Tuesday, 20 October 2015

Using Pageant with Cygwin SSH, error with ssh-dss key

Recently, I tried to configure Cygwin SSH to use Pageant. No big issue, just launch the Cygwin installer, and look for package named ssh-pageant

After installation, execute Pageant on your Windows computer, and load the required SSH key

Then in your Cygwin terminal, execute the following command:

$ `ssh-pageant`

Make sure the backtick is included in the command

Then try to SSH to your server using the command

$ ssh -A root@yourserver.com

If you are getting a password prompt, you are facing the same problem that I got.

The main issue here is the version of SSH included in latest Cygwin is version 7 or higher. Version 7 have deprecated the support for ssh-dss, which is used by Puttygen

To check if you are indeed being restricted to use ssh-dss key,  SSH again to your server, but this time add "v" to the option so that you can see what happening during the connection:

$ ssh -Av root@yourserver.com

You will see this line:

debug1: Skipping ssh-dss key imported-openssh-key for not in PubkeyAcceptedKeyTypes

To overcome this issue, just create a file call config in ~/.ssh

$ touch ~/.ssh/config

Edit the content of the file to include this line:

Host *
    PubkeyAcceptedKeyTypes +ssh-dss

Try to SSH to your server again, you should now be able to login without any prompt asking for password, as the key required is being supplied by Pageant.

Hope this solve your problem.

Reference for this issue was obtained from: http://blog.ayrtonaraujo.net/2015/09/using-openssh-7-0-with-legacy-ssh-implementations/

Wednesday, 1 July 2015

HP ServiceGuard command list

Recently, I'm doing more work on HP-UX and the HP ServiceGuard, a high-availability cluster software produced by HP that runs on HP-UX and Linux.

Here are the command that I frequently use. The list is not final, and I will keep updating it.

Halt cluster

Shutdown package
cmhaltpkg [package name]

Get the cluster config
cmquerycl -q [quorum server] -C /home/user/cmclconfig.ascii -n [node1] -n [node2]

Get the quorum server
cd /etc/cmcluster grep QS_HOST *

Apply configuration
cmapplyconf -v -C /etc/cmcluster/cmclconfig.ascii

Start cluster

Node join cluster

Check cluster package
cmviewcl - view information about a high availability cluster

Bring up cluster
cmrunnode [node1] [node2] [node3] [node4]