Barman 2.0 - Check On - ssh output clean barman - Failed
2,146 views
Skip to first unread message
Janis Orlovs
Oct 1, 2016, 6:16:21 AM10/1/16
to Barman, Backup and Recovery Manager for PostgreSQL
Hello,
Just upgraded to 2.0. Now all backups are in state FAILED
With the error for the: ssh output clean: FAILED (the configured ssh_command must not add anything to the remote command output)
Tried to google. But don't understand the matter what is the problem with this?
From barman side:
From other side, same.
What do I needed to do to resolve this issue?
Regards
Just upgraded to 2.0. Now all backups are in state FAILED
With the error for the: ssh output clean: FAILED (the configured ssh_command must not add anything to the remote command output)
Tried to google. But don't understand the matter what is the problem with this?
From barman side:
barman@barman_server.com:/root$ ssh postgres@target_server.com -v
OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /var/lib/barman/.ssh/config
debug1: /var/lib/barman/.ssh/config line 1: Applying options for *.target_server.com
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 56: Applying options for *
debug1: Connecting to target_server.com [172.16.18.5] port 22.
debug1: Connection established.
debug1: identity file /var/lib/barman/.ssh/id_rsa type 1
debug1: identity file /var/lib/barman/.ssh/id_rsa-cert type -1
debug1: identity file /var/lib/barman/.ssh/id_dsa type -1
debug1: identity file /var/lib/barman/.ssh/id_dsa-cert type -1
debug1: identity file /var/lib/barman/.ssh/id_ecdsa type -1
debug1: identity file /var/lib/barman/.ssh/id_ecdsa-cert type -1
debug1: identity file /var/lib/barman/.ssh/id_ed25519 type -1
debug1: identity file /var/lib/barman/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-m...@openssh.com none
debug1: kex: client->server aes128-ctr hmac-m...@openssh.com none
debug1: kex: curve255...@libssh.org need=16 dh_need=16
debug1: kex: curve255...@libssh.org need=16 dh_need=16
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 53:c1:d7:6a:48:fb:43:5d:f4:a8:f3:67:9d:3e:fa:ab
Warning: Permanently added 'target_server.com,172.16.18.5' (ECDSA) to the list of known hosts.
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available
debug1: Unspecified GSS failure. Minor code may provide more information
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /var/lib/barman/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
Authenticated to target_server.com ([172.16.18.5]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-...@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
postgres@target_server.com:~$
OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /var/lib/barman/.ssh/config
debug1: /var/lib/barman/.ssh/config line 1: Applying options for *.target_server.com
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 56: Applying options for *
debug1: Connecting to target_server.com [172.16.18.5] port 22.
debug1: Connection established.
debug1: identity file /var/lib/barman/.ssh/id_rsa type 1
debug1: identity file /var/lib/barman/.ssh/id_rsa-cert type -1
debug1: identity file /var/lib/barman/.ssh/id_dsa type -1
debug1: identity file /var/lib/barman/.ssh/id_dsa-cert type -1
debug1: identity file /var/lib/barman/.ssh/id_ecdsa type -1
debug1: identity file /var/lib/barman/.ssh/id_ecdsa-cert type -1
debug1: identity file /var/lib/barman/.ssh/id_ed25519 type -1
debug1: identity file /var/lib/barman/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-m...@openssh.com none
debug1: kex: client->server aes128-ctr hmac-m...@openssh.com none
debug1: kex: curve255...@libssh.org need=16 dh_need=16
debug1: kex: curve255...@libssh.org need=16 dh_need=16
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 53:c1:d7:6a:48:fb:43:5d:f4:a8:f3:67:9d:3e:fa:ab
Warning: Permanently added 'target_server.com,172.16.18.5' (ECDSA) to the list of known hosts.
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available
debug1: Unspecified GSS failure. Minor code may provide more information
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /var/lib/barman/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
Authenticated to target_server.com ([172.16.18.5]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-...@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
postgres@target_server.com:~$
From other side, same.
What do I needed to do to resolve this issue?
Regards
Gabriele Bartolini
Oct 2, 2016, 6:33:25 AM10/2/16
to pgba...@googlegroups.com
Hi Janis,
I believe this commit is affecting your environment:
We now require that SSH does not add any output when talking to and from Barman, as it would create issues with result parsing.
Please verify that your SSH command does not add any output.
Ciao,
Gabriele
--
Gabriele Bartolini - 2ndQuadrant Italia - Director
PostgreSQL Training, Services and Support
gabriele....@2ndQuadrant.it | www.2ndQuadrant.it
Gabriele Bartolini - 2ndQuadrant Italia - Director
PostgreSQL Training, Services and Support
gabriele....@2ndQuadrant.it | www.2ndQuadrant.it
--
--
You received this message because you are subscribed to the "Barman for PostgreSQL" group.
