Welcome to the Linux Foundation Forum!

stuck at running nohup sudo bash -x aio-centos-gcp-deploy.sh 4 &

Using step 4: I used Google SDK: gcloud compute ssh --zone "us-central1-f" "openstack-01" and gotten into the terminal
next I did sudo -i su - aarna and gotten into CD $HOME/onap-custom/setup-utils

the next command of nohup sudo bash -x aio-centos-gcp-deploy.sh 4 & does not proceed and the tail shows
We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:
#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.

running the command as ./bash -x aio-centos-gcp-deploy.sh asks for password for aarna

Please help as I am losing time with machines running. Thanks

Comments

  • vmuthukrishnan
    vmuthukrishnan Posts: 31
    edited May 2021

    Hi @sonimanish0604 . The GCP ecurity settings disables sudo access to user aarna. So, you will have to apply the below workaround.

    This steps we did to fix GCP image issues

    **# Authorised file is removed while launching the instance we need add manually
    **
    $ chown -R aarna:aarna /home/aarna/.ssh
    $ vi /home/aarna/.ssh/authorized_keys
    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDgGPLMi26GSHwfHY+IcUe2xgC1PQyMG0wVAA/4Gwyjzowelt76LDOQI29l5xa7JyyGkenmwSHkd3d9IKwpe+jw3w9P5+SLpxXjkMQc5g3VHLKOVguFg/BPQmRqjndqQE6m9ddpVFCaPz6Py1+7LxF5IAnZr+VY5glqCnWhw68XVfxlvQqtJub8lug1eSZh6oa6/+L96mRZXrB8BPJ41PfLQwK7hw0H11JBrNFGYTcyX4Hsn2Z8FL540HjMr+MWF9eRrQaFrB5NTAJHLjxtVPiz6R2N23gzoTkwUmxcgwnvUyOgSdOlRYnMOs8RCxNbbcn68IrBT3tbfVtDF1rFHFDB

    $ chmod 600 /home/aarna/.ssh/authorized_keys

    Edit the root login property to

    $sudo vi /etc/ssh/sshd_config
    PermitRootLogin no to PermitRootLogin without-password

    $sudo usermod -aG wheel aarna
    $sudo visudo

    add the below line

    aarna ALL=(ALL) NOPASSWD: ALL

    un comment the bellow line

    %wheel ALL=(ALL) NOPASSWD: ALL
    %wheel ALL=(ALL) ALL

    Now you can do the following to deploy AIO

    $sudo -i

    su - aarna

    $ CD $HOME/onap-custom/setup-utils
    $ sudo bash -x aio-centos-gcp-deploy.sh 4 &

    Please us know how it goes.

  • Hi, thanks for your help.
    I am stuck at the step
    $sudo vi /etc/ssh/sshd_config

    its still prompting for password

    We trust you have received the usual lecture from the local System
    Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.
    

    [sudo] password for aarna:

  • I restarted from step 3 after deleting the instances, and still have same issue as listed in the document or above ....the nohup command shows the same entry in nohup.out as above, and seems to be prompting for password

  • vmuthukrishnan
    vmuthukrishnan Posts: 31
    edited May 2021

    Hi Sonimanish0604,

    The issue is related to GCP security settings. It removes the aarna user SUDO user group and disables the password less SUDO access.

    Do you have sudo user access to this VM? Can we ssh into this instance to take a look at it.

  • Yes, I can give you access , using GCP IAM features. Please let me know email id, username, etc. I am wondering why others are not seeing this issue? What else I can try? Thanks

  • Hi Soni, What we need is to access your GCP over SSH. Can i have your email ID and we will include you to our support Slack channel. Our support team member IDs vmuthukrishnan@aarnanetworks.com, premkumar@aarnanetworks.com and raghuramg@aarnanetworks.com.

  • raghuramg
    raghuramg Posts: 73

    Step-1: SSH to VM instance from the GCP Console.
    Click SSH > Open in Browser Window.

