Puppet agent couldn't request certificate: Header too long - ssl-certificate

Previously, I had the agent working properly, but after a recent power outage, I keep getting this issue.
I run puppet agent -t and get this error:
Error: Could not request certificate: Neither PUB key nor PRIV key: header too long
I've googled the issue, and it sounded like a clock issue (also suspected due to power outage). The time was off by 4 hours, but BIOS time seemed correct when I checked it. ntpdate didn't seem to work, so I synchronized them manually. Additionally, I've looked at the public and private keys after someone mentioned stray characters in their post, but haven't found anything of the sort.
Both master and agent are running Ubuntu, 15.04.

Fixed with help from Puppet IRC
rm -rf $ssldir ON THE AGENT; puppet cert clean $certname on the master
then puppet agent -t on the agent and get new certs
Due to corruption from power loss.

I had the exact same error, but only removing the ssl directory wan't enough for me... but this fixed it:
apt-get purge puppet puppet-common puppetlabs-release hiera facter
rm -rf /var/lib/puppet /etc/puppet
apt-get purge augeas-lenses libaugeas-ruby libaugeas0 ruby-augeas ruby-json ruby-shadow virt-what
Then reinstall it. This puppet agent is version 3.8.7 on Ubuntu 14.04.
Also just the first purge line and rm -rf ... didn't fix it alone. I guess some file got corrupted (although the disks were never replaced and look fine, and it has ECC RAM) or something was generated and was wrong due to some bugs.

In my case the issues was was from lack of disk space on master and cert on master that needed to be deleted from /etc/puppetlabs/puppet/ssl/ca/requests

Related

why ssh connection timed out in vscode?

I installed git instead of openssl to use Remote-SSH in VSCode.However,after I completed the config document and tried to connect to the remote host.I failed. The error info is showed in the below pic.error info
error info:
[11:27:12.631] remote-ssh#0.48.0
[11:27:12.632] win32 x64
[11:27:12.656] SSH Resolver called for "ssh-remote+23321", attempt 1
[11:27:12.659] SSH Resolver called for host: 23321
[11:27:12.659] Setting up SSH remote "23321"
[11:27:12.790] Using commit id "26076a4de974ead31f97692a0d32f90d735645c0" and quality "stable" for server
[11:27:12.798] Testing ssh with ssh -V
[11:27:13.099] ssh exited with code: 0
[11:27:13.100] Got stderr from ssh: OpenSSH_8.1p1, OpenSSL 1.1.1d 10 Sep 2019
[11:27:13.128] Running script with connection command: ssh -T -D 49485 23321 bash
[11:27:13.132] Install and start server if needed
[11:27:13.151] Terminal shell path: C:\Windows\System32\cmd.exe
[11:27:30.151] Resolver error: Connecting with SSH timed out
[11:27:30.178] ------
I had the same problem but the above solutions didn't work with my setup,
but the following setting did work:
"remote.SSH.useLocalServer": false
I got this solution from github reported issues and fix
In my case, the problem was caused by a too long authentication process on the server-side.
Solved it by extending the Connect Timeout from 15 to 30 seconds.
Instructions:
open your vscode Command Palette (via keyboard shortcut or from the
View menu).
search for the Remote-SSH: Settings.
scroll till you find the Connect Timeout.
change it to a longer duration than 15 secs.
key F1
Remote-SSH: Settings
Connect Timeout: from 15 seconds to 60 seconds solve my connection issue
You can try the following approaches:
ssh to your remote server. Then run the following commands to clean data folder and bin folder under .vscode-server folder on the server:
cd ~/.vscode-server
rm data/* -rf
rm bin/* -rf
If step 1 does not work, ssh to your remote server and delete the entire .vscode-server folder with the following command:
rm -rf ~/.vscode-server
Please note that this will also remove the extensions that you installed on the server.
Downgrade the version of the remote-SSH extension in vscode. Look up the extension in the vscode interface, right click on that, and you will find the option "Install Another Version ...". Install the previous version of the current one. If it does not work keep downgrading the version.
I had the same problem before, I solved this by deleting "terminal.integrated.inheritEnv": false inside ~/.config/Code/User/setting.json
I found the solution here in this thread from user oreilm49:
https://github.com/microsoft/vscode-remote-release/issues/1137
in vscode settings :
search conpty and uncheck it
I had same issue, my problem was solved after changing settings in the json file:
I removed "terminal.integrated.inheritEnv": false inside ~/.config/Code/User/setting.json
I added "remote.SSH.useLocalServer": true inside ~/.config/Code/User/setting.json
It worked for me after so many different trials
This might be a very foolish solution but it actually works for me, so I will write it down in case any other people get into the same problem.
I made modifications to the config file for SSH, then all the trials for connection ran into the error of 'Connecting SSH timed out'. I tried many possible solutions but none of them solved my problem.
Then I just closed the VScode and restarted it. Then everything works.
I had a case of this. I my client (local computer) is a Mac, and I was connecting to Linux host. I just went to the setting "Remote Platform" under Remote.SSH settings, and explicitly told it that I am connecting to a Linux remote. After this, it started to work.
I had this issue because of version missmatch of client and server. After updating both to the same version, it worked for me.
The issue with me was timeout at first. I tried increasing the timeout in settings but then later found the issue was with "tar".
The vscode-server.tar.gz (probably a little change in the file name) was not able to install due to tar not being present in my host.
So I installed tar in the host as "yum install tar"
And then tried reconnecting to the server and it worked

