Uploaded image for project: 'CFEngine Community'
  1. CFEngine Community
  2. CFE-1428

cf-key -r does not remove public key file

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Done
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.6.0
    • Component/s: cf-key
    • Labels:
      None
    • Platform:
      Any
    • Found in version (details):
      CFEngine Core 3.6.0.5eda52c

      Description

      The @cf-key -r@ command removes the host from the lastseen DB, but does not remove the host's public key file. This results in the host still being able to connect until the file is manually removed.

      (In the example below, I'm not sure if the error messages produced by @cf-key@ are related to this problem)

      <pre>
      root@hub:/var/cfengine/ppkeys# cf-key -s
      Direction IP Name Last connection Key
      Incoming 192.168.33.4 - Fri May 2 16:05:39 2014 SHA=79af661d9946130ddb02abd10ecc8efbf6f2d58567d7a3cda0d4d63e39266121
      Outgoing 192.168.33.4 - Fri May 2 16:10:22 2014 SHA=79af661d9946130ddb02abd10ecc8efbf6f2d58567d7a3cda0d4d63e39266121
      Incoming 192.168.33.2 - Fri May 2 16:10:22 2014 SHA=833a430ebb18357ef16afc2a07271d32f97e7fc7ea9224114e0685485cd38235
      Outgoing 192.168.33.2 - Fri May 2 16:10:22 2014 SHA=833a430ebb18357ef16afc2a07271d32f97e7fc7ea9224114e0685485cd38235
      Incoming 192.168.33.4 - Wed Apr 30 22:41:16 2014 SHA=859eb2359f0bb50d00e5814bf4832d142c8d561f17b9a6ba803666932ca430fb
      Outgoing 192.168.33.4 - Wed Apr 30 22:40:43 2014 SHA=859eb2359f0bb50d00e5814bf4832d142c8d561f17b9a6ba803666932ca430fb
      Incoming 192.168.33.3 - Fri May 2 16:06:58 2014 >>>>SHA=e718870a82d99d56b2559c01a4f00cfef8d9f101efd433e86e54f87e0227b918<<<<
      Outgoing 192.168.33.3 - Fri May 2 16:10:22 2014 >>>>SHA=e718870a82d99d56b2559c01a4f00cfef8d9f101efd433e86e54f87e0227b918<<<<
      Total Entries: 8

      root@hub:/var/cfengine/ppkeys# cf-key -r 192.168.33.3
      2014-05-02T16:11:27+0000 error: Lastseen database is incoherent. Will not proceed to remove entries from it.

      root@hub:/var/cfengine/ppkeys# cf-key -r 192.168.33.3 -x
      2014-05-02T16:11:31+0000 error: No key file(s) for entry 192.168.33.3 were found on the filesytem

      root@hub:/var/cfengine/ppkeys# cf-key -s
      Direction IP Name Last connection Key
      Incoming 192.168.33.4 - Fri May 2 16:11:01 2014 SHA=79af661d9946130ddb02abd10ecc8efbf6f2d58567d7a3cda0d4d63e39266121
      Outgoing 192.168.33.4 - Fri May 2 16:10:22 2014 SHA=79af661d9946130ddb02abd10ecc8efbf6f2d58567d7a3cda0d4d63e39266121
      Incoming 192.168.33.2 - Fri May 2 16:10:22 2014 SHA=833a430ebb18357ef16afc2a07271d32f97e7fc7ea9224114e0685485cd38235
      Outgoing 192.168.33.2 - Fri May 2 16:10:22 2014 SHA=833a430ebb18357ef16afc2a07271d32f97e7fc7ea9224114e0685485cd38235
      Incoming 192.168.33.4 - Wed Apr 30 22:41:16 2014 SHA=859eb2359f0bb50d00e5814bf4832d142c8d561f17b9a6ba803666932ca430fb
      Outgoing 192.168.33.4 - Wed Apr 30 22:40:43 2014 SHA=859eb2359f0bb50d00e5814bf4832d142c8d561f17b9a6ba803666932ca430fb
      Total Entries: 6

      root@hub:/var/cfengine/ppkeys# ls
      localhost.priv root-SHA=833a430ebb18357ef16afc2a07271d32f97e7fc7ea9224114e0685485cd38235.pub
      localhost.pub root-SHA=859eb2359f0bb50d00e5814bf4832d142c8d561f17b9a6ba803666932ca430fb.pub
      root-SHA=79af661d9946130ddb02abd10ecc8efbf6f2d58567d7a3cda0d4d63e39266121.pub >>>>root-SHA=e718870a82d99d56b2559c01a4f00cfef8d9f101efd433e86e54f87e0227b918.pub<<<<<
      </pre>

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                a10039 Hichame Jeffali (Inactive)
                Reporter:
                jiraadmin Old User (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Summary Panel