netopeer2: Callhome Failed to set hostkey "genkey"

I try to test a callhome procedure but met a ssh problem. version: sysrepo 1.4.58 netopeer2 1.1.27 libssh 0.9.2 (from /usr/local/include/libssh/libssh.h) In fact,I really think the merge_hostkey.sh should be executed during installation because I can saw the running data of ietf-keystore after installation. But I can not find the genkey file in my system by find / -name genkey*.So I generated the key pair by myself,use the ssh-keygen command: ssh-keygen -t rsa -b 2048 -N ‘’ -C “cpesn” -f genkey -q The key pair was copied into /etc/ssh. After this,I modifed the ssh_callhome.xml, pasted the private key and public key into hostkey_config.xml,some of the details are as follows: ssh_callhome.xml

                        <ssh-server-parameters>
                            <server-identity>
                                <host-key>
                                    <name>genkey</name>
                                    <public-key>
                                        <keystore-reference>genkey</keystore-reference>
                                    </public-key>
                                </host-key>
                            </server-identity>
                            <client-authentication>
                                <supported-authentication-methods>
                                    <publickey/>
                                    <passsword/>
                                    <other>interactive</other>
                                </supported-authentication-methods>
                                <users/>
                            </client-authentication>
                        </ssh-server-parameters>

hostkey_config.xml

<keystore xmlns="urn:ietf:params:xml:ns:yang:ietf-keystore">
  <asymmetric-keys>
    <asymmetric-key>
      <name>genkey</name>
      <algorithm>rsa2048</algorithm>
      <public-key>Don't show details</public-key>
      <private-key>Don't show details</private-key>
    </asymmetric-key>
  </asymmetric-keys>
</keystore>

Re-run sysrepo-plugind and netopeer2-server, it went to callhome procedure but Failed to set hostkey,the output as follows:

[INF]: LN: Call Home client "rohc" connecting...
[INF]: LN: Trying to connect via IPv4 to 192.168.1.21:6666.
[INF]: LN: Successfully connected to 192.168.1.21:6666 over IPv4.
[INF]: SR: Session 21 (user "root") created.
[ERR]: LN: Failed to set hostkey "genkey" (/tmp/snSMmf).
[INF]: LN: Trying to connect via IPv4 to 192.168.1.21:6666.
[INF]: LN: Successfully connected to 192.168.1.21:6666 over IPv4.
[INF]: SR: Session 22 (user "root") created.
[ERR]: LN: Failed to set hostkey "genkey" (/tmp/c3gZRq).
[INF]: LN: Trying to connect via IPv4 to 192.168.1.21:6666.
[INF]: LN: Successfully connected to 192.168.1.21:6666 over IPv4.
[INF]: SR: Session 23 (user "root") created.
[ERR]: LN: Failed to set hostkey "genkey" (/tmp/LeTyHF).

I’m confused about the error path /tmp/***,why is not /root/.ssh or /etc/ssh or /usr/local/etc/keystored/keys/?Which one should be the correct one? Is my step wrong?Any help would be appreciated!

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Comments: 24 (11 by maintainers)

Most upvoted comments

HI Wang,

If I generate a key myself,should I need to add it into ietf-keystore?I guess yes.

Yes, you must add it there yourself, using sysrepocfg, for example.

Buf if I add generated key myself,can netopeer2 identify it correctly?

Well, as long as it is inserted in the expected PEM format.

Regards, Michal

+1
michalvasko on Aug 3, 2020

Hi, right, do not worry about that because the key in ietf-keystore (ASN.1 DER encoded in base64, PEM format) uses different format that what you see in ODL (simply OpenSSH format, but there may be some more exact term), the keys are the same.

Regards, Michal

+1
michalvasko on Aug 3, 2020
Read more comments on GitHub
← netopeer2: callback failed
netopeer2: Cannot login via netconf →