RemoteManager exception

Revision as of 06:37, 1 May 2018 by Asrivastava (talk | contribs) (Problem)

Remote Manager Exception

ZCS 8.8 Article ZCS 8.8
ZCS 8.7 Article ZCS 8.7


While accessing the email queue or monitoring graphs and other services at times server gives the exception saying "Server error encountered" with the system failure exception during auth. mailbox.log would have similar exception. Keyword to look for is RemoteManager

com.zimbra.common.service.ServiceException: system failure: exception during auth {RemoteManager:>}
ExceptionId:qtp1068934215-357:https:https ://
       at com.zimbra.common.service.ServiceException.FAILURE(
       at com.zimbra.cs.rmgmt.RemoteManager.getSession(
       at com.zimbra.cs.rmgmt.RemoteManager.execute(
       at com.zimbra.cert.GetCert.addCertsOnServer(
       at com.zimbra.cert.GetCert.handle(

       Caused by: There was a problem while connecting to
               at ch.ethz.ssh2.Connection.connect(
               at ch.ethz.ssh2.Connection.connect(
               at com.zimbra.cs.rmgmt.RemoteManager.getSession(
               ... 59 more


Regenerate the SSH key and make sure auth keys get updated in all the servers.

Regenerating Keys

To regenerate the ssh keys, on all hosts (as the zimbra user):


To deploy the keys, on all hosts (as the zimbra user):


Verifying sshd configuration

The authentication method assumes that sshd on the mta is running on port 22, and that RSA Authentication is enabled. You can test the ssh command with:

 ssh -i .ssh/zimbra_identity -o strictHostKeyChecking=no zimbra@MAIL.DOMAIN.COM

(Swap MAIL.DOMAIN.COM for your hostname, as it appears in the error).

You should NOT be prompted for a password; if you are, recreate the ssh keys and retry the test.

If you're not running sshd on port 22, modify the zimbraRemoteManagementPort attribute on the server:

zmprov ms MAIL.DOMAIN.COM zimbraRemoteManagementPort 2222

Verify in /etc/sshd_config (or /etc/ssh/sshd_config) that the zimbra user is an allow user

AllowUsers admin zimbra

Note: applying this change resulted in not being to ssh as root. Should we add root to the list of AllowUsers!

As soon this fix you should be able to see the following logging in mailbox.log while accessing the queue in the monitoring tab of admin console.

Jump to: navigation, search