How to supress/disable "paramiko.transport" publickey loging failures/logging for Fabric password logins? - fabric

when i run a command in Fabric like so:
with settings(hide('everything'),
host_string='myserver',
shell='/bin/sh -c',
no_keys=True,
user='root',
password='root'):
ret = run(cmd)
i see the following:
2015-09-25 11:39:10 [paramiko.hostkeys] INFO: Unable to handle key of type ecdsa-sha2-nistp521
2015-09-25 11:39:10 [paramiko.hostkeys] INFO: Unable to handle key of type ecdsa-sha2-nistp521
2015-09-25 11:39:10 [paramiko.transport] INFO: Connected (version 2.0, client OpenSSH_6.6.1_hpn13v11)
2015-09-25 11:39:10 [paramiko.transport] INFO: Authentication (publickey) failed.
2015-09-25 11:39:10 [paramiko.transport] INFO: Authentication (password) successful!
how can i stop Fabric from trying to log in using keys?


I've solved it with the switch -a, --no_agent
As Fabric help says it forces not using the running SSH agent

Related

OpenVPN: Authentication Failed?

When I use the plugin for authentication at server.conf, authentication wont work, but without it, non existent users can authenticate also.
I have added the following lines in the server conf and clinet
Commands in the server.conf file
================================
mode server
tls-server
plugin /usr/lib64/openvpn/plugin/lib/openvpn-auth-pam.so login
key-direction 0
================================
Commands in the client file
=================================
port 1194
proto udp
dev tun
nobind
key-direction 1
redirect-gateway def1
tls-version-min 1.2
auth SHA256
auth-user-pass
tls-client
remote-cert-tls server
resolv-retry infinite
persist-key
persist-tun
verb 3
===============================
Logs:
==============================================================
PLUGIN_CALL: POST /usr/lib64/openvpn/plugin/lib/openvpn-auth-pam.so/PLUGIN_AUTH_USER_PASS_VERIFY status=1
PLUGIN_CALL: plugin function PLUGIN_AUTH_USER_PASS_VERIFY failed with status 1: /usr/lib64/openvpn/plugin/lib/openvpn-auth-pam.so
TLS Auth Error: Auth Username/Password verification failed for peer
Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #7 / time = (1559124952) Wed May 29 10:15:52 2019 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:
openvpn[10420]: pam_unix(login:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=*****```
==============================================================

I have used differen approached, although in production plugin /usr/lib64/openvpn/plugin/lib/openvpn-auth-pam.so login is recommended way, but I have taken one shell script and got authentication, but remember it is dangerous.
add following lines in your /etc/openvpn/server.conf file
--verify-cline-cert none
script-security 2
auth-user-pass-verify /etc/openvpn/example.sh via-file
Now create a file in /etc/openvpn/example.sh with following content
!/bin/bash
echo "started"
username=`head -1 $1`
password=`tail -1 $1`
if grep "$username:$password" $0.passwd > /dev/null 2>&1
then
exit 0
else
if grep "$username" $0.passwd > /dev/null 2>&1
then
echo "auth-user-pass-verify: Wrong password entered for user '$username'"
else
echo "auth-user-pass-verify: Unknown user '$username'"
fi
exit 1
fi
Now create username and password in /etc/openvpn/example.sh.passwd with following content
userone:securepassworduserone
usertwo:securepasswordusertwo
Now create a client file and import and connect using your password, but this where I am stack as I don't want to provide client file.

Redmine don't send e-mail, execution expired error

I'm having problems using email in redmine. This is my redmine Environment versions:
Environment:
Redmine version 2.4.2.stable
Ruby version 1.9.3-p484 (2013-11-22) [x86_64-linux]
Rails version 3.2.16
Environment production
Database adapter MySQL
SCM:
Git 1.9.1
Filesystem
Redmine plugins:
no plugin installed
I configured the configuration.yml file like this:
production:
email_delivery:
delivery_method: :smtp
smtp_settings:
enable_starttls_auto: true
address: "smtp.office365.com"
port: 587
domain: "mydomain.com.br"
authentication: :login
user_name: "user#mydomain.com.br"
password: "mypassword"
attachments_storage_path: /home/redmin/Downloads/redmine-2.3.2/files
autologin_cookie_name:
autologin_cookie_path:
autologin_cookie_secure:
scm_subversion_command: svn
scm_mercurial_command:
scm_git_command: /usr/bin/git
scm_cvs_command:
scm_bazaar_command:
scm_darcs_command:
scm_stderr_log_file:
database_cipher_key:
rmagick_font_path:
So, i access redmine in browser and click in button "Send Test Email" but i got the following error: execution expired after a lot of time loading page.
In my production.log file i got a success message without any error, but e-mail never arrive:
Sent email "Redmine test" (30215ms)
to: target#gmail.com
Edit 1:
If i change the devlivery_method to ":sendmail" the test works but email never arrives.