To post to this group, send email to pgba...@googlegroups.com
To unsubscribe from this group, send email to
pgbarman+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/pgbarman?hl=en?hl=en-GB
---
You received this message because you are subscribed to the Google Groups "Barman, Backup and Recovery Manager for PostgreSQL" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pgbarman+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Janis Orlovs
Oct 3, 2016, 1:58:48 AM10/3/16
to Barman, Backup and Recovery Manager for PostgreSQL
Hello,
Not anymore. But error still present
Not anymore. But error still present
svētdiena, 2016. gada 2. oktobris 13:33:25 UTC+3, Gabriele Bartolini rakstīja:
Hi Janis,I believe this commit is affecting your environment:We now require that SSH does not add any output when talking to and from Barman, as it would create issues with result parsing.Please verify that your SSH command does not add any output.Ciao,Gabriele
--
Gabriele Bartolini - 2ndQuadrant Italia - Director
PostgreSQL Training, Services and Support
gabriele.bartolini@2ndQuadrant.it | www.2ndQuadrant.it
2016-10-01 12:16 GMT+02:00 Janis Orlovs <janis....@gmail.com>:
Hello,
Just upgraded to 2.0. Now all backups are in state FAILED
With the error for the: ssh output clean: FAILED (the configured ssh_command must not add anything to the remote command output)
Tried to google. But don't understand the matter what is the problem with this?
From barman side:
barman@barman_server.com:/root$ ssh post...@target_server.com -v
For more options, visit this group at
http://groups.google.com/group/pgbarman?hl=en?hl=en-GB
---
You received this message because you are subscribed to the Google Groups "Barman, Backup and Recovery Manager for PostgreSQL" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pgbarman+u...@googlegroups.com.
Carol Guo
Oct 3, 2016, 8:59:34 PM10/3/16
to Barman, Backup and Recovery Manager for PostgreSQL
Facing the same error as Janis.
ssh postgres@xxx -v
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to xxxx [xx.xx.xx.xx] port 22.
debug1: Connection established.
debug1: identity file /var/lib/barman/.ssh/id_rsa type 1
debug1: identity file /var/lib/barman/.ssh/id_rsa-cert type -1
debug1: identity file /var/lib/barman/.ssh/id_dsa type -1
debug1: identity file /var/lib/barman/.ssh/id_dsa-cert type -1
debug1: identity file /var/lib/barman/.ssh/id_ecdsa type -1
debug1: identity file /var/lib/barman/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'xxx is known and matches the RSA host key.
debug1: Found key in /var/lib/barman/.ssh/known_hosts:33
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Offering public key: /var/lib/barman/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
Carol Guo
Oct 3, 2016, 9:24:05 PM10/3/16
to Barman, Backup and Recovery Manager for PostgreSQL
Janis,
I found out add "-q" to ssh command made error go away.
like ssh postgres@target -q
Hope it helps!
Marco Nenciarini
Oct 4, 2016, 4:33:50 AM10/4/16
to pgba...@googlegroups.com
On 03/10/16 07:58, Janis Orlovs wrote:
> Hello,
>
> Not anymore. But error still present
>
The test that Barman does is to execute 'true' using the ssh_command and
> Hello,
>
> Not anymore. But error still present
>
checking that the output is empty.
In your case, please check that the following command doesn't produce
any output:
ssh postgres@target_server.com true
Regards,
Marco
--
Marco Nenciarini - 2ndQuadrant Italy
PostgreSQL Training, Services and Support
marco.ne...@2ndQuadrant.it | www.2ndQuadrant.it
Gabriele Bartolini
Oct 4, 2016, 4:35:08 AM10/4/16
to pgba...@googlegroups.com
We should add this to the documentation
--
Gabriele Bartolini - 2ndQuadrant Italia - Director
Gabriele Bartolini - 2ndQuadrant Italia - Director
PostgreSQL Training, Services and Support
gabriele....@2ndQuadrant.it | www.2ndQuadrant.it
marco.nenciarini@2ndQuadrant.it | www.2ndQuadrant.it
--
--
You received this message because you are subscribed to the "Barman for PostgreSQL" group.
To post to this group, send email to pgba...@googlegroups.com
To unsubscribe from this group, send email to
For more options, visit this group at
http://groups.google.com/group/pgbarman?hl=en?hl=en-GB
---
You received this message because you are subscribed to the Google Groups "Barman, Backup and Recovery Manager for PostgreSQL" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pgbarman+unsubscribe@googlegroups.com.
csar...@sardini.net
Dec 15, 2016, 5:01:02 AM12/15/16
to Barman, Backup and Recovery Manager for PostgreSQL
Same issue, I'm using Patroni Postgresql solution so I 've to change my ssh_command to something like this (because of using haproxy to connect always to the master):
ssh_command = ssh -p 5023 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no post...@10.101.10.34
but the check say ssh: OK and ssh output clean: FAILED.
The -q switch at the end of the command resolve this issue.
Reply all
Reply to author
Forward
0 new messages