APAR status
Closed as program error.
Error description
Problem Summary: tinti # /usr/Tivoli1/bin/aix4-r1/bin/winstlcf -j -d /usr/Tivoli/lcf -g tinti1.dk+9494 "meg01 root" Trying meg01... password for root: Could not determine INTERP for host meg01. Remote error: (null) (null) (null) (null) Standard Error: Host key verification failed. LCF Install failed for the following machines: (see lcfhost.err) meg01 Note: SSH access verification already working without any problems. Support engineer analysis: the problem we are facing is with ssh requiring to add new host keys to the $HOME/.ssh/known_hosts file. The first time ssh command is executed a new RSA key is created and added to know_hosts file together with the host name target of the command. Output looks like: [root@nc123041]/=> ssh -l root nc123041 "echo ALEX" The authenticity of host 'nc123041 (9.168.123.41)' can't be established. RSA key fingerprint is e6:db:da:e0:38:2e:e3:0c:38:18:6a:be:70:e9:26:95. Are you sure you want to continue connecting (yes/no)? I type yes, host become a "know_host" and next time command is executed without any question. In customer environment know_host file contains hosts meg01,173.18.55.40 If you manually run ssh -l root meg01 "echo Alex" or ssh -l root 173.18.55.40 "echo Alex" command is executed; but, if you run ssh -l root meg01.us.mach.com "echo Alex" command is not executed until customer type "Yes" In line 2007 of winstlcf hostname you pass to the script is converted to its full DNS name: ($g_host,$aliases,$type,$len,@that_addr) = gethostbyname($g_host); so, the command ssh is run against meg01.dk.mach.com and not meg01. meg01.us.mach.com is not in the know_host file and command is not executed. To avoid that I have added to the script the option StrictHostKeyChecking=no to automatically add the host and script should works. You can see the difference running: ssh -l root megs01.dk.mach.com "echo Alex" and ssh -o StrictHostKeyChecking=no -l root megs01.dk.mach.com "echo Alex"
Local fix
Problem summary
n
Problem conclusion
The fix for this APAR is contained in or will be included in the following maintenance packages: Interim Fix 4.1.1-TMF-0132
Temporary fix
n
Comments
APAR Information
APAR number
IV36031
Reported component name
MGMT. FRAMEWORK
Reported component ID
5698FRA00
Reported release
411
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2013-01-29
Closed date
2013-03-26
Last modified date
2013-03-26
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
N
Fix information
Fixed component name
MGMT. FRAMEWORK
Fixed component ID
5698FRA00
Applicable component levels
R411 PSY
UP
R431 PSY
UP
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSXLSW","label":"Tivoli Management Framework"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"411","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]
Document Information
Modified date:
26 March 2013