Host key rejected
When attempting to add a new virtual box provider I can not get past step 2.2 (Verify Certificate). The error the Web UI shows is
"Verification of xVM VirtualBox Host Failed"
"An internal error has occurred."
Also I see the following in /var/adm/messages
Received disconnect from <IP address>: 3: com.jcraft.jsch.JSchException: reject HostKey: <hostname>
The /var/opt/SUNWvda/logs/vdaadmin.log shows:
Jun 8, 2009 8:48:54 AM com.sun.vda.admin.providers.NewVBoxProviderWizardBean$NewVBoxProviderWizardEventListener handleEvent
INFO: Verification of Virtual Box host failed
Jun 8, 2009 8:48:54 AM NewVBoxProviderWizardBean handleEvent
FINER: THROW
java.lang.reflect.UndeclaredThrowableException
at $Proxy8.checkHost(Unknown Source)
at com.sun.vda.admin.model.VirtualBox.checkStatus(Unknown Source)
at com.sun.vda.admin.providers.NewVBoxProviderWizardBean$NewVBoxProviderWizardEventListener.handleEvent(Unknown Source)
at com.sun.webui.jsf.component.Wizard.broadcast(Wizard.java:1955)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:447)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:752)
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:97)
at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:251)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:117)
at com.sun.faces.extensions.avatar.lifecycle.PartialTraversalLifecycle.execute(PartialTraversalLifecycle.java:94)
<snip>
I've tried regenerating the host keys on the virtual box server but no luck.
Does anyone have any ideas?
I think the issue was related to my attempt to configure Vbox to run a root. I saw this in the release notes:
Desktops cannot use 'Host Networking' unless xVM VirtualBox has been configured to run as root. (Bug ID 6839450)
Virtual machines cannot be started with host networking unless the xVM VirtualBox web service runs as root.
Once I configured VBox to run as a non root user I no longer got the "Host key rejected" error. BTW host networking works as well. (?!?)
Similar Messages
-
I only have windows 8.1 kms host key but I can't add a client OS kms key to Windows 2008 R2 kms server. And I don't have Windows 2012 R2 license either. Is there any way I can activate Windows 8.1 using my existing kms server? Thanks.
I would like a yes no clarification answer. So does this mean that EVEN WITH THE PATCH. My Server 2012 Standard edition that currently hosts KMS VA for clients running Win7, Win 8, Office15, Server 2008, Server 2012. Will not be able to host windows 8.1?
I will have to install 8.1 and use as a host?
if you have a KMShost product key for WS2012R2, you can patch a down=level Server and be fine.
(the OP didn't renew SA or otherwise has no KMShost pkey for WS2012R2)
Don
(Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!)
I'm having similar issues and have a similar question that doesn't seem to be answered:
My KMS server is Windows 2008 R2 (Also is my domain controller). I want to activate Windows 2012 R2 and Windows 8.1 machines off this KMS server. I can install the 2012 R2 key just fine but receive error 0xC004F015 (The Software Licensing Service reported
that the license is not installed) when I try to install my 8.1 KMS key.
What I'm gathering from this thread is that I have to set up a Windows 8.1 host and set it up to be a KMS server exclusively for activating Windows 8.1. Is this correct? If so, Microsoft needs to fix that. I have a SERVER for activations for a reason: it
is a server, not a client. If I am mis-understanding, how do I get my Windows 2008 R2 server to accept the Windows 8.1 KMS key for activating 8.1 clients?
Thanks!
You don't need Windows 8.1 KMS key. Your 2012 R2 KMS key will be able to activate your Windows 8.1 machines. So your current set up is fine, no need to set up another Windows 8.1 KMS host.
My problem is I don't have 2012 R2 KMS key as I didn't buy any Windows 2012 R2 license. So I can't use 2012 R2 KMS key to activate my Windows 8.1.
Oh that's interesting. I guess I need to play around more because my 8.1 test machine isn't activating. I'll start a new thread for that if needed. Sorry for the confusion. -
How do I enable "Host-key" for my sftp server on ISE?
Hello,
I am having trouble copying my ISE 1.2 upgrade files to my local repositories.
Here is a cut and paste from my CLI on one of my ISE nodes after attemtping to copy from my workstation (running an SFTP server) to one of my ISE nodes.
XXX-ise-01/admin# Copy sftp://<My_SFTP_Server_IP_Address>/ise-upgradebundle-1.1.x-to-1.2.0.899.i386.tar.gz. disk:/
Username: Admin
Password:
% ERROR : Backup failed due to one of the following reasons
1. host-key option is not configured
2. host key is removed because of re-image
3. host key is removed from some other repository having same ip/hostname
% Please reconfigure the host-key option
% Error: Transfer failed
I have not configured anything with the "Host-Key" option.
I have googled and searched but can only find limited references to the "Host-key" command within Cisco. I have tried various forms of this on the ISE node with no luck.
I tried an FTP transfer but that did not work.
Any ideas?I was wondering why the last character is capitalized. Also are you able to copy files from the disk file over to the same repository. I havent had any problems and I see in a seperate thread that the user gave other directions on how to transfer the file.
If you can open two ssh connection and try to run the following command to tail the logs:
"show logging system ade/ADE.log tail"
You should get some messaging behind the error you are receiving, for example I went to look for a file that did not exist (even though I am using ftp you should get the same error).
Here is when the transfer fails:
2014-01-02T13:41:22.506519-06:00 ise01 ADE-SERVICE[4786]: [30325]:[info] transfe
r: cars_xfer.c[264] [tadmani]: ftp copy in of ftp://172.16.249.1/test requested
2014-01-02T13:41:22.522470-06:00 ise01 ADE-SERVICE[4786]: [30325]:[error] transf
er: cars_xfer_util.c[349] [tadmani]: curl error: FTP: couldn't retrieve (RETR fa
iled) the specified file
2014-01-02T13:41:22.523040-06:00 ise01 ADE-SERVICE[4786]: [30325]:[error] copy:
cm_copy.c[1144] [tadmani]: local file disk:/ transfer from url ftp://172.16.249.
1/test failed retcode=-302
2014-01-02T13:41:22.527148-06:00 ise01 ADEOSShell[30325]: ADEAUDIT 3017, type=CO
PY, name=COPY IN FILE FAILED, username=tadmani, cause=Error while copying file f
rom remote system, adminipaddress=172.16.247.12, interface=CLI, detail=Disk file
disk:/ transfer from url ftp://172.16.249.1/test failed
Here is when login fails:
curl error: FTP: login denied
Here is some logging around a successful transfer -
2014-01-02T13:44:46.897499-06:00 ise01 ADE-SERVICE[4786]: [30766]:[info] transfe
r: cars_xfer.c[264] [tadmani]: ftp copy in of ftp://172.16.249.1/running-config
requested
2014-01-02T13:44:46.934972-06:00 ise01 ADEOSShell[30766]: ADEAUDIT 2042, type=CO
PY, name=COPY FILE, username=tadmani, cause=Copied a file, adminipaddress=172.16
.247.12, interface=CLI, detail=Copied disk file disk:/ from url ftp://172.16.249
.1/running-config successfully
Thanks,
Tarik Admani
*Please rate helpful posts* -
How do you properly configure SSH keys on a WLC? On IOS I normally set the domain name of our organization on the system and then use the "crypto key generate rsa" command. I have found the WLC "network ssh host-key generate" generate command but can't find a way to set the domain name. I also don't see any way to specify the cypher or key size and can't find any documentation on what the default cypher and key size are. Do I need to install a certificate and use "ssh host-key use-device-certificate-key" instead if i want control over those items?
Steve:
I agree with you they do not work the same. But my concern when I saw the question is that there is no way to decide the cypher or the key size!!
Also the command:
ssh host-key use-device-certificate-key
What does it mean by the device certificate? SSL cert for management and web-auth? or something else? This is not clear at all and it needs to be documented. My search revealed nothing.
Rating useful replies is more useful than saying "Thank you" -
Key Rejected with Windows 7 RC1
Trialling our CS4 DP software on W7RC1.
No problem installing (I may have needed to Run as Admin on a 2nd attempt).
Software seems to be running OK.
BUT the site licence for WIndows CS4 is declared not valid. X
Is W7 treated as the wrong OS for the key and so causing the key to be rejected
...or is this only because it's not internally flagged as a released OS=Windows ?
Please advise me how to get the key to work or if there's some contact I should make to
get a W7-compatible key for our site - as a 2nd Trial period is a bit aggravating to establish :-}
Thanks.Windows 7 hasn't even been released yet. FWIW I had no problem installing CS3 or CS4 in trial mode but never tried to activate them.
Like the rest of us testing Win7 you're on your own for support but please keep us posted of anything your find. It might be useful to Adobe or Microsoft.
Bob -
I have installed Windows Server 2012 R2 with Volume Activation Services service role.
I would like to install several KMS keys on this server (keys for windows 8.1, windows 8, windows 7, server 2012 R2, server 2012, server 2008, Office 2013, Office 2010,...).
Will that work correctly ?
thanks..I have installed Windows Server 2012 R2 with Volume Activation Services service role.
I would like to install several KMS keys on this server (keys for windows 8.1,8,7, server 2012 R2, 2012,2008, Office 2013, Office 2010,...).
Will that work correctly ?
thanks..
You cannot install more than a single Windows product key on a system. You must choose the "highest" product/version KMShost pkey.
You must install any needed patches/updates that are pre-requisite, then install that Windows pkey.
Windows KMShost pkeys will activate all KMSclients at the same product/version *and* below.
For Office KMShost, you must install the relevant patch/update for each Office KMS pack, and also install each Office KMShost pkey.
This wiki article I wrote may be helpful:
http://social.technet.microsoft.com/wiki/contents/articles/22510.volume-activation-kms-mak-adba-avma.aspx
If your KMShost machine is WS2012R2, and you want to issue activations for WS2012R2 and all possible KMSclients (Windows KMSclients
and Office KMSclients):
Install the WS2012R2 KMShost pkey (no patches/updates are needed, because WS2012R2 is the latest release).
Install the Office2010 KMShost patch/update/pack, and, the Office2010 KMShost pkey.
Install the Office2013 KMShost patch/update/pack, and, the Office20103 KMShost pkey.
Don
(Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!) -
Office 2013 license pack does not allow me to activate key within configuration wizard
Hello,
I have a KMS host running Office 2010 activations for our client computers which is running fine. I installed the Office 2013 license pack on the same host. However, in the configuration wizard it doesn't allow me to activate the product key. Is there
a way around this?
My client laptop isn't activating against the KMS host, and I have Office 2013 installed on my laptop. This is what I get when I run
cscript ospp.vbs /act on my client laptop
Microsoft Windows [Version 6.3.9600]
(c) 2013 Microsoft Corporation. All rights reserved.
C:\Windows\system32>cd c:\
c:\>cd program files
c:\Program Files>cd microsoft office
c:\Program Files\Microsoft Office>cd office 15
The system cannot find the path specified.
c:\Program Files\Microsoft Office>cd office15
c:\Program Files\Microsoft Office\Office15>ospp.vbs /act
c:\Program Files\Microsoft Office\Office15>cscript ospp.vbs /act
Microsoft (R) Windows Script Host Version 5.8
Copyright (C) Microsoft Corporation. All rights reserved.
---Processing--------------------------
Installed product key detected - attempting to activate the following product:
SKU ID: b13afb38-cd79-4ae5-9f7f-eed058d750ca
LICENSE NAME: Office 15, OfficeStandardVL_KMS_Client edition
LICENSE DESCRIPTION: Office 15, VOLUME_KMSCLIENT channel
Last 5 characters of installed product key: 92CD4
ERROR CODE: 0xC004F038
ERROR DESCRIPTION: The Software Licensing Service reported that the product coul
d not be activated. The count reported by your Key Management Service (KMS) is i
nsufficient. Please contact your system administrator.
---Exiting-----------------------------
c:\Program Files\Microsoft Office\Office15>Hi,
Please check if your KMS host key for Office 2013 is valid and you can try to activate the KMS host by telephone.
To get the key for the Microsoft Office 2013 KMS, sign in to Microsoft Volume Licensing Service Center.
On this page, don’t choose the Key Management Service Host Key. Choose the Office version you are licensed for instead, and look for the KMS key for that version.
http://technet.microsoft.com/en-us/library/dn385356.aspx
To activate an Office KMS host by telephone
http://technet.microsoft.com/en-us/library/dn385356.aspx#BMK_ToactivateanOfficeKMSbytelephone
KMS activation of Office 2013
http://technet.microsoft.com/en-us/library/ee624357.aspx
If issue persists, it is recommended to post the question in Office forums for further troubleshooting.
http://social.technet.microsoft.com/Forums/office/en-US/home?category=officeitpro&filter=alltypes&sort=lastpostdesc
Hope this helps.
Jeremy Wu
TechNet Community Support -
Can't use ssh publickey, but only for a single host
I've been using publickeys for a long time to connect my laptop to my server, but lately I can't connect when I'm in this place only.
It is the same key and it works perfectly, except when I'm in this specific network. And it doesn't seem to be a firewall issue, because the remote server actually logs the attempt.
I'm all out of ideas. Nothing I try has any effect.
ssh -vvv
OpenSSH_6.1p1, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /home/<user>/.ssh/config
debug1: /home/<user>/.ssh/config line 14: Applying options for <host>
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to <host> port 443.
debug1: Connection established.
debug3: Incorrect RSA1 identifier
debug3: Could not load "/home/<user/.ssh/id_rsa" as a RSA1 public key
debug1: identity file /home/<user>/.ssh/id_rsa type 1
debug1: identity file /home/<user>/.ssh/id_rsa-cert type -1
debug1: identity file /home/<user>/.ssh/id_dsa type -1
debug1: identity file /home/<user>/.ssh/id_dsa-cert type -1
debug1: identity file /home/<user>/.ssh/id_ecdsa type -1
debug1: identity file /home/<user>/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.1
debug1: match: OpenSSH_6.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.1
debug2: fd 3 setting O_NONBLOCK
debug3: put_host_port: <host>:443
debug3: load_hostkeys: loading entries for host "<host>:443" from file "/home/<user>/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file /home/<user>/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],ssh-rsa
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: [email protected],[email protected],ssh-rsa,[email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: [email protected],zlib,none
debug2: kex_parse_kexinit: [email protected],zlib,none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email protected]
debug2: kex_parse_kexinit: none,[email protected]
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 [email protected]
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 [email protected]
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: <host key>
debug3: put_host_port: <host>:443
debug3: put_host_port: <host>:443
debug3: load_hostkeys: loading entries for host "<host>:443" from file "/home/<user>/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file /home/<user>/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys
debug3: load_hostkeys: loading entries for host "<host>:443" from file "/home/<user>/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file /home/<user>/.ssh/known_hosts:11
debug3: load_hostkeys: loaded 1 keys
debug1: Host '<host>:443' is known and matches the RSA host key.
debug1: Found key in /home/<user>/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/<user>/.ssh/id_rsa (0x1d61230)
debug2: key: /home/<user>/.ssh/id_dsa ((nil))
debug2: key: /home/<user>/.ssh/id_ecdsa ((nil))
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/<user>/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
and this is the log from journalctl
Mar 27 09:38:29 xen sudo[29258]: pam_unix(sudo:session): session closed for user root
Mar 27 09:38:32 xen sshd[29196]: debug1: Forked child 590.
Mar 27 09:38:32 xen sshd[590]: Set /proc/self/oom_score_adj to 0
Mar 27 09:38:32 xen sshd[590]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
Mar 27 09:38:32 xen sshd[590]: debug1: inetd sockets after dupping: 3, 3
Mar 27 09:38:32 xen sshd[590]: Connection from <host> port 54330
Mar 27 09:38:32 xen sshd[590]: debug1: Client protocol version 2.0; client software version OpenSSH_6.1
Mar 27 09:38:32 xen sshd[590]: debug1: match: OpenSSH_6.1 pat OpenSSH*
Mar 27 09:38:32 xen sshd[590]: debug1: Enabling compatibility mode for protocol 2.0
Mar 27 09:38:32 xen sshd[590]: debug1: Local version string SSH-2.0-OpenSSH_6.1
Mar 27 09:38:32 xen sshd[590]: debug1: permanently_set_uid: 99/99 [preauth]
Mar 27 09:38:32 xen sshd[590]: debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 [preauth]
Mar 27 09:38:32 xen sshd[590]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Mar 27 09:38:32 xen sshd[590]: debug1: SSH2_MSG_KEXINIT received [preauth]
Mar 27 09:38:32 xen sshd[590]: debug1: kex: client->server aes128-ctr hmac-md5 [email protected] [preauth]
Mar 27 09:38:32 xen sshd[590]: debug1: kex: server->client aes128-ctr hmac-md5 [email protected] [preauth]
Mar 27 09:38:32 xen sshd[590]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
Mar 27 09:38:32 xen sshd[590]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
Mar 27 09:38:32 xen sshd[590]: debug1: expecting SSH2_MSG_NEWKEYS [preauth]
Mar 27 09:38:32 xen sshd[590]: debug1: SSH2_MSG_NEWKEYS received [preauth]
Mar 27 09:38:32 xen sshd[590]: debug1: KEX done [preauth]
Mar 27 09:38:32 xen sshd[590]: debug1: userauth-request for user <user> service ssh-connection method none [preauth]
Mar 27 09:38:32 xen sshd[590]: debug1: attempt 0 failures 0 [preauth]
Mar 27 09:38:32 xen sshd[590]: debug1: PAM: initializing for "<user>"
Mar 27 09:38:32 xen sshd[590]: debug1: PAM: setting PAM_RHOST to "<host>"
Mar 27 09:38:32 xen sshd[590]: debug1: PAM: setting PAM_TTY to "ssh"
Mar 27 09:38:32 xen sshd[590]: debug1: userauth-request for user <user> service ssh-connection method publickey [prea
Mar 27 09:38:32 xen sshd[590]: debug1: attempt 1 failures 0 [preauth]
Mar 27 09:38:32 xen sshd[590]: debug1: test whether pkalg/pkblob are acceptable [preauth]
Mar 27 09:38:32 xen sshd[590]: debug1: temporarily_use_uid: 1000/100 (e=0/0)
Mar 27 09:38:32 xen sshd[590]: debug1: trying public key file /home/<user>/.ssh/authorized_keys
Mar 27 09:38:32 xen sshd[590]: debug1: fd 4 clearing O_NONBLOCK
Mar 27 09:38:32 xen sshd[590]: debug1: matching key found: file /home/<user>/.ssh/authorized_keys, line 1
Mar 27 09:38:32 xen sshd[590]: Found matching RSA key: <key>
Mar 27 09:38:32 xen sshd[590]: debug1: restore_uid: 0/0
Mar 27 09:38:32 xen sshd[590]: Postponed publickey for <user> from <host> port 54330 ssh2 [preauth]
And it just hangs there forever.