    Step-2: Add the aarna user public key to the /home//.ssh/authorized_key
    vi /home/[ your user]/.ssh/authorized_keys

    Add the following line in the file and save it

    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDgGPLMi26GSHwfHY+IcUe2xgC1PQyMG0wVAA/4Gwyjzowelt76LDOQI29l5xa7JyyGkenmwSHkd3d9IKwpe+jw3w9P5+SLpxXjkMQc5g3VHLKOVguFg/BPQmRqjndqQE6m9ddpVFCaPz6Py1+7LxF5IAnZr+VY5glqCnWhw68XVfxlvQqtJub8lug1eSZh6oa6/+L96mRZXrB8BPJ41PfLQwK7hw0H11JBrNFGYTcyX4Hsn2Z8FL540HjMr+MWF9eRrQaFrB5NTAJHLjxtVPiz6R2N23gzoTkwUmxcgwnvUyOgSdOlRYnMOs8RCxNbbcn68IrBT3tbfVtDF1rFHFDB

    Step-3: Open terminal on your laptop/workstation and try to connect with aarna.pem private key file.

    ssh -i [path to aarna.pem file] your-user-name@VM Public IP.

    Step-4: Run below commands to change the aarna file permissions as root user and add aarna public key to authorized_keys under /home/aarna/.ssh/.
    sudo -i
    sudo chown -R aarna:aarna /home/aarna/.ssh
    sudo vi /home/aarna/.ssh/authorized_keys

    Add the following line in the file and save it

    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDgGPLMi26GSHwfHY+IcUe2xgC1PQyMG0wVAA/4Gwyjzowelt76LDOQI29l5xa7JyyGkenmwSHkd3d9IKwpe+jw3w9P5+SLpxXjkMQc5g3VHLKOVguFg/BPQmRqjndqQE6m9ddpVFCaPz6Py1+7LxF5IAnZr+VY5glqCnWhw68XVfxlvQqtJub8lug1eSZh6oa6/+L96mRZXrB8BPJ41PfLQwK7hw0H11JBrNFGYTcyX4Hsn2Z8FL540HjMr+MWF9eRrQaFrB5NTAJHLjxtVPiz6R2N23gzoTkwUmxcgwnvUyOgSdOlRYnMOs8RCxNbbcn68IrBT3tbfVtDF1rFHFDB

    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDqXaTZf6eQw55I2LOnpXbC8JEw536thBD5QOWKwPsgy0CUojL9+PpLS7x949SXxoF9jrtQ1n67pnHeWXrOFXzrpWNIgmZMrV8KOpteC/0yAvTSY585fMpMz1Q3xrlSk8BIk+LUbyXmSNwNeLTJb3s+iJ28ySgKE99IOisdjPLPtRi3zLhrRw+xg7UjRQTys46jqy/+txoXUIJRwYQx6kusBmiZIpIVbXBnFErwlydNUj9KfPdiGICMUXqOeF1+iacCGMCsVSuRPR74OJAi4CXrHOL+zJcyidIwqz2H7V6ra8MVq6vT+jp/NyOrgJJbgZiQpuNpxWbJ0lXxOgDX1eXf

    Step-4: Make sure the file permissions are set to 600.
    Change the file ownership to aarna user.
    sudo chown -R aarna:aarna /home/aarna/.ssh/authorized_keys
    chmod 600 /home/aarna/.ssh/authorized_keys

    Step-5: Edit the root login property to allow root user without password.
    sudo vi /etc/ssh/sshd_config
    PermitRootLogin no to PermitRootLogin without-password

    Step-6: Add aarna user to group wheel.
    sudo usermod -aG wheel aarna

    Step-7: Update the sudo user file.
    sudo visudo

    added below line

    aarna ALL=(ALL) NOPASSWD: ALL

    uncomment the bellow line

    %wheel ALL=(ALL) NOPASSWD: ALL
    %wheel ALL=(ALL) ALL

  • raghuramg
    raghuramg Posts: 73

    Hi Soni,
    Please follow above steps one by one. If you still face issues. Please let us know.

  • raghuramg
    raghuramg Posts: 73

    Step-1: SSH to VM instance from the GCP Console.
    Click SSH > Open in Browser Window.

    Step-2: Add the aarna user public key to the /home//.ssh/authorized_key
    vi /home/[your-user]/.ssh/authorized_keys

    Add the following line in the file and save it

    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDgGPLMi26GSHwfHY+IcUe2xgC1PQyMG0wVAA/4Gwyjzowelt76LDOQI29l5xa7JyyGkenmwSHkd3d9IKwpe+jw3w9P5+SLpxXjkMQc5g3VHLKOVguFg/BPQmRqjndqQE6m9ddpVFCaPz6Py1+7LxF5IAnZr+VY5glqCnWhw68XVfxlvQqtJub8lug1eSZh6oa6/+L96mRZXrB8BPJ41PfLQwK7hw0H11JBrNFGYTcyX4Hsn2Z8FL540HjMr+MWF9eRrQaFrB5NTAJHLjxtVPiz6R2N23gzoTkwUmxcgwnvUyOgSdOlRYnMOs8RCxNbbcn68IrBT3tbfVtDF1rFHFDB

    Step-3: Open terminal on your laptop/workstation and try to connect with aarna.pem private key file.

    ssh -i [path to aarna.pem file] [your-user-name@VM Public IP.

    Step-4: Run below commands to change the aarna file permissions as root user and add aarna public key to authorized_keys under /home/aarna/.ssh/.
    sudo -i
    sudo chown -R aarna:aarna /home/aarna/.ssh
    sudo vi /home/aarna/.ssh/authorized_keys

    Add the following line in the file and save it

    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDgGPLMi26GSHwfHY+IcUe2xgC1PQyMG0wVAA/4Gwyjzowelt76LDOQI29l5xa7JyyGkenmwSHkd3d9IKwpe+jw3w9P5+SLpxXjkMQc5g3VHLKOVguFg/BPQmRqjndqQE6m9ddpVFCaPz6Py1+7LxF5IAnZr+VY5glqCnWhw68XVfxlvQqtJub8lug1eSZh6oa6/+L96mRZXrB8BPJ41PfLQwK7hw0H11JBrNFGYTcyX4Hsn2Z8FL540HjMr+MWF9eRrQaFrB5NTAJHLjxtVPiz6R2N23gzoTkwUmxcgwnvUyOgSdOlRYnMOs8RCxNbbcn68IrBT3tbfVtDF1rFHFDB

    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDqXaTZf6eQw55I2LOnpXbC8JEw536thBD5QOWKwPsgy0CUojL9+PpLS7x949SXxoF9jrtQ1n67pnHeWXrOFXzrpWNIgmZMrV8KOpteC/0yAvTSY585fMpMz1Q3xrlSk8BIk+LUbyXmSNwNeLTJb3s+iJ28ySgKE99IOisdjPLPtRi3zLhrRw+xg7UjRQTys46jqy/+txoXUIJRwYQx6kusBmiZIpIVbXBnFErwlydNUj9KfPdiGICMUXqOeF1+iacCGMCsVSuRPR74OJAi4CXrHOL+zJcyidIwqz2H7V6ra8MVq6vT+jp/NyOrgJJbgZiQpuNpxWbJ0lXxOgDX1eXf

    ** Step-4: Make sure the file permissions are set to 600.vChange the file ownership to aarna user.**
    sudo chown -R aarna:aarna /home/aarna/.ssh/authorized_keys
    chmod 600 /home/aarna/.ssh/authorized_keys

    Step-5: Edit the root login property to allow root user without password.
    sudo vi /etc/ssh/sshd_config
    PermitRootLogin no to PermitRootLogin without-password

    Step-6: Add aarna user to group wheel.
    sudo usermod -aG wheel aarna

    Step-6: Update the sudo user file.
    sudo visudo

    added below line

    aarna ALL=(ALL) NOPASSWD: ALL

    uncomment the bellow line

    %wheel ALL=(ALL) NOPASSWD: ALL
    %wheel ALL=(ALL) ALL

  • Hi @vmuthukrishnan , my email is : sonimanish0604@gmail.com. Please help me get this resolved. I am following steps as in the lab work.
    Hi @raghuramg . anytime I do sudo, i am prompted for password.

