How to recreate ssh keys of foreman-proxy user in Red Hat Satellite 6

Solution Verified - Updated

Environment

  • Red Hat Satellite 6

Issue

  • Need to recreate the ssh keys of foreman-proxy user in Red Hat Satellite 6.

  • After changing the hostname of the Red Hat Satellite server, recreate/regenerate the SSH keys of the foreman-proxy user in Red Hat Satellite 6.

  • The remote execution job failed with the following error in the Red Hat Satellite WebUI:

    Could not establish connection to remote host using any available authentication method, tried password, publickey

Resolution

NOTE: Below command will not create a new ssh key pair, if the old keys are already present in /var/lib/foreman-proxy/ssh path.

  • Move the old keys to some other location, then run the below command to create a new ssh key-pair under /var/lib/foreman-proxy/ssh path:

    # mv /var/lib/foreman-proxy/ssh/id_rsa_foreman_proxy*  /tmp

  • For Red Hat Satellite 6.11 and below versions:

    # satellite-installer --foreman-proxy-plugin-remote-execution-ssh-generate-keys

  • For Red Hat Satellite 6.12 and new versions:

    # [root@satellite ~]# satellite-installer

  • Copy over the new foreman-proxy public key on the client machine.

    # [root@satellite ~]# ssh-copy-id -i ~foreman-proxy/.ssh/id_rsa_foreman_proxy.pub rexuser@client.example.com

For more KB articles/solutions related to Red Hat Satellite 6.x Remote Execution Issues, please refer to the Red Hat Satellite Consolidated Troubleshooting Article for Red Hat Satellite 6.x Remote Execution Issues

Root Cause

  • If the hostname of the Red Hat Satellite server is changed, the SSH key present in the client host will have the old hostname with the key which mismatches with the new hostname. Due to this, the authentication issue occurs while running the remote execution job.

Diagnostic Steps

  • Check the public key of foreman-proxy added to the client host for rexuser and ensure that the hostname at the end of the key is the same as the hostname of the Satellite server. If not, create new SSH keys.
SBR
Product(s)
Category
Tags

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.