Stuck when installing phpmyadmin

I was installing phpmyadmin following this tutorial.
I missed the warning in step 1 and I did not select Apache2. I exited the command line and when I try to start from the beginning I get this error:
E: Could not get lock /var/lib/dpkg/lock-frontend - open (11: Resource temporarily unavailable)
E: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), is another process using it?
I've been searching for answers, but couldn't find one that helps.
What should I do here?
Thanks
Some of the running processes is still using the apt package manager. You can find the apt process using the following command:
ps aux | grep apt
and kill it:
sudo kill -9 PID
Don't forget to replace PID with the actual process ID.
Probably a background process is using/locked on the administrator directory. You could
ps
or
ps | e
to view the running processes and stop/kill the one using the dpkg.
I ran into this error once after updating my Linux Mint Tara, and couldn't use dpkg. I had to restart the whole system which worked fine.
You could try it too, restarting.
It mean something(Process) else is installing or removing software and has locked the apt database while it performs the action.(Probably The Software Center or The update Manager). The safest way is(without crashing your system) Reboot Ubuntu the Try to install phpmyadmin again.
Killing the process might not work always, because there could be no process involved at all!
So, the best solution would be:
sudo rm /var/lib/apt/lists/lock
sudo rm /var/cache/apt/archives/lock
sudo rm /var/lib/dpkg/lock*
I had your same error messages [both of them] and I solved the issue running:
sudo rm /var/lib/apt/lists/lock
sudo rm /var/cache/apt/archives/lock
sudo rm /var/lib/dpkg/lock
as said in this post which explains that "the root cause is the lock file. Lock files are used to prevent two or more processes from using the same data. When apt or apt-commands are run, it creates lock files in a few places. When the previous apt command was not terminated properly, the lock files were not deleted and hence they prevent any new instances of apt/apt-get commands"

Cannot upgrade Arch Linux (pacman -Syu not working)

