTq/+jV77EBz4OOaujapGGP1CpdnntczBSA5KJCw8icogodiKyr0h17JwUwC1jsiHl
xXn3e8+WOBdaHyuHNTj3SfPB2bmyJ25xtdriQTvzg4duaZ9xgkjiUJYQ/yYluauSaRuu12
DEplH8edyQAAA9jrA2hY6wNoWAAAAAdzc2gtcnNhAAABAQC5cyQLkJXe2JDb1XWGocitKN
FaeIz+zeo2ImCVZiAueH4MjXRJRbJk+TWXvgGKtD+/LjD7qcQW2gp0Ym5lk3mDbyS4sDiO
XBiq83IKWAsOL1sMdjbtfkii6Ckbb+w5B6HxrmHSbOvg17mMkU0/q2OpnUXDuMRRIvScUz
qfmGiwmmT/+qGoECDC0tGdipa7t+b7v4WpOr/6NXvsQHPg45q6NqkYY/UKl2ee1zMFIDko
kLDyJyiCh2IrKvSHXsnBTALWOyIeXFefd7z5Y4F1ofK4c1OPdJ88HZubInbnG12uJBO/OD
h25pn3GCSOJQlhD/JiW5q5JpG67XYMSmUfx53JAAAAAwEAAQAAAQEAgLeaXSyN2Y8XfH48
hKXmU8nxBYqG0pS567kQsKGh1J9tXekQvYrSt6MBv8Dx8QQK+vdkqEi9Ad91QjLPzVD/Fm
seYdJubuEdfgpbLTLO+ZmE6LFkjpMId4oMfi7BFxRlIwqWeyd+0SDqeNahd3/OPPwcYCzu
liJdBeP+3Kc8gtZ3cVgAmyVzdaQEHTBOpRn15LDVMKisMF3+rsgyqXxLYt/6ZXh4CUZU77
Yd8YFnZHLn/Db/akFwGoIt6TlE9dKM1k2cFwqnpBqOMgMTa4s3SMCd9mPVZ/YVkCdtqCTP
32mP7j6LlBzcdXgeDBLXBX8Q+9SdXgOq33t/yxdOOS2pwQAAAIEAtNc85TbCIVxHl8GjGr
p0gn/hdQ1KxOD4rTyPa7+wAkMlOyYpOg5xRpNaMnfhN3j9sT/2uEflOK+Wbf10xW9obKlt
E1nkfPmARBOX8kkoJHZS7hPDUtZKyUUiaBv7VLgoPt2+VX2Z1dKhJwAw/MNdCwhrBIb/Vl
pNCPma38IoNqIAAACBAO5wBmMzutYfnifw6/tbSb/oCr28wIQO6coAGdDYCHu32EyN3DNP
NfwuKrDEUfMxe3afdUmCfLu913PiDs/QOOHpsQyX5nShSEEPptYMZULv8SA1v3nCgGQm6V
zLXrk5yDkNkqUul6kd2N3i8hwstspaj3wRAWuhJpw+bOk2Hnn3AAAAgQDHG/pyNocYPVJp
vCwuqTqVqSTsHR08DGAM+hG89VJngDBF/8DzKEFIjvUCQVmGIoRdRAXoibd6xxbDqmeUGu
dZ9pDS9Ixn0T2EqrKk2HOCMqDHQZCzl0O5oACQyoByXYYt8TpGjGzsPkCybg2KSZCWi5fA
XTijhEPWnY+KxH62PwAAABpyb290QGZyZWVuYXMuaXhzeXN0ZW1zLm5ldAECAwQFBgc=
----END OPENSSH PRIVATE KEY----
","public_key":"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC5cyQLkJXe2JDb1XWGocitKNFaeIz+zeo2ImCVZiAueH4MjXRJRbJk+TWXvgGKtD+/LjD7qcQW2gp0Ym5lk3mDbyS4sDiOXBiq83IKWAsOL1sMdjbtfkii6Ckbb+w5B6HxrmHSbOvg17mMkU0/q2OpnUXDuMRRIvScUzqfmGiwmmT/+qGoECDC0tGdipa7t+b7v4WpOr/6NXvsQHPg45q6NqkYY/UKl2ee1zMFIDkokLDyJyiCh2IrKvSHXsnBTALWOyIeXFefd7z5Y4F1ofK4c1OPdJ88HZubInbnG12uJBO/ODh25pn3GCSOJQlhD/JiW5q5JpG67XYMSmUfx53J root@freenas.ixsystems.net"}}
I then invoke "/keychaincredential/remote_ssh_host_key_scan" with {"host":"vcptesting3.lab.ixsystems.net'} and use the output to create an SSHConnection with {"host":"vcptesting3.lab.ixsystems.net", "port":22, "username":"root", "private_key":1, "remote_host_key":"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIARjkGdcmbELKEaM0LEN/5oYBLdw+/ZyKkpthW3/3Bj8","cipher":"STANDARD","connect_timeout":10}. Finally, I create the Replication task with "/replication:
{"enabled":true,"source_datasets":["tank/testvmfs75"],"target_dataset":"tank/repl","ssh_credentials":2,"name":"vcenter_replication_tank/testvmfs75_1605639156433","direction":"PUSH","transport":"SSH","auto":true,"retention_policy":"NONE","periodic_snapshot_tasks":[1],"recursive":false}
The SSH services on both systems are running as well.
@Zack I need your sequence of API calls please
The debug as well...
The vCenter plugin creates replication tasks using the API. It first generates a Key, creates an SSH Key Pair with that key, then creates an SSH Connection, the finally creates a Replication task with this connection. All API commands succeed and the task is sucessfully created, which can be validated by the UI. However, the task fails due to an authentication error as follows:
[2020/11/05 09:23:36] INFO [Thread-9] [zettarepl.paramiko.replication_task__task_6] Connected (version 2.0, client OpenSSH_8.3p1)
[2020/11/05 09:23:36] INFO [Thread-9] [zettarepl.paramiko.replication_task__task_6] Authentication (publickey) failed.
[2020/11/05 09:23:36] ERROR [replication_task__task_6] [zettarepl.replication.run] For task 'task_6' non-recoverable replication error ReplicationError('Authentication failed.')
A workaround is to create a new SSH Key Pair from the UI, then assign that key pair to the API generated SSH Connection. The task will succeed. Regenerating the SSH Key Pair created from the API will not work. Neither will rediscovering the public key for the connection and key pair.
Attached is the API call for a functional and non functional task/connection, the functional being copied from the one starting with "vcenter_".