Error: User modify failed. Cannot modify user on other node: Authentication by SSH key failed!

Error: User modify failed. Cannot modify user on other node: Authentication by SSH key failed!

 

Check the following on slave/secondary node

 

1. The error ’User modify failed Cannot modify user on other node: Authentication by ssh key failed’ would occur when the ezeelogin installed node has its public key missing in /root/.ssh/authorized_keys. To add the key, execute the following command 

cat /usr/local/etc/ezeelogin/id_clkey.pub >> /root/.ssh/authorized_keys

 

Check if the key is back in the file.

cat /root/.ssh/authorized_keys

 

2. Also, make sure that the port sshd is listening on the servers is given as the gateway port in Settings->General->Miscellaneous->Gateway SSH port

3. Also, make sure PubkeyAuthentication is set to ’YES’ in you sshd_config (sshd configuration) file. In Centos/RHEL/Fedora it would be

vi /etc/ssh/sshd_config

#set PubkeyAuthentication to yes

PubkeyAuthentication yes

service sshd restart

 

3. Also, make sure root login is permitted on the gateway server.

 

You can check this by doing

ssh root@localhost

and it should log you in else edit /etc/ssh/sshd_config and set  PermitRootLogin yes 

vi /etc/ssh/sshd_config

#Add the following lines to the end of  /etc/ssh/sshd_config to allow root login from localhost only

 Match Address 127.0.0.1

 PermitRootLogin yes

 service sshd restart

 and make sure you are able to authenticate with the the command 

ssh root@localhost

Make sure you are able to login after entering the password.

If you have enabled Allow Or Deny SSH Access To A Particular User Or Group in sshd.conf, make sure that the user root is allowed

  4. Also, make sure that the webuser(apache,nobody.etc) that the webserver(apache/nginx) runs as is able to read the keys in the dir /usr/local/etc/ezlogin.

  Make sure to grant the read privileges to

chmod o r /usr/local/etc/ezlogin/id_clkey
chmod o r /usr/local/etc/ezlogin/id_clkey.pub
or
usermod -G <current_groupname_of_id_clkey_files> <webserver_user>

5. Check the log file /var/log/secure

       tail  /var/log/secure

 

 

 

 

0 (0)
Article Rating (No Votes)
Rate this article
    Attached Files
    There are no attachments for this article.
    Related Articles RSS Feed
    LICENSE: No license Please contact [email protected]
    Viewed 1274 times since Wed, Jun 14, 2017
    vi editor not working , insert and delete not working in ssh
    Viewed 1395 times since Wed, Jun 14, 2017
    How to reset Ezeelogin admin user password or security code
    Viewed 1980 times since Thu, Jun 15, 2017
    Could not connect to database infinite loop on restore
    Viewed 1825 times since Wed, Jun 14, 2017
    Unable to add server into Ezeelogin via webinterface. Password error, times out
    Viewed 1129 times since Wed, Jun 14, 2017
    "Error: LDAP extension is not installed".
    Viewed 1211 times since Fri, Sep 8, 2017
    Primary node showing the public ip instead of lan ip when cluster is configured
    Viewed 174 times since Wed, Nov 21, 2018
    main admin user account suspended after entering incorrect security code
    Viewed 1419 times since Wed, Jun 14, 2017
    Blank page when accessing Ezeelogin web panel or GUI
    Viewed 1758 times since Wed, Jun 14, 2017
    internal command ezinfo not displaying server details
    Viewed 1678 times since Wed, Jun 14, 2017