Project

General

Profile

Actions

Bug #10784

closed

HA-sync with ssh keys

Added by Mark De Souza about 4 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
High Availability
Target version:
-
Start date:
07/24/2020
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.4.5
Affected Architecture:
amd64

Description

I have two pfsense boxes configured in HA sync. Synchronisation is performed by a seperate user named "ha-sync" with "System - HA node sync" permissions.

Attempting to log into the primary node with username "mark" and a ssh key, the login works correctly.

When I attempt to log into the secondary node, the attempt fails.

Logging in with a password, I can see that the ~/.ssh directory is owned by ha-sync/nobody and not mark/nobody like on the primary server.

Running: "chown -R mark .ssh" as root resolves the issue

Actions #1

Updated by Viktor Gurov about 4 years ago

  • Status changed from New to Feedback

Unable to reproduce it on 2.4.5-p1 and 2.5.0.a.20200728.1850 HA clusters, ~/.ssh directory owner is OK
Please give us more details about this issue

Actions #2

Updated by Marcos M over 2 years ago

  • Status changed from Feedback to Closed
Unable to reproduce - tested on 22.01 by checking /home/<user>/.ssh after:
  • using default admin account to sync
  • using separate account to sync
  • adding ssh key during new account creation and during edit
  • creating a new user using the same and different usernames after deleting the user
Actions

Also available in: Atom PDF