Project and Portfolio Management Practitioners Forum
cancel
Showing results for 
Search instead for 
Did you mean: 

ERROR: Could not logon to xxxxxxxxxx]. (KNTA-10903)

SOLVED
Go to solution
Highlighted
Rash
Regular Collector

ERROR: Could not logon to xxxxxxxxxx]. (KNTA-10903)

Hi friends,

Please help find the below error while trying to SSH2 to a server from ITG

 


An error occured while executing the Environment Check commands. This may be due to incorrect or unsupported Environment settings; please review the log and make necessary adjustments. (KNTA-11064)  Execution Log
 

KSC Connect

Source Command: Env Check: Shell connection to Env server

Protocol: com.kintana.core.net.SSH2Client
Host:     xxxxxxxxxxxxUsername: itg_xxx
[2011/09/13 09:55:00 +0000] LOGON_ATTEMPT itg_xxx@xxxxxxxxx:22
SSH version received from remote host: SSH-2.0-OpenSSH_4.3
SSH version sent to remote host: SSH-2.0-1.0 Kintana SSH client
Initiating key exchange.
Succeeded in key exchange.
Authenticating user.
ERROR: Could not logon to [xlxxxxxxx].
All SSH authentication methods failed.  Check the Key Identity file or password.   (KNTA-10903)

6 REPLIES
dirkf
Honored Contributor

Re: ERROR: Could not logon to xxxxxxxxxx]. (KNTA-10903)

Hi Rash,

 

check if the following help:

 


1. Edit /etc/profile file and add these lines to the end of the file:

JAVA_HOME=/cygdrive/c/jdk1.6.0_07
export JAVA_HOME

save the file

2. And then modify the kVariables.sh script (in PPM_HOME/bin).

Add the following at the very start of the kVariables.sh script (after the comments at the start and before any code):

export JAVA_HOME=c:/jdk1.6.0_07
export PATH=$JAVA_HOME/bin:$PATH

 

Best regards,

Dirk

Rash
Regular Collector

Re: ERROR: Could not logon to xxxxxxxxxx]. (KNTA-10903)

 Hi Dirk,

 

This is not working :(

 

this problem is only for some server.. while some other server gets connected..

dirkf
Honored Contributor

Re: ERROR: Could not logon to xxxxxxxxxx]. (KNTA-10903)

Hi Rash,

 

sorry, a bit busy with my daily chores.

Please verify that the following is all set up correctly. If it then still doesn't work ok although everything IS setup accordingly please log a support case while someone else might know about a solution to this issue:

 

The following are steps needed to configure the Private Key authorization with SSH. This assumes that the SSH server is configured for Private Key authorization. Also, SSH server is installed and there is the ssh-keygen utility that is available on the ITG Server box.

Please validate that the ITG user account can be used to login to the remote host via the ssh session. Do the following to add the remote ssh host's RSA Certificate to the ITG Server ssh's known_hosts file.


Login to the ITG Server box as the ITG USER account.

From the command line execute "ssh @".

If this is the first time, it will prompt you to continue. Type in "yes" so it'll add the REMOTE_HOST's RSA key info. into the "known_hosts" file.

Terminate the ssh connection with remote host.

The basic configuration steps are : Generate the Private/Public Key; Add Generated Public Key to remote SSH Authorized_Key file; Configure ITG server.

1. Generate Private/Public Keys ( On ITG Server Box )
a. Log into the ITG Server box as the ITG user.
b. Change directory to ".ssh", hidden file under //.ssh
c. Execute the following ssh utility to generate the Private/Public key file. At this point, ITG only supports RSA key type and not the DSA. Please DO NOT provide the "passphrase". Instead, hit return twice.

ssh-keygen -t rsa -b 1024

d. Validate the "id_rsa" and "id_rsa.pub" file are created under the //.ssh directory.

2. Append Public key to remote SSH's authorized_keys file. ( Remote hosts )
a. Transfer, i.e. ftp, the above "id_rsa.pub" file to the remote SSH host box. Place the file under the //.ssh directory as "itg_id_rsa.pub".
b. Log into the remote host as the user id that ITG server will be using to connect as.
c. Change directory to ".ssh" directory under //.ssh
d. Append the content of the "itg_id_rsa.pub" to the authorized_keys file. If the file does not exists, please create it. If it exists, please append to it.

cat itg_id_rsa.pub >> authorized_keys

3. Configure ITG Server
a. Add the following ITG server directive into the server.conf file.
com.kintana.core.server.SSH_PRIVATE_IDENTITY_FILE=///.ssh/id_rsa

NOTE : / is the same as the directory specified in step (1b) above.

b. Change directory /bin and execute "kUpdateHtml.sh" to update the necessary startup files.
c. Restart the ITG server.

Validate the configuration :
1. Command Line( Outside of ITG server )
a. Log into the ITG Server box as the ITG_USER
b. Type "ssh @

This time around, there should be NO prompting for the password. It should login to the remote host using the RSA key file.

2. Within ITG Server
a. Open up the ITG Workbench
b. Goto Environments | Environments | New button.
c. Enter the Remote Host name for the "Environemnt Name" and populate the following fields under the Server section. Disable the Client and DB sections.
i. Name => Remote Server Name
ii. Type => OS Type, i.e. "Sun Solaris"
iii. Username => User Id used in step (2) above
iv. Password => Password for User Id in step (2) above
v. Base Path =>
vi. Connection Protocol => SSH2
vii. Transfer Protocol => Secure Copy 2
d. Save the profile
e. Click on the "Check" button at the bottom of the ITG Environment screen
f. Click on the Server | SSH and then "Check" button. The check should be successful.

 

Best regards,

Dirk

Rash
Regular Collector
Solution

Re: ERROR: Could not logon to xxxxxxxxxx]. (KNTA-10903)

Hi Dirk,

Thanks a lot for your notes;

 

But i have a small query before proceeding this.. this ssh fucntionality connection to this server was working fine till Aug 30th. last 2 weeks we are not able to connect to this server.. so proceeding your process will affect any way?

Jim Esler
Honored Contributor

Re: ERROR: Could not logon to xxxxxxxxxx]. (KNTA-10903)

The first test you should run is:

 

1) log in to your PPM server with the id used to run PPM.

2) ssh to the server that is having problems.

 

This will often give you a more specific error message than you can get from the environment check.

 

The failure you are seeing can be caused by the target server locking the id, possibly because of too many failed login attempts.

Rash
Regular Collector

Re: ERROR: Could not logon to xxxxxxxxxx]. (KNTA-10903)

Hi Dirk,

 

The isseu is finnaly fixed

with help of UNIX team

did changes in

etc/nsswitch.conf

:)

Thanks a lof for your help. Appreciated.

//Add this to "OnDomLoad" event