I am running sudo pacman -Syu on my Arch Linux and I am getting the following:
cristian#localhost:~$ sudo pacman -Syu
:: Synchronizing package databases...
core is up to date
extra is up to date
community is up to date
multilib is up to date
xenlism-arch is up to date
:: Starting full system upgrade...
resolving dependencies...
looking for conflicting packages...
error: failed to prepare transaction (could not satisfy dependencies)
:: package-query: requires pacman<4.3
What's the solution to fix this?
UPDATE
I have tried both solutions sugested by #jham. I have completely removed yaourt and package-query. At pacman -Qi pacman at 'required by' I have none. I also commented multilib and xenlism-arch from pacman.conf. When I do pacman -Syu I get the following:
:: Proceed with installation? [Y/n]
(244/244) checking keys in keyring [###################################] 100%
(244/244) checking package integrity [###################################] 100%
error: confuse: signature from "Thorsten Töpper <atsutane#freethoughts.de>" is unknown trust
:: File /var/cache/pacman/pkg/confuse-2.8-2-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.
I just had this very same error. The problem seems to be that there are new keys in the archlinux-keyring package, and new packages (confuse) signed with those keys. Since both packages are updated in the same transaction, well the new keys cannot be used until the update is finished, but the transaction will not start until the packages are checked...
The solution would be to update the archlinux-keyring by itself:
pacman -S archlinux-keyring
And then do the rest:
pacman -Su
If that fails, you could try running through the keys manually, with:
pacman-key --populate
but usually, it is not necessary.
I just happened to have the same problem, and solved it the following way:
$ sudo pacman -Rdd package-query # Purge the conflicting package-query
$ sudo pacman -Syu # There it works
# Now reinstall package-query
$ git clone https://aur.archlinux.org/package-query.git
$ cd package-query && makepkg -si
For anyone else coming in here that didn't find the solution by rorido working, try users Bernhard Fürst's or Jham's answer of just pacman -S package-query which worked for me without issues.
Also, if you are still getting issues like this with libalpm.so.8: cannot open shared object file: No such file or directory then you have to manually reinstall package-query and yaourt.
sudo pacman-db-upgrade
yaourt -R package-query yaourt
git clone https://aur.archlinux.org/package-query.git
cd package-query
makepkg -si
cd ..
git clone https://aur.archlinux.org/yaourt.git
cd yaourt
makepkg -si
cd ..
If you still have an error. Try this:
sudo find /var/cache/pacman/pkg/ -iname "*.part" -exec rm {} \;
It removes .part files, which causes the "invalid or corrupted package" error. After you remove them, run this:
sudo pacman -Syyu
This should solve the problem, if there is no any missing key.
I am using Manjaro and after a long search, I was able to fix the issue by following these simple commands.
NOTE: You must run pacman-key --init before first using pacman; the local
keyring can then be populated with the keys of all official Manjaro Linux
packagers with pacman-key --populate archlinux manjaro.
failed to prepare transaction (invalid or corrupted database)
Here it was due to the actual (faulty) mirror servers delivering junk.
comment out those standard servers and use a quality server e.g.
ftp://ftp5.gwdg.de/pub/linux/archlinux/community/os/x86_64/
Too bad that /etc/pacman.conf is so poorly commented, as if to deliberatly be unhelpful and feckless, always being vague, never concretely helpful.
this was the last error in an seemingly endless ordain of errors from pacman. keys are unmanagable, servers are a mess, libs spell chaos. Took me more than 1 day to get through this horrific Arch experience.
The following is for ArchLinux however applies to other Linux distros too.
To correct an invalid KEY one needs to do the following:
rm -fr /etc/pacman.d/gnupg
pacman-key --init
pacman-key --populate archlinux
say the key throwing an error is in Blackarch then is also needed to :
sudo pacman-key --populate blackarch
and finally
sudo pacman -Sy archlinux-keyring
sudo pacman-key --populate archlinux
sudo pacman-key --refresh-keys

/var/run/redis/redis.pid exists, process is already running or crashed

Redis went quite on me.
user#mycomputer:~$ redis-cli
Could not connect to Redis at 127.0.0.1:6379: Connection refused
I try to restart the service by doing this
sudo /etc/init.d/redis_6379 stop
/var/run/redis/redis.pid exists, process is already running or crashed
But no luck. Logs didn't show an error as well.
Got it fixed by backing up the redis.rdp file mine is located at
/var/lib/redis
check your config file "/etc/redis/redis.conf" for the rdp file's location and do this
sudo mv /var/lib/redis/redis.rdp /var/lib/redis/redis_backup.rdp
Then recreate the the redis.rdp file
sudo touch redis.rdp
Run the redis-server with the conf and it should work
sudo redis-server /etc/redis/redis.conf
Get it fixed in a tidy way: Recreate the the redis.rdp file as suggested here in one of answer, will purge all the cache recorded so far and redis will start up fresh with no cache data.
This is a warning message to notify system crash / improper shutdown: "/var/run/redis/redis.pid exists, process is already running or crashed"
Just delete /var/run/redis/redis.pid file and restart the server again.
Note: You might have lost latest cache changes due to untidy shutdown, which weren't flushed into the disk. This data loss can be minimized using frequent disk flush configuration in redis conf file(in my case it is #/etc/redis/6379.conf)
save 900 1
save 300 10
save 60 10000
Or try AOF persistence, more details [here][1]
Depends on how you installed redis, the pid can be found on /var/run/redis_6379.pid.
What happened is that redis crashed, but the pid is still there. So you just have to delete it.
sudo rm -f /var/run/redis_6379.pid
Then start redis again:
sudo /etc/init.d/redis_6379 start
If you can't find it, I suggest installing redis "more properly". Follow redis quickstart guide in the Installing Redis more properly section.
You can find it here:
https://redis.io/topics/quickstart
Run the redis-server with config.
sudo redis-server redis.conf