If I try to use the same key to log in to other servers (one debian and an openWRT router) it works just fine from this location. This key also works to log in to the archlinux server if I'm on other networks, such as my college's or my other workplace.
Any help is very appreciated. As it stands, I have to log in to my debian server and from there I have to log in to my archlinux server. I wish I could just log in directly as I've done many times in the past.Hi,
I don't know whether you've solved the issue in the meantime (your issue was three months ago), but I thought I'd post this reply just to let other people who run into this problem know what happened to me and how I solved it.
I had exactly the same problem as you had. The logging in stopped at exactly the same point in the debugging trace. I too was experiencing the problem from a single network (multiple hosts on the network could not log onto a remote server). Logging into the remote server from other locations (even with the same laptop) worked fine.
The problem turned out to be an MTU problem in my case. I was running an OpenVPN connection to the remote server, and I was logging into it over the VPN. No problems, usually, except for the fact that the network that I was logging in from is a glass fiber network using PPPoE. The MTU on that link is 1460 bytes, not the 1500 bytes that is more common. I had to reconfigure the OpenVPN interfaces (using the OpenVPN configuration options "mssfix 1360", "fragment 1360" and "tun-mtu 1400" on both sides of the connection) to use a smaller MTU on the OpenVPN tunX interface, and everything started working normally again.
Obviously, the MTU was wrong for every connection going over the VPN, but the OpenVPN tunnel was somewhat resistant to this mistake because I turned on LZO compression, which made most packets that were transmitted over the OpenVPN interface (tunX) that were using an MTU of 1500 bytes smaller than the maximum allowed on the actual link. Anyway, the lesson is: set up your MTUs on your links correctly. And turn on "mssfix" so that if you're routing remote hosts' traffic over the OpenVPN tunnel, their TCP stacks will be made aware of the actual MTU of the link.
Hope this helps somebody,
Sven -
I recently migrated our KMS server to a 2012 R2 box and I cannot get the count to budge now.According to this article our KMS key should now activate 2008 r2, 7 Ent, 2012 R2.7. Enter your KMS Host Key (CSVLK). Note: You can only install a Windows Server 2012 CSVLK at this point. A Windows Server 2012 CSVLK can activate Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 KMS clients.http://blogs.technet.com/b/askcore/archive/2013/03/14/installing-volume-activation-services-role-in-...Am I mistaken because my count is only at 4 which are Server 2012 R2 servers. None of the others are even making the count go up. A little help here.
This topic first appeared in the Spiceworks Communityas long as you have more than 25 Machines both client and server os:es will be activated.
It's all explained here:
http://technet.microsoft.com/en-us/library/ff793434.aspx -
Background:
In order to transfer logs to MFC, we had to use an intermediate logging server in our OOB network. When this logging server crashed we had to rebuild the server with new hardware and SCP no longer worked.
Issue:
The host key changed on the new server and had to be manually updated. We suspected it was related to the hosts key but had difficulty finding where the known hosts info was stored.
Solution:
Go to your install location of MFC and remove the known_hosts file. In our case the file was located at: "D:\Program Files\IronPort Systems\Mail Flow Central\mailFC\tmp\known_hosts". Instead of removing the file, we renamed it to known_hosts.old and restarted the MFC service. Afterwards we could see all the old logs importing.
The issue itself was not difficult to resolve, it just took more time than expected for something that would seem straightforward. To complicate things, we even raised a query to customercare who came back saying that they do not support the server on which MFC is running. But clearly the source of the issue was related to the application rather than the server itself.Thanks for your comment qetzacoatl, however I don't this this will work for me, I am on a team, and we need to be able to check-in/out files and make sure we don't override eachothers work. I also don't want to have to use 2 programs to accomplish the task one should be able to do. Its now 3 weeks going and I can't get any work done, it seems like its getting worse. Nobody from Adobe seems to want to comment on my thread at all....So maybe I should just find a completely new solution and get rid of DW all together, Aptana is looking VERY nice right about now.
-
SSH Key login not working when added to gpg-agent
Hello,
As I use gnupg, I run the gpg-agent. I run it with systemd --user and it works flawlessly. As I already run gpg-agent, I figured I might as well just add my ssh keys to it as well. Therefore I start gpg-agent with --enable-ssh-support. I use my SSH keys a lot and never had any problems with connecting to anything with a simple ssh .... or pushing things to git etc.
As the SOCKS_AUTH_SSH envvar needs to be set for ssh-add to work, I added this line to my .bashrc
export SSH_AUTH_SOCK=~/.gnupg/S.gpg-agent.ssh
Now, adding my SSH Keys with a simple ssh-add seems to work fine (no errors etc).
However, when I try to connect to a server now, the following happens:
ssh -vT [email protected]
OpenSSH_6.8p1, OpenSSL 1.0.2a 19 Mar 2015
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to XXXXXXXXX port XXXXX.
debug1: Connection established.
debug1: identity file /home/XXXXX/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/XXXXX/.ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.8
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.8
debug1: match: OpenSSH_6.8 pat OpenSSH* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr [email protected] none
debug1: kex: client->server aes128-ctr [email protected] none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:Mw5MTDp91yExgStdoMPMwi2yZdoG9MruOm+6XiC5Vks
debug1: Host '[XXXXXXX]:XXX' is known and matches the ECDSA host key.
debug1: Found key in /home/XXXX/.ssh/known_hosts:1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/XXXXX/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: No more authentication methods to try.
Permission denied (publickey).
Which is very strange as id_rsa is my (ecrypted) private key. I am also prompted to enter the corresponding password when issuing ssh-add.
What could the problem be in this case? Thanks a lot!!
Last edited by replax (2015-05-18 19:06:58)replax wrote:Well, there is something listed in .gnupg/sshcontrol , I am not sure if it is connected to my own key though. I tried ssh-add -l and it will list my one key, although it is different from the one in sshcontrol. I suspect that that is an issue of presentation though, as ssh-add spews out the SHA256 of my key..
How could I go about verifying that they key is indeed correct? Shouldn't it be added automatically by ssh-add?
Thanks a lot!!
Yes it should be added automatically. I suppose you could try it in a new user just to start fresh and see if it works, at least then you'll have either verified that your steps were correct or incorrect. -
When I open terminal and do sash [email protected] it says warning rsa key not recognized to go to known-hosts file which ican not grt into I have download pico but am not sure how to launch it or what I ave to do.
sibeen, please stop starting new posts when you are really just continuing the first post. "Reply" to one of your existing posts when you are really just continuing the same question. If I have not lost count, you have posted 3 times about this same ssh rsa host key issue, and Linc Davis and I have been trying to keep track of all the details, but with it spread out across multiple new posts, it is difficult.
I'm guessing as you again forgot to post the actual error (I'm starting to wonder if you are testing how well Linc and I can guess at your problem ). Anyway, I'm guessing that you managed to delete the $HOME/.ssh/known_hosts file, and now when you try to ssh to 10.0.0.2 it wants to add the remote system's host rsa key into a newly created known_hosts file.
The authenticity of host '[10.0.0.2]:22([10.0.0.2]:22)' can't be established.
RSA key fingerprint is xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx.
Are you sure you want to continue connecting (yes/no)?
Generally the command ask if you want to do this, yes or no. You type "yes" and your Mac memorizes the remote system's host rsa key.
If this is not the warning message you are seeing, then as Linc has requested, please post the exact error (feel free to mask put the actual key or usernames or IP addresses, but keep the words.
If you are still getting the original error from 3 posts ago, then I would not try editing $HOME/.ssh/known_hosts, and instead just delete the file, and when you get a message like I have posted above, answer it with "yes".
WIth respect to pico, Mac OS X already has pico installed, so there was no need to download it from anywhere. However, most people just use 'nano' which has essentially replaced 'pico' as an easy to use Terminal based text editor. But like I said, I think you will be happier if you just delete the known_hosts file and get on with your ssh operations.
Finally, I think in your 2nd post you indicated you tried deleting a file that had a dash in the name (known-hosts) instead of an underscore (known_hosts). If that was just a typo when you entered your post, and you were really getting you cannot delete a directory, then something is seriously wrong, or you accidentally allowed a space to be inserted between .ssh and known_hosts. Personally, I'm going with you actually entered a space and the 'rm' command thought you wanted to delete the .ssh directory instead of $HOME/.ssh/known_hosts. I could be wrong, but using copy and paste to post actual Terminal screen output as well as the command you entered would be very helpful to anyone trying to provide useful information. In other words, help us help you. -
SFTP/FTP Proxy Problems - Works for DMZ but not for Internet Hosts?!
Hi together,
we have a strange problem with our TMG Proxy, some infrastructure informations first
So we have the Client LAN with the IP range 192.168.11.x which is routeable to Server LAN 192.168.3.x but not to DMZ LAN 192.168.200.x.. The TMG is a 2 Node Array, 192.168.200.5 is the DMZ VIP. TMG DMZ IP Adress (192.168.200.5) and physical Adresses have
an NAT relation to one Public IP. HTTPS Inspection is active. We dont use (and dont want to) the TMG Client component.
When i use WinSCP, Putty or Filezilla and connect to a DMZ LAN Host (192.168.200.x) with "HTTP Proxy" (192.168.3.108:8080) everything is fine, it works like expected...
When i connect to an Internet Host it fails regardless which protocol i use - ftp, sftp or ssh. The error i get is
"The token supplied to the function is invalid."
