Private key failed

Wayne Workman · Mar 28, 2016, 7:54 AM

r6961 - Fedora 21
Host is a Lenovo L530 with Win7 Pro x64 with all recommended windows updates installed.

I have FOG Client version 0.9.11 installed on it. I’m not sure if this is because 0.9.12 was rolled back or if it’s because of the authentication failure.

The reset-encryption button was also missing for this host.

Here is the relevant logs, they just repeat this over and over:

------------------------------------------------------------------------------
--------------------------------Authentication--------------------------------
------------------------------------------------------------------------------
 3/28/2016 8:33 AM Client-Info Version: 0.9.11
 3/28/2016 8:33 AM Middleware::Communication URL: http://10.2.1.11/fog/management/other/ssl/srvpublic.crt
 3/28/2016 8:33 AM Data::RSA FOG Server CA cert found
 3/28/2016 8:33 AM Middleware::Authentication Cert OK
 3/28/2016 8:33 AM Middleware::Communication POST URL: http://10.2.1.11/fog/management/index.php?sub=authorize
 3/28/2016 8:33 AM Middleware::Communication Unknown Response: Private key failed
 3/28/2016 8:33 AM Service Sleeping for 120 seconds

------------------------------------------------------------------------------
--------------------------------Authentication--------------------------------
------------------------------------------------------------------------------
 3/28/2016 8:35 AM Client-Info Version: 0.9.11
 3/28/2016 8:35 AM Middleware::Communication URL: http://10.2.1.11/fog/management/other/ssl/srvpublic.crt
 3/28/2016 8:35 AM Data::RSA FOG Server CA cert found
 3/28/2016 8:35 AM Middleware::Authentication Cert OK
 3/28/2016 8:35 AM Middleware::Communication POST URL: http://10.2.1.11/fog/management/index.php?sub=authorize
 3/28/2016 8:35 AM Middleware::Communication Unknown Response: Private key failed
 3/28/2016 8:35 AM Service Sleeping for 120 seconds

------------------------------------------------------------------------------
--------------------------------Authentication--------------------------------
------------------------------------------------------------------------------
 3/28/2016 8:37 AM Client-Info Version: 0.9.11
 3/28/2016 8:37 AM Middleware::Communication URL: http://10.2.1.11/fog/management/other/ssl/srvpublic.crt
 3/28/2016 8:37 AM Data::RSA FOG Server CA cert found
 3/28/2016 8:37 AM Middleware::Authentication Cert OK
 3/28/2016 8:37 AM Middleware::Communication POST URL: http://10.2.1.11/fog/management/index.php?sub=authorize
 3/28/2016 8:37 AM Middleware::Communication Unknown Response: Private key failed
 3/28/2016 8:37 AM Service Sleeping for 120 seconds
 3/28/2016 8:39 AM Service Stop requested
 3/28/2016 8:39 AM Bus {
  "channel": "Status",
  "data": "{\r\n  \"action\": \"unload\"\r\n}"
}
 3/28/2016 8:39 AM Bus Emmiting message on channel: Status
 3/28/2016 8:39 AM Bus Became bus server
 3/28/2016 8:39 AM Bus {
  "channel": "Status",
  "data": "{\r\n  \"action\": \"load\"\r\n}"
}
 3/28/2016 8:39 AM Bus Emmiting message on channel: Status

------------------------------------------------------------------------------
--------------------------------Authentication--------------------------------
------------------------------------------------------------------------------
 3/28/2016 8:39 AM Client-Info Version: 0.9.11
 3/28/2016 8:39 AM Middleware::Communication URL: http://10.2.1.11/fog/management/other/ssl/srvpublic.crt
 3/28/2016 8:39 AM Data::RSA FOG Server CA cert found
 3/28/2016 8:39 AM Middleware::Authentication Cert OK
 3/28/2016 8:39 AM Middleware::Communication POST URL: http://10.2.1.11/fog/management/index.php?sub=authorize
 3/28/2016 8:39 AM Middleware::Communication Unknown Response: Private key failed
 3/28/2016 8:39 AM Service Sleeping for 120 seconds

------------------------------------------------------------------------------
--------------------------------Authentication--------------------------------
------------------------------------------------------------------------------
 3/28/2016 8:41 AM Client-Info Version: 0.9.11
 3/28/2016 8:41 AM Middleware::Communication URL: http://10.2.1.11/fog/management/other/ssl/srvpublic.crt
 3/28/2016 8:41 AM Data::RSA FOG Server CA cert found
 3/28/2016 8:41 AM Middleware::Authentication Cert OK
 3/28/2016 8:41 AM Middleware::Communication POST URL: http://10.2.1.11/fog/management/index.php?sub=authorize
 3/28/2016 8:41 AM Middleware::Communication Unknown Response: Private key failed
 3/28/2016 8:41 AM Service Sleeping for 120 seconds

I noticed the issue when the target host wouldn’t join the domain automatically. I’ve not done anything to my key. This morning I just ran svn up in the trunk directory and then ran the installer with the -y argument as usual.

For the moment I’m going to roll back because I need to go image a lab. Later today I’ll have more time to look at what’s wrong.

Wayne Workman · Mar 28, 2016, 1:56 PM

Rolling back to r6677 caused the error to change to “Invalid Security Token”, and the “Reset Encryption” button also came back. After resetting the encryption, it seems to be working fine now.

Tom Elliott · Mar 28, 2016, 2:05 PM

@Wayne-Workman Should now be fixed.

Wayne Workman · Mar 28, 2016, 3:39 PM

Confirmed fixed in r6963

Raymond Bell · Mar 28, 2016, 4:14 PM

@Tom-Elliott I am getting this with r5130 v6963 over and over

------------------------------------------------------------------------------
--------------------------------Authentication--------------------------------
------------------------------------------------------------------------------
 3/28/2016 7:10 PM Client-Info Version: 0.9.11
 3/28/2016 7:10 PM Middleware::Communication URL: http://10.24.28.18/fog/management/other/ssl/srvpublic.crt
 3/28/2016 7:10 PM Data::RSA FOG Server CA cert found
 3/28/2016 7:10 PM Middleware::Authentication Cert OK
 3/28/2016 7:10 PM Middleware::Communication POST URL: http://10.24.28.18/fog/management/index.php?sub=authorize
 3/28/2016 7:10 PM Middleware::Communication Unknown Response: Private key not found
 3/28/2016 7:10 PM Service Sleeping for 120 seconds```

Tom Elliott · Mar 28, 2016, 4:16 PM

@Raymond-Bell No, you’re not.

THe indicator?

Your client version is on 0.9.11. It’s about about a week or so that 0.9.12 has been out.

Raymond Bell · Mar 28, 2016, 4:21 PM

@Tom-Elliott so i need to upload the new client to all 900 computers?

Tom Elliott · Mar 28, 2016, 4:26 PM

@Raymond-Bell You shouldn’t need to do anything because the client’s auto update.

Raymond Bell · Mar 28, 2016, 4:26 PM

@Tom-Elliott said:

@Raymond-Bell You shouldn’t need to do anything because the client’s auto update.

Ok i will just sit back and give it time and see what happens
Thanks

Tom Elliott · Mar 28, 2016, 4:27 PM

Does the /opt/fog/snapins/ssl/.srvprivate.key exist on the 10.24.28.18 server?

Raymond Bell · Mar 28, 2016, 4:29 PM

@Tom-Elliott said:

Does the /opt/fog/snapins/ssl/.srvprivate.key exist on the 10.24.28.18 server?

Yes sir

Raymond Bell · Mar 28, 2016, 4:55 PM

@Tom-Elliott Client is updated on all computers
This was on a test computer i just had put a image on and the image has the old 9.11
Did not give it time to update

MY MISTAKE!!!

Tom Elliott · Mar 28, 2016, 4:55 PM

@Raymond-Bell So you’re good to go now?

Raymond Bell · Mar 28, 2016, 5:00 PM

@Tom-Elliott said:

@Raymond-Bell So you’re good to go now?

Just re-imaged going to let it sit and update the client and see what happens. but i checked random computers i imaged from last week with same image and they are doing fine. So i am guessing i did not give it time to update after i imaged it. Going to check it and make sure after lunch. Will let you know…

Raymond Bell · Mar 28, 2016, 6:29 PM

@Tom-Elliott
It still has not up to 9.12
How long does it take? it has been about 1 1/2 hour
Is there a way to force this update to a client

------------------------------------------------------------------------------
--------------------------------Authentication--------------------------------
------------------------------------------------------------------------------
 3/28/2016 10:23 PM Client-Info Version: 0.9.11
 3/28/2016 10:23 PM Middleware::Communication URL: http://10.24.28.18/fog/management/other/ssl/srvpublic.crt
 3/28/2016 10:23 PM Data::RSA FOG Server CA cert found
 3/28/2016 10:23 PM Middleware::Authentication Cert OK
 3/28/2016 10:23 PM Middleware::Communication POST URL: http://10.24.28.18/fog/management/index.php?sub=authorize
 3/28/2016 10:23 PM Middleware::Communication Unknown Response: Private key not found
 3/28/2016 10:23 PM Service Sleeping for 120 seconds

------------------------------------------------------------------------------
--------------------------------Authentication--------------------------------
------------------------------------------------------------------------------
 3/28/2016 10:25 PM Client-Info Version: 0.9.11
 3/28/2016 10:25 PM Middleware::Communication URL: http://10.24.28.18/fog/management/other/ssl/srvpublic.crt
 3/28/2016 10:25 PM Data::RSA FOG Server CA cert found
 3/28/2016 10:25 PM Middleware::Authentication Cert OK
 3/28/2016 10:25 PM Middleware::Communication POST URL: http://10.24.28.18/fog/management/index.php?sub=authorize
 3/28/2016 10:26 PM Middleware::Communication Unknown Response: Private key not found
 3/28/2016 10:26 PM Service Sleeping for 120 seconds```

Joe Schmitt · Mar 28, 2016, 7:02 PM

@Raymond-Bell said:

How long does it take

The client will only update if it can authenticate. You have to get the private key not found error fixed before the client will function. If this error was not present, the client would auto update within a minute.

Raymond Bell · Mar 28, 2016, 7:34 PM

@Jbob
Thats what i was thinking so it has to be something with the new trunk

Joe Schmitt · Mar 28, 2016, 11:28 PM

@Raymond-Bell for the record I too had this issue but upgrading to the latest revision in trunk fixed it.

Raymond Bell · Mar 29, 2016, 12:28 PM

@Jbob Updating now to r5136 and will see what happens

Raymond Bell · Mar 29, 2016, 7:26 AM

@Tom-Elliott @Jbob Update trunk to r5136 and still getting same error

------------------------------------------------------------------------------
--------------------------------Authentication--------------------------------
------------------------------------------------------------------------------
 3/29/2016 7:45 AM Client-Info Version: 0.9.11
 3/29/2016 7:45 AM Middleware::Communication URL: http://10.24.28.18/fog/management/other/ssl/srvpublic.crt
 3/29/2016 7:45 AM Data::RSA FOG Server CA cert found
 3/29/2016 7:45 AM Middleware::Authentication Cert OK
 3/29/2016 7:45 AM Middleware::Communication POST URL: http://10.24.28.18/fog/management/index.php?sub=authorize
 3/29/2016 7:47 AM Bus Became bus server
 3/29/2016 7:47 AM Bus {
  "channel": "Status",
  "data": "{\r\n  \"action\": \"load\"\r\n}"
}
 3/29/2016 7:47 AM Bus Emmiting message on channel: Status

------------------------------------------------------------------------------
--------------------------------Authentication--------------------------------
------------------------------------------------------------------------------
 3/29/2016 7:47 AM Client-Info Version: 0.9.11
 3/29/2016 7:47 AM Middleware::Communication URL: http://10.24.28.18/fog/management/other/ssl/srvpublic.crt
 3/29/2016 7:47 AM Data::RSA FOG Server CA cert found
 3/29/2016 7:47 AM Middleware::Authentication Cert OK
 3/29/2016 7:47 AM Middleware::Communication POST URL: http://10.24.28.18/fog/management/index.php?sub=authorize
 3/29/2016 7:48 AM Middleware::Communication Unknown Response: Private key not found
 3/29/2016 7:48 AM Service Sleeping for 120 seconds

And the key is there

fog@fog-virtual-machine14:/opt/fog/snapins/ssl$ ls
CA  fog.csr
fog@fog-virtual-machine14:/opt/fog/snapins/ssl$ ls .?*
.srvprivate.key

..:
ssl
fog@fog-virtual-machine14:/opt/fog/snapins/ssl$

Private key failed

249

12.0k

17.3k

155.2k