#8975 pkgs01.iad2 port 22 times out
Closed: Fixed 2 months ago by pingou. Opened 2 months ago by pingou.

When pointing to proxy01.iad2 in my /etc/hosts file, I get:

$ git clone ssh://pingou@pkgs.fedoraproject.org/rpms/datagrepper.git
Cloning into 'datagrepper'...
ssh: connect to host pkgs.fedoraproject.org port 22: Connection timed out
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

Could it be that the port 22 is not open?


test:

[smooge@smoogen-laptop ansible (master)]$ ssh pkgs-iad.fedoraproject.org
key_cert_check_authority: invalid certificate
Certificate invalid: name is not a listed principal
The authenticity of host 'pkgs-iad.fedoraproject.org (<no hostip for proxy command>)' can't be established.
RSA key fingerprint is SHA256:kI9IdFevyd8gvIbKALxDFNASLKyD/OYZTRnqTIAX1F0.
No matching host key fingerprint found in DNS.
RSA key fingerprint is MD5:7b:77:ba:3c:3e:6d:59:21:4c:cc:9c:80:04:24:0c:06.
No matching host key fingerprint found in DNS.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'pkgs-iad.fedoraproject.org' (RSA) to the list of known hosts.
Welcome smooge. This server does not offer shell access.
Connection to pkgs-iad.fedoraproject.org closed.

I took a git repo and edited to pull from pkgs-iad versus pkgs.fedoraproject.org and got the following:

[smooge@smoogen-laptop epel-release (epel8-playground)]$ git pull
key_cert_check_authority: invalid certificate
Certificate invalid: name is not a listed principal
Error during lookup request: status: 403
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

Metadata Update from @mohanboddu:
- Issue priority set to: Waiting on Assignee (was: Needs Review)
- Issue tagged with: groomed, high-gain, medium-trouble

2 months ago

Metadata Update from @smooge:
- Issue untagged with: medium-trouble
- Issue tagged with: high-trouble, pagure

2 months ago

I was testing using proxy01 in /etc/hosts basically the line: https://hackmd.io/op6N_nIaR7aMzw9Ib-sDAQ

So I'm now wondering if that's not the cause of my issue

ssh goes direct to the box. We have no way to proxy ssh connections... so package ssh pushes currently go direct to pkgs02's external ip, and likewise in iad2 they go to the external ip.

https does indeed use the proxies.

Is this solved now? Or still something to do / figure out?

I was able to clone and push, although the push didn't work 100% as the fedora-messaging git hook is crashing with a permission denied error that we need to figure out.

I'm going to open a ticket for that issue and close this one as fixed :)

I've update the hackmd file https://hackmd.io/op6N_nIaR7aMzw9Ib-sDAQ to mention how to test w/ the new pkgs.

Metadata Update from @pingou:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

2 months ago

Login to comment on this ticket.

Metadata