<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Happy Monday everyone,<br>
<br>
I have a strange issue I am seeing with replica creations, but it
does not seem to be consistent. Sometimes, when trying to install
the replica I get errors trying to connect to the master via SSH:<br>
<br>
<small><i>[root@ipa3 ~]# ipa-replica-install
/var/lib/ipa/replica-info-ipa3.xyzzy.com.gpg </i><i><br>
</i><i>Directory Manager (existing master) password: </i><i><br>
</i><i><br>
</i><i>Run connection check to master</i><i><br>
</i><i>Check connection from replica to remote master
'ipa2.xyzzy.com':</i><i><br>
</i><i> Directory Service: Unsecure port (389): OK</i><i><br>
</i><i> Directory Service: Secure port (636): OK</i><i><br>
</i><i> Kerberos KDC: TCP (88): OK</i><i><br>
</i><i> Kerberos Kpasswd: TCP (464): OK</i><i><br>
</i><i> HTTP Server: Unsecure port (80): OK</i><i><br>
</i><i> HTTP Server: Secure port (443): OK</i><i><br>
</i><i><br>
</i><i>The following list of ports use UDP protocol and would need
to be</i><i><br>
</i><i>checked manually:</i><i><br>
</i><i> Kerberos KDC: UDP (88): SKIPPED</i><i><br>
</i><i> Kerberos Kpasswd: UDP (464): SKIPPED</i><i><br>
</i><i><br>
</i><i>Connection from replica to master is OK.</i><i><br>
</i><i>Start listening on required ports for remote master check</i><i><br>
</i><i>Get credentials to log in to remote master</i><i><br>
</i><i><a class="moz-txt-link-abbreviated" href="mailto:admin@XYZZY.COM">admin@XYZZY.COM</a> password: </i><i><br>
</i><i><br>
</i><i>Check SSH connection to remote master</i><i><br>
</i><i><a class="moz-txt-link-abbreviated" href="mailto:admin@ipa2.xyzzy.com">admin@ipa2.xyzzy.com</a>'s password: </i><i><br>
</i><i><a class="moz-txt-link-abbreviated" href="mailto:admin@ipa2.xyzzy.com">admin@ipa2.xyzzy.com</a>'s password: </i><i><br>
</i><i>Could not SSH into remote host. Error output:</i><i><br>
</i><i> OpenSSH_6.4, OpenSSL 1.0.1e-fips 11 Feb 2013</i><i><br>
</i><i> debug1: Reading configuration data /etc/ssh/ssh_config</i><i><br>
</i><i> debug1: /etc/ssh/ssh_config line 51: Applying options
for *</i></small><br>
<br>
<br>
ssh via root and all the hosts - using keys - works just fine. I
don't understand why this is happening on some hosts and not others.
<br>
<br>
<br>
Any ideas?<br>
~J<br>
<br>
</body>
</html>