Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: SuSE 10.1 3.2M2 - Admin - Mail Queue - Not displaying

  1. #1
    gmsmith is offline Moderator
    Join Date
    Apr 2006
    Location
    Williamsburg, VA
    Posts
    451
    Rep Power
    9

    Default SuSE 10.1 3.2M2 - Admin - Mail Queue - Not displaying

    I have been working with someone who wants to demo 3.2M2 on their infrastructure. All is working except the Mail Queue monitor. It is failing at public key authentication. I re-ran the keygen and keyupdate (then restarted tomcat), no go. ssh is running on 22, RSA Authentication is specifically enabled in sshd_conf. Any thoughts?

    I get the following error from the admin web console when I try to access the mail queue:

    Code:
    Message:  system failure: exception during auth {RemoteManager: (removed real name)->zimbra@hostname (removed real name):22}
    com.zimbra.cs.service.ServiceException: system failure: exception during auth {RemoteManager: hostname (removed real name)->hostname (removed real name):22}
            at com.zimbra.cs.service.ServiceException.FAILURE(ServiceException.java:174)
            at com.zimbra.cs.rmgmt.RemoteManager.getSession(RemoteManager.java:193)
            at com.zimbra.cs.rmgmt.RemoteManager.execute(RemoteManager.java:130)
            at com.zimbra.cs.service.admin.GetMailQueueInfo.handle(GetMailQueueInfo.java:56)
            at com.zimbra.soap.SoapEngine.dispatchRequest(SoapEngine.java:261)
            at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.java:162)
            at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.java:84)
            at com.zimbra.soap.SoapServlet.doPost(SoapServlet.java:223)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
            at com.zimbra.cs.servlet.ZimbraServlet.service(ZimbraServlet.java:159)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
            at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
            at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
            at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
            at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
            at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
            at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
            at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
            at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541)
            at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
            at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
            at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:667)
            at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
            at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
            at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
            at java.lang.Thread.run(Thread.java:595)
    Caused by: java.io.IOException: Publickey authentication failed.
            at ch.ethz.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:259)
            at ch.ethz.ssh2.Connection.authenticateWithPublicKey(Connection.java:371)
            at ch.ethz.ssh2.Connection.authenticateWithPublicKey(Connection.java:422)
            at com.zimbra.cs.rmgmt.RemoteManager.getSession(RemoteManager.java:185)
            ... 24 more
    Caused by: java.io.IOException: The connection is closed.
            at ch.ethz.ssh2.auth.AuthenticationManager.deQueue(AuthenticationManager.java:77)
            at ch.ethz.ssh2.auth.AuthenticationManager.getNextMessage(AuthenticationManager.java:99)
            at ch.ethz.ssh2.auth.AuthenticationManager.authenticatePublicKey(AuthenticationManager.java:234)
            ... 27 more
    Caused by: java.io.IOException: Cannot read full block, EOF reached.
            at ch.ethz.ssh2.crypto.cipher.CipherInputStream.getBlock(CipherInputStream.java:81)
            at ch.ethz.ssh2.crypto.cipher.CipherInputStream.read(CipherInputStream.java:108)
            at ch.ethz.ssh2.transport.TransportConnection.receiveMessage(TransportConnection.java:231)
            at ch.ethz.ssh2.transport.TransportManager.receiveLoop(TransportManager.java:520)
            at ch.ethz.ssh2.transport.TransportManager$1.run(TransportManager.java:315)
            ... 1 more
    
    Error code:  service.FAILURE
    Method:  ZmCsfeCommand.prototype.invoke
    Details:soap:Receiver
    Last edited by KevinH; 08-14-2006 at 01:35 PM.

  2. #2
    KevinH's Avatar
    KevinH is offline Expert Member
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    18

    Default

    Did you try to ssh manually with the generated keys?
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  3. #3
    gmsmith is offline Moderator
    Join Date
    Apr 2006
    Location
    Williamsburg, VA
    Posts
    451
    Rep Power
    9

    Default

    Quote Originally Posted by KevinH
    Did you try to ssh manually with the generated keys?
    I did, it just prompts for a password, it doesn't like the keys for whatever reason. I then try to regenerate the keys as zimbra but it is viscious cycle. Have I mentioned I hate SuSE? It is different enough from RHEL to be frustrating.

  4. #4
    marcmac is offline Expert Member
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    13

    Default

    you might try
    zmsshkeygen rsa
    to force it to generate rsa keys. I know centos requires this.

    Also, verify that the sshd_config allows logins with keys.
    Bugzilla - Wiki - Downloads - Before posting... Search!

  5. #5
    gmsmith is offline Moderator
    Join Date
    Apr 2006
    Location
    Williamsburg, VA
    Posts
    451
    Rep Power
    9

    Default

    Quote Originally Posted by marcmac
    you might try
    zmsshkeygen rsa
    to force it to generate rsa keys. I know centos requires this.

    Also, verify that the sshd_config allows logins with keys.
    No go...same error.

    keys are specifically allowed in sshd_config.

  6. #6
    gmsmith is offline Moderator
    Join Date
    Apr 2006
    Location
    Williamsburg, VA
    Posts
    451
    Rep Power
    9

    Default

    Quote Originally Posted by gmsmith
    No go...same error.

    keys are specifically allowed in sshd_config.
    Curious twist of fate, now a dev box we have (was running OS X PPC - 3.2m2, now running 4.0RC1) exhibits the same behavior after the 4.0RC1 upgrade. I won't have a chance to go back and play with it today maybe late tonight. I tried generating new keys, updating them, and restarting tomcat without success.

    When I come back to it, I will blow away Zimbra and re-install.

  7. #7
    bobby is offline Zimbra Employee
    Join Date
    Nov 2005
    Posts
    518
    Rep Power
    10

    Default

    make sure the permissions are ok on /opt/zimbra/.ssh/ and its contents: nothing group writable, and authorized_keys should only be read/write for the owner

  8. #8
    gmsmith is offline Moderator
    Join Date
    Apr 2006
    Location
    Williamsburg, VA
    Posts
    451
    Rep Power
    9

    Default

    Quote Originally Posted by bobby
    make sure the permissions are ok on /opt/zimbra/.ssh/ and its contents: nothing group writable, and authorized_keys should only be read/write for the owner
    Here is what they are:

    drwx------ 2 zimbra zimbra 152 Aug 18 18:49 .ssh


    drwx------ 2 zimbra zimbra 152 Aug 18 18:49 .
    drwxr-xr-x 41 root root 1752 Aug 18 18:47 ..
    -rw-r--r-- 1 zimbra zimbra 645 Aug 18 18:49 authorized_keys
    -rw------- 1 zimbra zimbra 668 Aug 18 18:49 zimbra_identity
    -rw-r--r-- 1 zimbra zimbra 608 Aug 18 18:49 zimbra_identity.pub

    Should be fine, yes?

    I should mention the OS X issue was probably just from a beaten up dev install, it is working fine now. But the SuSE install is not working, even with wiping and starting fresh with 4.0RC1

  9. #9
    bobby is offline Zimbra Employee
    Join Date
    Nov 2005
    Posts
    518
    Rep Power
    10

    Default

    try chmod 600 authorized_keys

  10. #10
    gmsmith is offline Moderator
    Join Date
    Apr 2006
    Location
    Williamsburg, VA
    Posts
    451
    Rep Power
    9

    Default

    Quote Originally Posted by bobby
    try chmod 600 authorized_keys
    Sorry, no go.

Page 1 of 3 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Problems with port 25
    By yogiman in forum Installation
    Replies: 57
    Last Post: 06-13-2011, 01:55 PM
  2. Replies: 7
    Last Post: 02-03-2011, 07:01 AM
  3. fresh install down may be due to tomcat
    By gon in forum Installation
    Replies: 10
    Last Post: 07-25-2007, 08:09 AM
  4. DynDNS and Zimbra
    By afterwego in forum Installation
    Replies: 30
    Last Post: 04-01-2007, 03:34 PM
  5. receiveing mail
    By maybethistime in forum Administrators
    Replies: 15
    Last Post: 12-09-2005, 04:55 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •