LMS 4.01 :credentials vérification SSH enable don't work

Similar Messages

• LMS 4.2 is not releasing SSH connections of the devices

  Hello!
  We have LMS opens SSH sessions to Nexus 5000 devices as part of some jobs.
  These SSH connections are not being released by LMS as soon as jobs are completed, which leads the N5K devices to hang without any way of managing them remotely.
  We see these connections as idle on the nexus devices (which also should kill these sessions, but this is not the issue).
  We have found a known bug:
  CSCty90928
  LMS Pari jobs are not releasing SSH,telnet connections of the devices
  Symptom:
  Telnet/SSH connections are not released by LMS
  Conditions:
  Pari collections jobs are not releasing the connections after the Job completed
  Workaround:
  None
  This bug is categorized as "2 – severe" and is in "Open (Postponed)" status.
  I have a few questions, if anyone can assist:
  1.) What is the ETA to fix this bug?
  2.) Are there any other known bugs matching what we see (documented public bugs, with bug ID's, internal bugs or even undocumented bugs).
  3.) Is there any released or unreleased (even yet to be tested by TAC) patch we can use that should fix the issue?
  4.) Is there any way to adjust LMS idle timeout of SSH/Telnet sessions (I couldn't find it in the GUI, but maybe there is a way to change this parameter using a perl script or modifying one of LMS properties files)?
  Thanking in advance, Udi Dahan.

  Hello Ehud
  From N5k side we have submitted bug CSCty00044
  Currently there is no fix for it and our debelopment team is catively working on it and investigating the issue in the lab.
  To get ETA for the release I would suggest you reach your account team and check with them how fast fixed release will be available.
  HTH,
  Alex

• SSH Key login not working when added to gpg-agent

  Hello,
  As I use gnupg, I run the gpg-agent. I run it with systemd --user and it works flawlessly. As I already run gpg-agent, I figured I might as well just add my ssh keys to it as well. Therefore I start gpg-agent with --enable-ssh-support. I use my SSH keys a lot and never had any problems with connecting to anything with a simple ssh .... or pushing things to git etc.
  As the SOCKS_AUTH_SSH envvar needs to be set for ssh-add to work, I added this line to my .bashrc
  export SSH_AUTH_SOCK=~/.gnupg/S.gpg-agent.ssh
  Now, adding my SSH Keys with a simple ssh-add seems to work fine (no errors etc).
  However, when I try to connect to a server now, the following happens:
  ssh -vT [email protected]
  OpenSSH_6.8p1, OpenSSL 1.0.2a 19 Mar 2015
  debug1: Reading configuration data /etc/ssh/ssh_config
  debug1: Connecting to XXXXXXXXX port XXXXX.
  debug1: Connection established.
  debug1: identity file /home/XXXXX/.ssh/id_rsa type 1
  debug1: key_load_public: No such file or directory
  debug1: identity file /home/XXXXX/.ssh/id_rsa-cert type -1
  debug1: Enabling compatibility mode for protocol 2.0
  debug1: Local version string SSH-2.0-OpenSSH_6.8
  debug1: Remote protocol version 2.0, remote software version OpenSSH_6.8
  debug1: match: OpenSSH_6.8 pat OpenSSH* compat 0x04000000
  debug1: SSH2_MSG_KEXINIT sent
  debug1: SSH2_MSG_KEXINIT received
  debug1: kex: server->client aes128-ctr [email protected] none
  debug1: kex: client->server aes128-ctr [email protected] none
  debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
  debug1: Server host key: ecdsa-sha2-nistp256 SHA256:Mw5MTDp91yExgStdoMPMwi2yZdoG9MruOm+6XiC5Vks
  debug1: Host '[XXXXXXX]:XXX' is known and matches the ECDSA host key.
  debug1: Found key in /home/XXXX/.ssh/known_hosts:1
  debug1: SSH2_MSG_NEWKEYS sent
  debug1: expecting SSH2_MSG_NEWKEYS
  debug1: SSH2_MSG_NEWKEYS received
  debug1: Roaming not allowed by server
  debug1: SSH2_MSG_SERVICE_REQUEST sent
  debug1: SSH2_MSG_SERVICE_ACCEPT received
  debug1: Authentications that can continue: publickey
  debug1: Next authentication method: publickey
  debug1: Offering RSA public key: /home/XXXXX/.ssh/id_rsa
  debug1: Server accepts key: pkalg ssh-rsa blen 279
  debug1: No more authentication methods to try.
  Permission denied (publickey).
  Which is very strange as id_rsa is my (ecrypted) private key. I am also prompted to enter the corresponding password when issuing ssh-add.
  What could the problem be in this case? Thanks a lot!!
  Last edited by replax (2015-05-18 19:06:58)

