RemoteManager exception: Difference between revisions

Line 10: Line 10:


== Solution ==
== Solution ==
Regenerate the SSH key and make sure auth keys get updated in all the servers.
=== Regenerating Keys ===
To regenerate the ssh keys, on all hosts (as the zimbra user):
  zmsshkeygen
To deploy the keys, on all hosts (as the zimbra user):
  zmupdateauthkeys
=== Verifying sshd configuration ===
The authentication method assumes that sshd on the mta is running on port 22, and that RSA Authentication is enabled.  You can test the ssh command with:
  ssh -i .ssh/zimbra_identity -o strictHostKeyChecking=no zimbra@MAIL.DOMAIN.COM
(Swap MAIL.DOMAIN.COM for your hostname, as it appears in the error).
You should NOT be prompted for a password; if you are, recreate the ssh keys and retry the test.
If you're not running sshd on port 22, modify the zimbraRemoteManagementPort attribute on the server:
zmprov ms MAIL.DOMAIN.COM zimbraRemoteManagementPort 2222
Verify in /etc/sshd_config (or /etc/ssh/sshd_config) that the zimbra user is an allow user
AllowUsers admin zimbra
Note: applying this change resulted in not being to ssh as root. Should we add root to the list of AllowUsers!
As soon this fix you should be able to see the following logging in mailbox.log while accessing the queue in the monitoring tab of admin console.

Revision as of 06:36, 1 May 2018

Remote Manager Exception

ZCS 8.8 Article ZCS 8.8
ZCS 8.7 Article ZCS 8.7


Problem

While accessing the email queue or monitoring graphs and other services at times server gives the exception saying "Server error encountered" with the system failure exception during auth. mailbox.log would have similar exception. Keyword to look for is RemoteManager


Solution

Regenerate the SSH key and make sure auth keys get updated in all the servers.

Regenerating Keys

To regenerate the ssh keys, on all hosts (as the zimbra user):

 zmsshkeygen

To deploy the keys, on all hosts (as the zimbra user):

 zmupdateauthkeys

Verifying sshd configuration

The authentication method assumes that sshd on the mta is running on port 22, and that RSA Authentication is enabled. You can test the ssh command with:

 ssh -i .ssh/zimbra_identity -o strictHostKeyChecking=no zimbra@MAIL.DOMAIN.COM

(Swap MAIL.DOMAIN.COM for your hostname, as it appears in the error).

You should NOT be prompted for a password; if you are, recreate the ssh keys and retry the test.

If you're not running sshd on port 22, modify the zimbraRemoteManagementPort attribute on the server:

zmprov ms MAIL.DOMAIN.COM zimbraRemoteManagementPort 2222

Verify in /etc/sshd_config (or /etc/ssh/sshd_config) that the zimbra user is an allow user

AllowUsers admin zimbra

Note: applying this change resulted in not being to ssh as root. Should we add root to the list of AllowUsers!

As soon this fix you should be able to see the following logging in mailbox.log while accessing the queue in the monitoring tab of admin console.

Jump to: navigation, search