Amulet

Bug #802117
Comment #5

Comment 5 for bug 802117

Revision history for this message

Stuart Bishop (stub) wrote on 2015-02-13: Re: juju ssh/scp commands cause spurious key errors

Amulet tests are spuriously failing due to this bug. IP addresses get recycled as the leases expire, and the 'juju run' commands Amulet makes fail due to the old host key being in the root users known_hosts file.

======================================================================
ERROR: test suite for <class 'tests.test_integration.Test3UnitDeployment'>
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/stub/charms/cassandra/spike/.venv3/lib/python3.4/site-packages/nose/suite.py", line 210, in run
    self.setUp()
  File "/home/stub/charms/cassandra/spike/.venv3/lib/python3.4/site-packages/nose/suite.py", line 293, in setUp
    self.setupContext(ancestor)
  File "/home/stub/charms/cassandra/spike/.venv3/lib/python3.4/site-packages/nose/suite.py", line 316, in setupContext
    try_run(context, names)
  File "/home/stub/charms/cassandra/spike/.venv3/lib/python3.4/site-packages/nose/util.py", line 470, in try_run
    return func()
  File "/home/stub/charms/cassandra/spike/tests/test_integration.py", line 79, in setUpClass
    deployment.deploy(timeout=WAIT_TIMEOUT)
  File "/home/stub/charms/cassandra/spike/testing/amuletfixture.py", line 74, in deploy
    self.sentry.wait(timeout=timeout)
  File "/usr/lib/python3/dist-packages/amulet/sentry.py", line 259, in wait
    status = self.unit[unit].juju_agent()
  File "/usr/lib/python3/dist-packages/amulet/sentry.py", line 117, in juju_agent
    return self._run_unit_script("juju_agent.py")
  File "/usr/lib/python3/dist-packages/amulet/sentry.py", line 114, in _run_unit_script
    raise IOError(output)
OSError: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
04:1f:98:dc:d5:aa:3a:4d:aa:d8:f6:a2:15:e5:fa:29.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /root/.ssh/known_hosts:3
  remove with: ssh-keygen -f "/root/.ssh/known_hosts" -R 10.0.3.223
Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks.
ERROR command timed out

======================================================================
ERROR: test suite for <class 'tests.test_integration.Test3UnitDeployment'>
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/stub/charms/cassandra/spike/.venv3/lib/python3.4/site-packages/nose/suite.py", line 210, in run
    self.setUp()
  File "/home/stub/charms/cassandra/spike/.venv3/lib/python3.4/site-packages/nose/suite.py", line 293, in setUp
    self.setupContext(ancestor)
  File "/home/stub/charms/cassandra/spike/.venv3/lib/python3.4/site-packages/nose/suite.py", line 316, in setupContext
    try_run(context, names)
  File "/home/stub/charms/cassandra/spike/.venv3/lib/python3.4/site-packages/nose/util.py", line 470, in try_run
    return func()
  File "/home/stub/charms/cassandra/spike/tests/test_integration.py", line 79, in setUpClass
    deployment.deploy(timeout=WAIT_TIMEOUT)
  File "/home/stub/charms/cassandra/spike/testing/amuletfixture.py", line 74, in deploy
    self.sentry.wait(timeout=timeout)
  File "/usr/lib/python3/dist-packages/amulet/sentry.py", line 259, in wait
    status = self.unit[unit].juju_agent()
  File "/usr/lib/python3/dist-packages/amulet/sentry.py", line 117, in juju_agent
    return self._run_unit_script("juju_agent.py")
  File "/usr/lib/python3/dist-packages/amulet/sentry.py", line 114, in _run_unit_script
    raise IOError(output)
OSError: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
04:1f:98:dc:d5:aa:3a:4d:aa:d8:f6:a2:15:e5:fa:29.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /root/.ssh/known_hosts:3
  remove with: ssh-keygen -f "/root/.ssh/known_hosts" -R 10.0.3.223
Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks.
ERROR command timed out