  • Hi @sonimanish0604 Please share your public IP If you are done including the SSH keys. Out team can take a look at your system.

  • Hi @vmuthukrishnan I have opened access to email addresses you mentioned. The External IP is: 34.122.69.188

    The forum is not allowing me to add the aarna.pem / aarna.ppk files, however, i am using the one i got from google drive
    link from another discussion within this forum

  • raghuramg
    raghuramg Posts: 73

    Hi @sonimanish0604 ,
    I have sent you invite to join Slack channel. Could you please join, we will take it from there.

  • raghuramg
    raghuramg Posts: 73

    Hi Soni,

    I cannot SSH into your VM.

    Please add below public key into the authorized_key file. and share your username.

    Step-2: Add the aarna user public key to the /home/[your-user]/.ssh/authorized_key
    vi /home/[your-user]/.ssh/authorized_keys

    Add the following line in the file and save it

    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDgGPLMi26GSHwfHY+IcUe2xgC1PQyMG0wVAA/4Gwyjzowelt76LDOQI29l5xa7JyyGkenmwSHkd3d9IKwpe+jw3w9P5+SLpxXjkMQc5g3VHLKOVguFg/BPQmRqjndqQE6m9ddpVFCaPz6Py1+7LxF5IAnZr+VY5glqCnWhw68XVfxlvQqtJub8lug1eSZh6oa6/+L96mRZXrB8BPJ41PfLQwK7hw0H11JBrNFGYTcyX4Hsn2Z8FL540HjMr+MWF9eRrQaFrB5NTAJHLjxtVPiz6R2N23gzoTkwUmxcgwnvUyOgSdOlRYnMOs8RCxNbbcn68IrBT3tbfVtDF1rFHFDB

  • @raghuramg , Thanks Raghu for the slack invite, I am in the channel now

  • username is sonimanish0604

    [sonimanish0604@openstack-01 home]$ cd sonimanish0604
    [sonimanish0604@openstack-01 ~]$ pwd
    /home/sonimanish0604
    [sonimanish0604@openstack-01 ~]$ ls -lrt
    total 0
    [sonimanish0604@openstack-01 ~]$ vi /home/sonimanish0604/.ssh/authorized_keys
    [sonimanish0604@openstack-01 ~]$ ls -lrt
    total 0
    [sonimanish0604@openstack-01 ~]$ cd .ssh
    [sonimanish0604@openstack-01 .ssh]$ ls -lrt
    total 4
    -rw-rw-r--. 1 sonimanish0604 sonimanish0604 382 May 17 12:19 authorized_keys
    [sonimanish0604@openstack-01 .ssh]$ cat authorized_keys
    ssh-rsa
    AAAAB3NzaC1yc2EAAAADAQABAAABAQDgGPLMi26GSHwfHY+IcUe2xgC1PQyMG0wVAA/4Gwyjzowelt76LDOQI29l5xa7JyyGkenmwSHkd3d9IKwpe+j
    w3w9P5+SLpxXjkMQc5g3VHLKOVguFg/BPQmRqjndqQE6m9ddpVFCaPz6Py1+7LxF5IAnZr+VY5glqCnWhw68XVfxlvQqtJub8lug1eSZh6oa6/+L96m
    RZXrB8BPJ41PfLQwK7hw0H11JBrNFGYTcyX4Hsn2Z8FL540HjMr+MWF9eRrQaFrB5NTAJHLjxtVPiz6R2N23gzoTkwUmxcgwnvUyOgSdOlRYnMOs8RC
    xNbbcn68IrBT3tbfVtDF1rFHFDB
    [sonimanish0604@openstack-01 .ssh]$

Categories

Upcoming Training