An example for a failed SFTP Connection
Filezilla
Status: Connecting to system.internet.de...
Trace: Going to execute "C:\Program Files (x86)\FileZilla FTP Client\fzsftp.exe"
Response: fzSftp started
Trace: CSftpControlSocket::ConnectParseResponse(fzSftp started)
Trace: CSftpControlSocket::SendNextCommand()
Trace: CSftpControlSocket::ConnectSend()
Command: proxy 1 "tmg.local" 8080 "domain\user" "***********"
Trace: CSftpControlSocket::ConnectParseResponse()
Trace: CSftpControlSocket::SendNextCommand()
Trace: CSftpControlSocket::ConnectSend()
Command: open "[email protected]" 22
Trace: Looking up host "system.internet.de"
Trace: Connecting to 192.168.3.108 port 8080
Trace: Proxy error: 502 Proxy Error ( Das Token, das der Funktion übergeben wurde, ist ungültig. )
Error: Proxy error: 502 Proxy Error ( Das Token, das der Funktion übergeben wurde, ist ungültig. )
Trace: CControlSocket::DoClose(64)
Trace: CSftpControlSocket::ResetOperation(66)
Trace: CControlSocket::ResetOperation(66)
Error: Could not connect to server
Trace: CFileZillaEnginePrivate::ResetOperation(66)
TMG protocol throws this
Protokolltyp: Webproxy (Forward)
Status: 0x80090308
Regel: Webzugriff FTP Test
Quelle: Intern (192.168.11.31:44673)
Ziel: Extern (78.46.182.171:22)
Anforderung: system.internet.de:22
Filterinformationen: Req ID: 106f1cb7; Compression: client=No, server=No, compress rate=0% decompress rate=0%
Protokoll: https-inspect
Benutzer: domain\user
Hope you can explain me what we doin wrong or how to find out whats the problem. I didn`t find many informations about "0x80090308" or "The token supplied to the function is invalid.". Disabling HTTPS Inspection for the Source 192.168.11.31
doesnt change anything...
Connection to an DMZ Host looks like this:
Filezilla
Status: Connecting to system.dmz...
Trace: Going to execute "C:\Program Files (x86)\FileZilla FTP Client\fzsftp.exe"
Response: fzSftp started
Trace: CSftpControlSocket::ConnectParseResponse(fzSftp started)
Trace: CSftpControlSocket::SendNextCommand()
Trace: CSftpControlSocket::ConnectSend()
Command: proxy 1 "tmg.local" 8080 "domain\user" "***********"
Trace: CSftpControlSocket::ConnectParseResponse()
Trace: CSftpControlSocket::SendNextCommand()
Trace: CSftpControlSocket::ConnectSend()
Command: open "[email protected]" 22
Trace: Looking up host "system.dmz"
Trace: Connecting to 192.168.3.108 port 8080
Trace: Server version: SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
Trace: Using SSH protocol version 2
Trace: We claim version: SSH-2.0-PuTTY_Local:_Mar_28_2014_10:34:48
Trace: Doing Diffie-Hellman group exchange
Trace: Doing Diffie-Hellman key exchange with hash SHA-256
Trace: Host key fingerprint is:
TMG Protocol
Protokolltyp: Webproxy (Forward)
Status: 0 Der Vorgang wurde erfolgreich beendet.
Regel: Webzugriff FTP Test
Quelle: Intern (192.168.11.31:48818)
Ziel: Umkreis 2 (192.168.200.205:22)
Anforderung: system.dmz:22
Filterinformationen: Req ID: 10727dce; Compression: client=No, server=No, compress rate=0% decompress rate=0%
Protokoll: SSL-tunnel
Benutzer: domain\user
Thanks in advance.
Regards
MatthiasHi Keith,
ok i found out the problem is https inspection is enabled....
- when i disable https inspection for source, same problem
- when i disable https inspection for destination, problem solved
the root cause why this worked is we had https inspection disabled for dmz destinations.
there is no direct route relation between the lan and dmz.
why is source exception not working in this? -
Strange issue with key authentication
I just installed Arch again after being away for a few years. Almost everything is running smoothly, but I ran into a weird problem with openssh. Namely, I can successfully log in with a key only if in /etc/ssh/sshd_config instead of the default
AuthorizedKeysFile .ssh/authorized_keys
I put
AuthorizedKeysFile /home/testuser/.ssh/authorized_keys
Of course I'd like to be able to use key authentication for more than just one user. Any ideas what I should change to make this possible?