Selenium Python desired capabilities cannot create a new driver instance

I am trying to use Desired Capabilities in Selenium Python for IE on our 64bit machine, Windows 2008 as IEDriverServer.exe keeps crashing half way through the test when i use:
cls.driver = webdriver.Ie(Globals.IEdriver_path)
I want try Desired Capabilities, see if it works ok this way.
I have the following in my setup:
class BaseTestCase(unittest.TestCase):
#classmethod
def setUpClass(cls):
desired_caps = {}
desired_caps['platform'] = 'WINDOWS'
desired_caps['browserName'] = 'INTERNETEXPLORER'
#cls.driver = webdriver.Remote('http://192.168.1.103:4444/wd/hub', desired_caps)
cls.driver = webdriver.Remote('http://127.0.0.1:4444/wd/hub', desired_caps)
cls.driver = webdriver.Ie(Globals.IEdriver_path)
cls.driver.get(Globals.URL)
cls.login_page = login.LoginPage(cls.driver)
I run the Selenium Server jar file as follows:
java -Dwebdriver.ie.driver="C:\\IEDriverServer.exe" -jar
selenium-server-standalone-2.53.0.jar
When i run my Selenium Python test i get the following error:
WebDriverException: Message: The best matching driver provider org.openqa.selenium.ie.InternetExplorerDriver can't create a new driver instance for Capabilities [{browserName=INTERNETEXPLORER, platform=WINDOWS}]
Build info: version: '2.53.0', revision: '35ae25b', time: '2016-03-15 17:00:58'
System info: host: 'JUSTIN-PC', ip: '192.168.1.164', os.name: 'Windows 7', os.arch: 'x86', os.version: '6.1', java.version: '1.8.0_45'
Driver info: driver.version: unknown
Stacktrace:
at org.openqa.selenium.remote.server.DefaultDriverFactory.newInstance (DefaultDriverFactory.java:62)
at org.openqa.selenium.remote.server.DefaultSession$BrowserCreator.call (DefaultSession.java:222)
at org.openqa.selenium.remote.server.DefaultSession$BrowserCreator.call (DefaultSession.java:1)
at java.util.concurrent.FutureTask.run (None:-1)
at org.openqa.selenium.remote.server.DefaultSession$1.run (DefaultSession.java:176)
at java.util.concurrent.ThreadPoolExecutor.runWorker (None:-1)
at java.util.concurrent.ThreadPoolExecutor$Worker.run (None:-1)
at java.lang.Thread.run (None:-1)
If i use:
cls.driver = webdriver.Remote('http://192.168.1.103:4444/wd/hub', desired_caps)
Then I will get the following error:
A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond>
How should i set Desired Capabilities in Selenium Python?
Thanks, Riaz

Here is an example to start a remote session with Internet Explorer:
from selenium import webdriver
from selenium.webdriver.common.desired_capabilities import DesiredCapabilities
capabilities = DesiredCapabilities.INTERNETEXPLORER
capabilities.update({'logLevel' : 'ERROR'})
remote_server = "http://127.0.0.1:4444/wd/hub"
driver = webdriver.Remote(remote_server, capabilities)
driver.get('http://stackoverflow.com/')

wso2 bam2.4 connect to external cassandra failed by .AuthenticationException

I think I have followed all the examples what I can find,
and I am working on bam2.4.1, the apache cassandra is 2.1.2.
I have configured casandra to disable security by setting cassandra.yaml
authenticator: AllowAllAuthenticator
authorizer: AllowAllAuthorizer
Then I follow bam2.4.1 document to connect to external cassandra, then start wso2 bam by
wso2server.bat -Ddisable.cassandra.server.startup=true
All most everything works except authentication
[2014-11-25 20:39:41,295] ERROR {org.wso2.carbon.bam.notification.task.Notificat
ionDispatchTask} - Error executing notification dispatch task: Access denied fo
r user wso2bam to login TCP,192.168.1.7:7611,TCP,192.168.1.7:7711
org.wso2.carbon.databridge.commons.exception.AuthenticationException: Access den
ied for user wso2bam to login TCP,192.168.1.7:7611,TCP,192.168.1.7:7711
at org.wso2.carbon.databridge.agent.thrift.internal.publisher.authentica
tor.AgentAuthenticator.connect(AgentAuthenticator.java:54)
at org.wso2.carbon.databridge.agent.thrift.DataPublisher.start(DataPubli
sher.java:273)
at org.wso2.carbon.databridge.agent.thrift.DataPublisher.<init>(DataPubl
isher.java:211)
at org.wso2.carbon.bam.notification.task.NotificationDispatchTask.initPu
blisherKS(NotificationDispatchTask.java:100)
at org.wso2.carbon.bam.notification.task.NotificationDispatchTask.execut
e(NotificationDispatchTask.java:210)
at org.wso2.carbon.ntask.core.impl.TaskQuartzJobAdapter.execute(TaskQuar
tzJobAdapter.java:67)
at org.quartz.core.JobRunShell.run(JobRunShell.java:213)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:47
1)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
at java.util.concurrent.FutureTask.run(FutureTask.java:166)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.
java:1110)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor
.java:603)
at java.lang.Thread.run(Thread.java:722)
Caused by: org.wso2.carbon.databridge.agent.thrift.exception.AgentAuthenticatorE
xception: Thrift exception
at org.wso2.carbon.databridge.agent.thrift.internal.publisher.authentica
tor.ThriftAgentAuthenticator.connect(ThriftAgentAuthenticator.java:51)
at org.wso2.carbon.databridge.agent.thrift.internal.publisher.authentica
tor.AgentAuthenticator.connect(AgentAuthenticator.java:51)
... 12 more
I found some more exception like
Caused by: org.apache.thrift.transport.TTransportException: java.net.SocketExcep
tion: Connection closed by remote host
at org.apache.thrift.transport.TIOStreamTransport.write(TIOStreamTranspo
rt.java:147)
at org.apache.thrift.protocol.TBinaryProtocol.writeI32(TBinaryProtocol.j
ava:163)
at org.apache.thrift.protocol.TBinaryProtocol.writeMessageBegin(TBinaryP
rotocol.java:91)
at org.apache.thrift.TServiceClient.sendBase(TServiceClient.java:62)
at org.wso2.carbon.databridge.commons.thrift.service.secure.ThriftSecure
EventTransmissionService$Client.send_connect(ThriftSecureEventTransmissionServic
e.java:82)
at org.wso2.carbon.databridge.commons.thrift.service.secure.ThriftSecure
EventTransmissionService$Client.connect(ThriftSecureEventTransmissionService.jav
a:73)
at org.wso2.carbon.databridge.agent.thrift.internal.publisher.authentica
tor.ThriftAgentAuthenticator.connect(ThriftAgentAuthenticator.java:47)
... 13 more
Caused by: java.net.SocketException: Connection closed by remote host
at sun.security.ssl.SSLSocketImpl.checkWrite(SSLSocketImpl.java:1506)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:70)
at org.apache.thrift.transport.TIOStreamTransport.write(TIOStreamTranspo
rt.java:145)
... 19 more

Fabric does not use SSH key [duplicate]

This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
Using an SSH keyfile with Fabric
In my fable
env.ip = 'x.x.x.x'
env.hosts = [env.ip]
env.user = 'root'
env.environment = 'production'
I have the config like this, but when I trying to execute something using run(command), it prompts me to put the password for root, why?
In my native Terminal.app, I can ssh x.x.x.x without entering the password.
I have enabled logging in the fabfile, and here is the ouput
DEBUG:ssh.transport:starting thread (client mode): 0xaa84dd0L
INFO:ssh.transport:Connected (version 2.0, client OpenSSH_5.8p1)
DEBUG:ssh.transport:kex algos:['ecdh-sha2-nistp256', 'ecdh-sha2-nistp384', 'ecdh-sha2-nistp521', 'diffie-hellman-group-exchange-sha256', 'diffie-hellman-group-exchange-sha1', 'diffie-hellman-group14-sha1', 'diffie-hellman-group1-sha1'] server key:['ssh-rsa', 'ssh-dss'] client encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc#lysator.liu.se'] server encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc#lysator.liu.se'] client mac:['hmac-md5', 'hmac-sha1', 'umac-64#openssh.com', 'hmac-ripemd160', 'hmac-ripemd160#openssh.com', 'hmac-sha1-96', 'hmac-md5-96'] server mac:['hmac-md5', 'hmac-sha1', 'umac-64#openssh.com', 'hmac-ripemd160', 'hmac-ripemd160#openssh.com', 'hmac-sha1-96', 'hmac-md5-96'] client compress:['none', 'zlib#openssh.com'] server compress:['none', 'zlib#openssh.com'] client lang:[''] server lang:[''] kex follows?False
DEBUG:ssh.transport:Ciphers agreed: local=aes128-ctr, remote=aes128-ctr
DEBUG:ssh.transport:using kex diffie-hellman-group1-sha1; server key type ssh-rsa; cipher: local aes128-ctr, remote aes128-ctr; mac: local hmac-sha1, remote hmac-sha1; compression: local none, remote none
DEBUG:ssh.transport:Switch to new keys ... [x.x.x.x] Login password for 'root':

You have to specify the path to the keyfile to use.
See this post for details, which boil down to adding
env.key_filename = '/path/to/keyfile.pem'
in your case.