![[image of the Head of a GNU]](/graphics/gnu-head-sm.jpg)
[
English
]
From: "Philip J. Hollenback"
Subject: Re: Security
Date: Fri, 10 Dec 1999 14:05:18 -0800 (PST)
To: cmtull9@my-deja.com
Cc: help-cfengine@gnu.org
I just went through this, and here's what I found:
First of all, are you trying to do secure transfers (using the flag
secure=true in your copy)? If so, you need to have your keys set up:
1. Create the file /var/run/cfengine/key on the server:
# /usr/local/sbin/cfkey > /var/run/cfengine/keys
2. Make sure the key file is owner root, mode 600.
3. Copy the key file to /var/run/cfengine/keys on the client, and make
sure it has the same permissions as the key file on the server
That should take care of one reason for the message you are seeing.
Unfortunately, that message can be generated by several different
failures. To troubleshoot, run cfd in debug mode on the server (cfd
-d3), and watch the messages when the client tries to connect. That
will tell you if the authentication is failing for some other reason.
Possible reasons:
1. ident isn't working on the client.
To test, telnet to port auth on the client. You should be able to
connect and enter some text.
2. The server can't resolve the name of the client.
Check your dns - also the cfd debug messages will say if this is the
case.
3. Your cfd.conf file on the server doesn't allow access by the client
Check and adjust accordingly.
P.
Return to GNU's home page.
Please send FSF & GNU inquiries & questions to gnu@gnu.org. There are also other ways to contact the FSF.
Please send comments on these web pages to webmasters@gnu.org, send other questions to gnu@gnu.org.
Copyright (C) 2001 Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA
Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.
Updated: $Date: 2001/07/20 07:06:27 $ $Author: brett $