rabbitmq refusing to start

I have installed rabbitmq on ubuntu and trying to start it using rabbitmq-server start, however, I'm getting this error:
Activating RabbitMQ plugins ...
0 plugins activated:
node with name "rabbit" already running on "mybox"
diagnostics:
- nodes and their ports on mybox: [{rabbit,38618},
{rabbitmqprelaunch13346,41776}]
- current node: rabbitmqprelaunch13346#mybox
- current node home dir: /var/lib/rabbitmq
- current node cookie hash: 8QRKGluOJOcZ4AAkEdFwQg==
so I try to stop it or restart it using service rabbitmq-server restart but I get the following error: Restarting rabbitmq-server: RabbitMQ is not running
The server's host name hostname -s is mybox.
How do I stop the currently running instance, or at least, how do I manage it? I have no access to it and yet I'm not able to run rabbitmq properly.
Thank you.
Rabbitmq is set to start automatically after it's installed.
I don't think it is configured run with the service command.
To see the status of rabbitmq
sudo rabbitmqctl status
To stop the rabbitmq
sudo rabbitmqctl stop
(Try the status command again to see that it's stopped).
To start it again, the recommended method is
sudo invoke-rc.d rabbitmq-server start
These all work with the vanilla ubuntu install using apt-get
Still not working?
If you've tried unsuccessfully to start or restart rabbitmq, check to see how many processes are running.
ps -ef | grep rabbit
There should be 5 processes running as the user rabbitmq.
If you have more, particularly if they're running as other users (such as root, or your own user) you should stop these processes.
The cleanest way is probably to reboot your machine.
rabbitmq-server refuses to start if the hostname -s value has changed.
The solution suggested here is only for test/development environments.
I had to delete the database to fix it locally.
i.e empty folder /var/lib/rabbitmq (ubuntu) or /usr/local/var/lib/rabbitmq/(mac)
I had similar problem but these suggestions didn't work for me(restart too). When I run rabbitmq-server command, I get a response like that:
$/ rabbitmq-server
BOOT FAILED
===========
Error description:
{error,{cannot_log_to_file,"/var/log/rabbitmq/rabbit#haber01.log",
{error,eacces}}}
....
When I checked permissions of /var/log/rabbitmq/rabbit#haber01.log file, I saw that group has not write permisson for that file. So I gave permission to group with that command:
/var/log/rabbigmq/$ chmod g+w *
then problem has gone!
Maybe this answer help someone.
Seems like the Mnesia database was corrupted. Had to delete it to get sudo service rabbitmq-server start going again !
$ sudo rm -rf /var/lib/rabbitmq/mnesia/
Also make sure that any stray rabbit processes are killed before clearing out
$ ps auxww | grep rabbit | awk '{print $2}' | sudo xargs kill -9
And then
$ sudo service rabbitmq-server start
If you use celery, your queues could reach max size and rabbit won't start because of that. Maybe you wouldn't even able to use rabbitmqctl, so if you can afford to clean the queues, just remove
/var/lib/rabbitmq/mnesia/rabbit#<host>/queues
on unix (look for mnesia DB path on your system).
Be careful: this will remove everything you have in rabbit, so this is a last solution ever.
Have a look what is in the log of the node that you are trying to start. It will be in /var/log/rabbitmq/
It was selinux in my case, rabbit could not bind to its ports.
My brew version of rabbitmq refused to start (after working fine for years without modification by me) too.
$ cat /usr/local/etc/rabbitmq/rabbitmq-env.conf
CONFIG_FILE=/usr/local/etc/rabbitmq/rabbitmq
NODE_IP_ADDRESS=127.0.0.1
NODENAME=rabbit#localhost
RABBITMQ_LOG_BASE=/usr/local/var/log/rabbitmq
I edited out rabbit# on NODENAME and brew services restart rabbitmq started working again.
If the standard stop and start are not working, list the rabbitmq processes that are running using
ps aux | grep rabbitmq
Kill the beam.smp process using
kill -9 {process id}
and start the rabbitmq-server again.