The rest of the config file is:
# $OpenBSD: sshd_config,v 1.81 2009/10/08 14:03:41 markus Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
#Port 22
#AddressFamily any
ListenAddress 0.0.0.0
#ListenAddress ::
# The default requires explicit activation of protocol 1
#Protocol 2
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes
MaxAuthTries 6
#MaxSessions 10
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile /home/ardo/.ssh/authorized_keys
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
#PermitEmptyPasswords no
# Change to no to disable s/key passwords
ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no
#ChrootDirectory none
# no default banner path
#Banner none
# override default of no subsystems
Subsystem sftp /usr/lib/ssh/sftp-server
# Example of overriding settings on a per-user basis
Match User anoncvs
#X11Forwarding no
#AllowTcpForwarding no
#ForceCommand cvs serverThe default values in sshd_config aren't correct for the location of the authorized key file. See This Bug Post
Therefore, to resolve this, do one of these
1) Comment the line "#AuthorizedKeysFile .ssh/authorized_keys"
2) Change the line to "AuthorizedKeysFile %h/.ssh/authorized_keys"
My Original Post:
I cannot offer any helpful advice for resolution, but I can contribute that I am also having this issue. The default value for the authorized_keys location, as well as "~/.ssh/authorized_keys" does not work, however "/home/<username>/ssh/authorized_keys" does...
Actually, After a bit of tinkering, I rectified my sshd_config with a .pacnew and it seems to be working, at least with my macbook. Here is my sshd_config:
# $OpenBSD: sshd_config,v 1.81 2009/10/08 14:03:41 markus Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
Port 40000
Port 22
#AddressFamily any
ListenAddress 192.168.1.103
#ListenAddress ::
# The default requires explicit activation of protocol 1
#Protocol 2
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
LoginGraceTime 2m
PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
# Change to no to disable s/key passwords
ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
AllowAgentForwarding yes
AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes
PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no
#ChrootDirectory none
# no default banner path
#Banner none
# override default of no subsystems
Subsystem sftp /usr/lib/ssh/sftp-server
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# ForceCommand cvs server
Last edited by losl (2010-04-12 15:31:46) -
Hello,
We have a customer that has installed a kms host key on 6 servers, so now they have 6 KMS hosts running. They have contacted us because they realize they have done something wrong. I am new to kms and have been reading on technet for serveral hours now, but still some thing are unclear to me
If I understand correctly deployment of kms should be simple and straightforward
The easiest way (read to support the most kms clients) is to install a 2008 R2 server with a 2008 R2 host key. This will support vista, 7, 2003, 2008 and 2008R2 kms systems and enable them to activate. Is this correct ?
I install a windows vista machine or windows 7 machine using a volume license product key. After installation the activation will occur automatically against the kms host and no extra manual steps are needed. I do not need to install/add a kms client key on the vista or windows 7 machine. Is this correct ?
Can i deactivate systems that were actived directly (before deployment of the kms host) with Microsoft and reactivate them with the kms host ?
s it possible to uninstall a kms host and thus making it a regular kms client (to reduce the number of kms hosts from 6 to 2) ?
Thanks in advance
Kind Regards
Stijn DelenRegarding this question:
Question 1: "I install a windows vista machine or windows 7 machine using a volume license product key. After installation the activation will occur automatically against the kms host and no extra manual steps are needed. I do not need to
install/add a kms client key on the vista or windows 7 machine. Is this correct ?"
Answer: Yes, if your KMS host is set up properly, no extra steps are needed, they will activate automatically.
Question 2: "Can i deactivate systems that were activated directly (before deployment of the kms host) with Microsoft and reactivate them with the kms host ?"
Answer: You should not need to deactivate any systems. If they were activated with a MAK key, they're good forever...whether the KMS overrides the MAK, I don't know, but they can exist together peacefully. We have a mix in our environment of pcs we've
deployed using MAK keys (when we were first getting started) and pcs contacting our KMS server (pcs we've deployed more recently).
Maybe you are looking for
-
How to change at run-time the type of a step?
Hi, How topic title, i need to know how change at run-time the type of a step. I have, i my sub-sequence, a step whose type must change at run-time based upon the occurrence of a condition. How can do it? Thanks.
-
CRM Survey additonal mandantory conditions
Hello, the survey builder in CRM 5.0 allows to specify simple input fields or text-fields as mandantory, in order to ensure that the fields are going to be filled. But how you can you ensure, that radio buttons oder list boxes are mandantory as well?
-
Good apps and games for the disabled?
My brother in law was born premature and as a result has a number of neurological and muscular problems. He has been wheelchair bound since he was very young, and mentally he will likely not develop past about a third grade intellect. He is currently
-
Conditionally Mandatory or non-Mandatory field in Isupplier banking Detail Form.
Hi OA Experts I need to make a field mandatory or Non-Mandatory based on Lov item in page "/oracle/apps/pos/sbd/webui/SuppRegActPG", Can I do this by using VO extension , if yes, Kindly guide me as I am new to OAF.
-
I have a disc of photos to import that I want to keep in order. The photos come from several sources with assorted titles. How do I keep the burn order of the disc in an event folder?