  replax wrote:Well, there is something listed in .gnupg/sshcontrol , I am not sure if it is connected to my own key though. I tried ssh-add -l and it will list my one key, although it is different from the one in sshcontrol. I suspect that that is an issue of presentation though, as ssh-add spews out the SHA256 of my key..
  How could I go about verifying that they key is indeed correct? Shouldn't it be added automatically by ssh-add?
  Thanks a lot!!
  Yes it should be added automatically. I suppose you could try it in a new user just to start fresh and see if it works, at least then you'll have either verified that your steps were correct or incorrect.

• "Enable Swipe" don't work and Tablet Layout on a Smartphone

  Hi there,
  I have two big problems with my own site www.mhgrafikdesign.de:
  1. I have different slideshows in my tablet version of my site. I created the slideshow before one of the updates with the feature "Enable swipe" came out. However, it worked well on my Samsung Galaxy Tab 10.1n. Now I have a Microsoft Surface and it's not working anymore although "Enable Swipe" is enabled. I don't know if the Microsoft Surface has problems with the slideshow or one of the updates has "damaged" my slideshow. Please help me! Any ideas?
  2. I have a HTC 8S smartphone and if I type www.mhgrafikdesign.de my smartphone always show me the tablet version. Any idea why? P.S. Swiping there is also not possible.
  Many thanks for quick help. My website is my flagship in the web and it's a little bit embarrassing if my slideshow on the tab don't work... = /

  This is now a slideshow created with Muse: Homepage
  The slideshow uses fullscreen mode and was build with the latest version of Muse. On my Win8-Tablet, it is not working. I tested this with the IE11 in desktop- and in modern-ui-mode.
  Next to this problem, I also run into these things:
  1. Using the buttons to go forward and backward in the slideshow will select the text-arrow inside the button when touched.
  2. Clicking the forward- and backward-button behaves different. Windows Desktop -> slideshow does not roll back, so you can click forever in one direction, no feedback that you reached the end. On iOS -> slideshow will be rolled back and you get the visual feedback to start over again.
  3. Zoom into the fullscreen-slideshow will result in strange and not really controllabel behaviour. Zooming in does not allow to pan.
  But I am not talking only about the phones. It is more about windows tablets in general. So, content can be viewed in the InternetExplorer11 in desktop-mode and also in modern-UI-mode (touch does work in both modes). But it is also possible, that people use other browsers like Firefox and Chrome. I think, it would be a quite a good idea to translate the movement of the mousepointer into gestures. This javascript library shows what I think is a good aproach: Hammer.JS - Hammer.js

