sshd-keygen utility has the wrong file path on freeipa_register snippet for RHEL8 : /usr/sbin/sshd-keygen: No such file or directory
Environment
- Red Hat Enterprise Linux 8
- Red Hat satellite 6.5
Issue
- sshd-keygen utility reported an error while provisioning RHEL8 machine by satellite 6.5 with realm enabled.
/tmp/ks-script-q_ct_py2: line 121: /usr/sbin/sshd-keygen: No such file or directory
stderr=Could not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_ecdsa_key
Could not load host key: /etc/ssh/ssh_host_ed25519_key
Resolution
- Create a clone of kickstart default template with name kickstart default clone rhel8 and from Association tab add RHEL8.0 to the applicable operating systems.
- Add the desired locations and organizations from the Locations, Organizations tabs.
webUI -> Hosts -> Provisioning Templates > Edit Kickstart default -> clone
- Create a clone of snippet freeipa_register with name freeipa_register_clone_rhel8 and from Association tab add RHEL8.0 to the applicable operating systems.
webUI -> Hosts -> Provisioning Templates > Edit freeipa_register -> clone
- Edit the template kickstart default clone rhel8 , change the following line :
<%= snippet 'freeipa_register' %>
to
<%= snippet 'freeipa_register_clone_rhel8' %>
- Edit the snippet freeipa_register_clone_rhel8 , change the follwoing part;
<% if @host.operatingsystem.major.to_i > 6 -%>
/usr/sbin/sshd-keygen
<% end -%>
to
<% if @host.operatingsystem.major.to_i > 6 -%>
<% if @host.operatingsystem.major.to_i == 7 -%>
/usr/sbin/sshd-keygen
<% else -%>
/usr/libexec/openssh/sshd-keygen rsa
<% end -%>
<% end -%>
- An argument "rsa" has been added above to create "rsa" host keys.
Root Cause
-
sshd-keygen utility is used to generate SSH keys to be sure the ipa-client-install uploads them to the IdM server.
/usr/sbin/sshd-keygen -
This example does not work anymore on RHEL8. The file path has been changed:
# rpm -ql openssh-server | grep sshd-keygen
/usr/libexec/openssh/sshd-keygen
- The Issue for RHEL8 has been reported by bugzilla 1720632 to update the right file path on the documentation kickstart-file-for-client-installation
- The is a work around until the bugzilla 1721878 for the satellite 6.5 will be fixed.
Diagnostic Steps
- The following errors have been found during the RHEL8 machine provisioning with realm enabled and reported to log file install.post.log.
/tmp/ks-script-q_ct_py2: line 121: /usr/sbin/sshd-keygen: No such file or directory
stderr=Could not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_ecdsa_key
Could not load host key: /etc/ssh/ssh_host_ed25519_key
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments