What user account do kola tests use?

[Marshall Onsrud]

Which user account do the kola tests use? And, any advice on how to debug authentication issues related to cloud config?

When running a test or kola spawn --debug -r -s there is an auth error. I would like to find out more about why it is failing to authenticate but I am not sure how to get more output. 

        harness.go:190: Cluster failed starting machines: ssh journalctl failed: ssh: handshake failed: ssh: unable to authenticate, attempted methods [publickey none], no supported methods remain

FAIL

harness: test suite failed

Thanks.

[David Michael]

On Fri, Mar 10, 2017 at 1:40 PM, Marshall Onsrud
<mars...@theonsruds.com> wrote:
>
> Which user account do the kola tests use?

They use "core", and a new SSH key is generated and injected into your
test's user data for that user. You could try using
./set_shared_user_password.sh in the SDK to build an image with a
default password set.

> And, any advice on how to debug authentication issues related to cloud config?

Since just about all accesses to the test systems by mantle are over
SSH, there are not a lot of options when SSH is completely broken.
I've been using a bit of a brute-force method lately for local QEMU
tests: patch platform/machine/qemu/cluster.go to replace "-display
none" with e.g. "-display vnc=:5" and run the following command on
your host system when the test VM is running:

sudo nsenter -n -t $(ps -ef | awk '/qemu[-]/{print$2}') vncviewer
127.0.0.1::5905

That is using tigervnc, and the substituted command is just a dumb way
to get a QEMU PID which might need to be adjusted on your system.
Start it early so you can add "coreos.autologin" at the bootloader to
get into the system regardless of if any authentication works.

> When running a test or kola spawn --debug -r -s there is an auth error. I
> would like to find out more about why it is failing to authenticate but I am
> not sure how to get more output.
>
> harness.go:190: Cluster failed starting machines: ssh journalctl
> failed: ssh: handshake failed: ssh: unable to authenticate, attempted
> methods [publickey none], no supported methods remain
> FAIL
> harness: test suite failed

When you see that message, it usually means Ignition (or whatever
provisioner you're using) has failed to run, since the injected SSH
key isn't working. In that case, no authentication configuration was
done, so you will have to do something like the above to get into the
system.

Thanks.

David

[Marshall Onsrud]

Is this ssh key that is injected really static or is it genereated. I find a couple of files seem to have what looks a static pub key in them.

/cmd/kola/updatepayload.go:MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFS5uVJ+pgibcFLD3kbY

./update/signature/signature.go:MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFS5uVJ+pgibcFLD3kbY

I did use your vnc trick to confirm that it is an sshd auth issue. What I saw first was sshd could not find/open authorized_keys2 and then after fixing that, just failed to find a matching key.