• Adobe Flash & Javascript don't work even though Enabled

  Ever since what I think was either a Firefox upgrade (I don't know which one) or installation of Quicktime, my Adobe Flash Plugin is perpetually crashed and I cannot play any Flash content on any website. All that displays in place of the video is a gray screen with the sad-face Lego icon and the message: “The Adobe Flash Plugin has crashed. Please reload the page to try again.” (See attached image.) But it will not resolve when reloaded.
  No Flash videos on any sites work. HTML5 videos work on YouTube when tested, but non-HTML5 videos won't work.
  Also, my Javascript does not seem to be working since at least some displays requiring javascript don't work. Sometimes the display just doesn't work, and sometimes I get a message that javascript is disabled and must be enabled, but it is already enabled (set to “true” in about:config).
  I have spent days scouring every help forum entry I can find on troubleshooting Flash Player and Javascript. Everything on my end seems to be in order and I cannot find or fix either problem. I think it is possible the issue could have its roots in the fact that Javascript seems to not be working which may be preventing Flash Player content from working...??
  Also, Flash content does work in I.E. but not in Firefox (I do not have Chrome installed so did not test in Chrome). I have too many window tabs open in Firefox and can't switch to I.E. (nor do I like to use I.E.).
  PLEASE HELP as this is crippling for very important work deadlines I have.
  This is what else I know and have tried:
  I have a Toshiba Satellite C75D-A Laptop;
  Processor: AMD A6-5200 APU with Radeon HD Graphics; x64; 2.00 Ghz;
  RAM: 8 MB;
  OS: 64-bit system; Windows 8.1 (but some auto-check utilities detect it as 8.0 because it was upgraded.);
  Graphics Card: “Desktop Graphics” System – AMD Radeon HD 8400 (0x9830);
  Installed Graphics Driver Version: AMD 13.352.1004.1007 (Driver Date: 4/22/2014)
  My Device Manager graphics driver updater states: “driver software is up to date.”
  From the AMD website: the graphics driver auto-detect utility recommended the AMD Catalyst Driver (amd-catalyst-omega-14.12-without-dotnet45-win8.1-64bit.exe) I tried installing this driver, but it won't install. After trying to install, I got a message stating: “We are unable to find a driver for your system.” But Device Manager states I have a current driver, and my graphics card & driver seem to be working fine, so I do not believe this is part of the issue.
  I am using Latest Firefox version 35.0.1; and
  Using Latest Flash Player: 32-bit NPAPI Plug-in Version: 16.0.0.296; designated: “always activate” (Downloaded new update several times, including fresh install after uninstall; system & web address icons indicate Flash is enabled).
  I turned off hardware acceleration in FF Tools>Options>Advanced>General
  I disabled WebGL as explained here: https://support.mozilla.org/en-US/kb/upgrade-graphics-drivers-use-hardware-acceleration
  I am using Ad-Block Plus which has never affected things in the past. I have not tried starting FF in Safe Mode because I believe I will lose all open tabs and not be able to recover them (I may have over 200 open). But disabling add-ons has no effect (I disabled all except for Sessions Manager in case of a crash). (My No-Script has been disabled for at least six months.)
  I have Windows Media Player and Quicktime installed.
  Quicktime is most recent upgrade (7.7.6) so should not be a problem according to:
  “QuickTime plugin takes over Flash” at:
  http://kb.mozillazine.org/Flash#Disabling_Protected_Mode_in_Flash_11.3
  (note underscores in place of spaces in string; underscores not insertable here)
  Disabling Quicktime had no effect in the prior version of FF (ver. 35.0), but in latest FF ver. 35.0.1, Flash videos only display a plain (blank) gray screen instead of the sad-faced icon and crash message.
  (I tried to uninstall Quicktime altogether, but was not able to due to Error codes 2502 & 2503. I tried troubleshooting that as well with no luck using methods successful for other programs, including here:
  http://www.fixkb.com/2014/01/error-2503-and-2502-when-uninstalling-on-windows-8.html;
  & here:
  http://answers.microsoft.com/en-us/windows/forum/windows_8-winapps/re-internal-error-codes-2502-and-2503-for/ba5f2145-aa6e-4cc0-81a7-e4346f43b698.)
  Disabling my FF theme and using the default brought back the sad-faced icon and crash message in the place of videos on some YouTube pages, but not other YouTube pages (where video was still blank gray screen). It also enabled a still Flash image (an ad) to display on a different website page that previously had a Flash Plugin crash message. I have been using this same theme for a couple of years without previous issue. While turning it off did generate an effect on some still imagery, it didn't fix the video problem.
  I tried Disabling Protected Mode in Flash 11.3 as explained here:
  http://kb.mozillazine.org/Flash#Disabling_Protected_Mode_in_Flash_11.3
  (note underscores in place of spaces in string; underscores not insertable here).
  It did not solve the issue.
  I also deleted all storage & data in Flash Player as advised. This had no effect either.
  I've tried all solutions I've been able to find and am at a loss for what to try next. Please help and advise ASAP. Thank you!!

  ''guigs2 [[#answer-684038|said]]''
  <blockquote>
  I truely admire the efforts that have been made to make this work.
  "“We are unable to find a driver for your system.” "
  For it not installing, you need to follow these instructions to install them: see the comments: [http://answers.microsoft.com/en-us/insider/forum/insider_wintp-insider_devices/windows-10-atiamd-display-drivers/50944d10-dde3-4e08-8244-d54eb2b1e7de] --> take warning though it looks like it has caused issues for others as well.
  Since it was working for some youtube videos and not others, there might be an issue with a particular video codec. DO you have OpenH264 Video Codec provided by Cisco Systems, Inc. plugin?
  Is it possible to try Safe Mode after saving your session with [https://addons.mozilla.org/en-US/firefox/addon/session-manager/ Session Manager Addon]? IT would test hardware acceleration in Firefox.
  </blockquote>
  Thank you, guigs2! Sorry for my delayed reply...I didn't realize I hadn't gotten back to you. Update is that I did try a whole slew of other troubleshooting steps including starting FF in safe mode, to no avail. However, I was FINALLY (after months) able to solve this problem just today by pure chance!
  The problem was that hardware acceleration was enabled in the Flash settings. I had not been able to turn it off because I didn't have access to the Flash Player settings as long as the crash error message was visible, which was all the time! Today, by a sheer fluke, I saw a static picture in place of the crash message on a Flash video. I snagged the opportunity to call up the settings and turn off hardware acceleration, and it fixed the problem for my whole browser! This has been a frustrating issue because I did not have access to the settings utility as long as I had the crash message, which was always, so my Flash was crippled without the ability for me to fix it until pure luck gave me this window of opportunity.
  Does anyone know another way to access the settings utility if this ever happens again in the future? I could not find a way. (Incidentally, I had tried disabling hardware acceleration via my graphics driver settings, but it didn't fix the problem.) We need Adobe to allow some other way to access the Flash Player settings utility when this problem arises since they aren't accessible when there is a static crash message.
  Thanks again!

• Steps to enable BPEL to work after destination database outage?

  re.Steps to enable BPEL to work after destination database outage?
  Am wondering re. Steps to enable BPEL to work after destination database outage?
  Am getting BPEL console errors:
  Connection reset Error Code: 17002
  (have raised SR 5381930.992)

  Update from SR 5381930.992 seems to indicate this may relate to version of target database (version 8).
  10-MAY-06 06:08:43 GMT
  ACTION PLAN
  ============
  The schedule retried for many times because of the error "java.sql.SQLException: No more data to read from socket" occured.
  As I can not reproduce the same error in my internal system which using 10g data
  base. I think the cause of the issue is the database version you are using.
  Here is the action plan:
  1. Run the test with 9i or 10g database again, to see if the error "No more data to read from socket Error Code: 17410." occurs or not?
  2. provide the detail version of database, so that I can reproduce the issue in
  my internal system.
  Regards,
  Pete
  10-MAY-06 06:09:08 GMT
  Email Update button has been pressed: Sending email to [email protected]
  09-MAY-06 23:36:43 : CHANGES MADE VIA MetaLink
  NOT YET FORWARDED TO OUR INTERNAL SYSTEMS :
  New info : FORALL :
  Regarding 1./ If I target stdbdev (oracle 9) then I can confirm that these
  unneccesary retry lines do not occur ...
  Regarding 2./ SQLPlus indicates that Coopdev is : Oracle8i Enterprise Edition
  Release 8.1.7.2.0

• After update Mac OS 10.9.1 Trim Enabler does not work anymore!

  After updating from Mac OS 10.9.0 to 10.9.1 the program Trim Enabler does not work anymore and my 4 SSDs from Samsung and Kingston are no longer supported.
  What can I do?
  Should I scrap my SSDs?
  Why does Apple do such things?
  Will Apple that I switch to Windows? There Trim works with all SSDs and BluRay will not boycott!

  Apple does not support TRIM for SSDs that were not factory
  installed and TRIM Enabler is a hack to get around this.  Any
  hack is always subject to being disabled, or worse, with any
  system update whether it is OSX or Windows.

• Interactive pages don't work on Skill soft LMS

  Hi, We are working on a course using captivate 6 and some interactive pages are developed using flash and integrated in captivate. these interactivities work fine if we review it from any LMS or offline but our client has Skill soft LMS where these interactivities don't work. Any idea what could be the issue here?

  Hi,
  I have also created a captivate 6 course using flash interactive pages, there are many issues such as interactive screens not work, audio does not play well, it get cut off at the end on Skill soft LMS. Also the course completion in not getting recorded.
  Has anyone here found any solution or any workaround to solve this issue.
  Is there any other way to publish the files to support Skill soft?

• Tabulation and arrow keys don�t work through ssh

  Hi!
  I just got a solaris 10 on a v240. But I loggin through SSH, tabulation key and arroy keys don� t work. It � s quite nasty because I cannot just repeat a command for example, I�ve to type it allover again. I� m quite surprised because I have an old solaris where it does work without problem. Should I change something in the configuration?
  Thanks

  Is your shell one that you want?
  csh and sh don't support autocompletion or arrow histories. you'd need tcsh or bash or something.
  Darren

• Ssh via vpn not working in Snow Leopard

  On a MacBook Pro with Snow Leopard, I want to log into a remote server on my employer's lan via ssh over a vpn connection. The vpn works because I can access a local twiki on that lan with no problem, but I can't run ssh or even ping. This is not a DNS issue because it happens even with explicit numerical IPv4 addresses.
  On an older G4 iBook with Tiger, ssh and ping both work. I can run the two laptops side by side with simultaneous VPN connections; and Tiger will succeed, but Snow Leopard fails. Turning off the firewall on the MacBook Pro makes no difference. Could someone please give me an idea of what is going on?
  I can't get help from my employer's IT staff because we are a Windows operation and would just as soon switch me over to Windows 7. Thanks.
  Clint

  My problem seems to be due to an advanced option in the Snow Leopard VPN preference to "Send all traffic over VPN connection." The domain that I was trying to reach is actually not on my company LAN, but successful ssh'ing to it seems to require that the request to come from a LAN IP address. Without the traffic redirection option, Snow Leopard tries to invoke ssh through my home IP address, which will then time out without making a connection. I think that Tiger automatically redirects traffic to the VPN whenever it is active.
  (Note that when setting a VPN preference, it does not go into effect until after leaving the Network preference pane.)

• Firefox will not allow Flash player to work. How do I enable Flash to work in Firefox? Thank you.

  Question
  Firefox will not allow Flash player to work. Every site that uses Flash player gives me a message saying that I need to update to the latest version of Flash player, but I have done so, and I keep getting the same message. How do I enable Flash to work in Firefox? Thank you.

  You can hold down the Shift key and double click the Firefox desktop icon to start Firefox in [[Safe mode]].

• I am running SSH in Terminal window and my function keys don't work.

  Hi all,
  The company I am working in is using mainly Windows and they are running a database on Putty.exe
  I managed to set up the SSH in Terminal on Mac OSX and I can see the database well and fine. Certain "commands" within the database are executed by numbers 1, 2, 3 etc while other "commands" are executed by function keys F1, F2 - F16 etc. However, when I press the F1 - F12 keys on my keyboard, they don't work as expected.
  If any one has any expert advice, I would greatly appreciate it, thanks!

  FInd out from your database administrator what terminal type the database application supports. Examples of terminal types are vt100 and ansi. Now go back to the Mac's Terminal Preferences and set the terminal to the matching type.

• Does LMS 3.2 still use need rcp enabled on our devices?

  LMS 3.2 running on Unix in a master-slave configuration.
  Our security team is asking us why we need rcp (port 514) enabled on our routers.
  It's becuase of the following standard commands;
  ip rcmd rcp-enable
  ip rcmd remote-host cwuser <ip address of LMS> cwuser enable
  I believe these commands helped with the archiving of the device configurations? I know it's been a standard command of ours for years, but am not sure if it is still needed?
  Any information you can provide would help.
  Thanks,

  RCP is optional.  If you would rather use TFTP, SSH, SCP, etc. you can disable RCP.  By default, LMS/RME will use TFTP, TELNET, and SSH for config archive.

• LMS 3.2 credentials/username question

  I recently installed the trial version of LMS 3.2 on a single server (10.1.1.1).  Now my head is spinning over what credentials i'm using vs authorization to modify a routers config vs device config. etc etc.
  I've added a bunch of devices, but I cannot configure any devices via LMS.
  I added a user called lmsuser to my routers/swiches.
  I added the loggin 10.1.1.1 comment to my routers/switches.
  I added read and write community ("readstring" and "writestring" strings to my routers/switches).
  Question
  1) I currently log into the portal using username: admin.  Is this used anywhere other than getting into the portal?
  2) I created a credential set called "firstset" with a user called lmsuser and readstring and writestring community strings.  Do I need to do something to associate "firstset" with each device in the DCR?
  3) When configuring RME credentials, do I use the the IP 10.1.1.1?
  4) In cisco view I see views of my devices.  When I right click on a switch interface and select "disable" I end up with an error message about not having permission to make the change.  What secret handshake is required to make this happen?
  I feel like I'm just not connecting the dots here.  Thanks in advance.

  1. No.  These credentials are only used to access LMS applications (the portal, command line, etc.).  They are not used to communicate with devices.
  2. It depends on how you are adding devices to LMS.  Each way (manual add, Discovery, import) allow you to choose a credential set, or use an automatic credential set.  If you choose automatic, then a credential set will be applied to your devices based on the rules you have defined.  Note: credential sets are only automatically applied when a device is added to DCR.  You can choose to manually apply credential sets later, but if you modify a credential set after a device is added to DCR, those changes will not automatically be applied to your existing devices.
  3. I don't understand.  This is the IP of the LMS server.  I'm not to sure what "RME credentials" you are referring, but I can't imagine where you would add 10.1.1.1 with any credentials.
  4. You need an SNMP read-write credential (e.g. community string) configured for the device in DCR (i.e. under Common Services > Device and Credentials > Device Management).

• LMS 4.0 - credentials

  Hello,
  I installed new switchs on my network and I have others credentials than the oldest switches. I created a new credential set name with my new username and password (Admin -> Network -> Device Credential Settings -> Default Credential Sets)
  I'm not sure if it's the good way how to apply this new profile to my new switches. I created a default credential sets policy configuration with the hostname for my new switchs and the credential sets to use.
  I generated a verfication credential report but the result is that I have not the correct account and password for Telnet and SSH.
  Could you please help me?
  Thanks.

  A little mistake. Not only CFM, all LMS4.0 modules cannot SSH to the managed switches.
  Regards
  Hubert