Install failure
Brought to you by:
ibmopenssh,
jyotibt
Menu
▾
▴
#2 Install failure
sbkdjgiprd# oslevel -r
5300-01
sbkdjgiprd# rpm -qa | grep openssl
openssl-0.9.7d-2
openssl-doc-0.9.7d-2
sbkdjgiprd# ls openssl*
openssl-0.9.7d-2.aix5.1.ppc.rpm
openssl-doc-0.9.7d-2.aix5.1.ppc.rpm
(These are the only ones available at
https://www14.software.ibm.com/webapp/iwm/web/reg/do
wnload.do?source=aixtbx&S_PKG=dlaixww&cp=ISO-
8859-1)
sbkdjgiprd# lppchk -v openssh.base.server
lppchk: The following filesets need to be installed or
corrected to bring
the system to a consistent state:
openssh.base.server 3.8.0.5302 (usr:
COMMITTED, root: not installed)
Here's the error when I attempted the installation :
. . . . . << End of copyright notice for openssh.base
>>. . . .
RSA key generation
failed
instal: Failed while executing
the ./openssh.base.server.post_i
script.
0503-464 installp: The installation has FAILED for
the "root" part
of the following
filesets:
openssh.base.server
3.8.0.5302
installp: Cleaning up software
for:
openssh.base.server 3.8.0.5302
Logged In: NO
Seems that under some conditions, AIX will
create /dev/random and /dev/urandom with the wrong major
number.
Check what it *should* be with
odmget CuDvDr | grep -p random
"value2" is the major number. Check the devices:
ls -l /dev/*random
If the major numbers do not match what's in CuDvDr,
delete /dev/random and /dev/urandom, reboot, then re-try the
OpenSSH install (remove the failed attempt first).
Logged In: YES
user_id=1169276
Remove /dev/random and /dev/urandom files and reboot the
system.
Logged In: NO
I too am getting an install failure with a 5.2 machine. I
have installed openssl, and then when I try to install the
openssh 5.2.tar.Z file, all of the filesets are installed
EXCEPT the openssh.base.server which fails and gets cleaned.
At this point, I can do a 'which ssh' command and it retuns
/usr/bin/ssh. When I execute 'ssh -l root someMachine' I
get an error that says "PRNG not seeded". If I try to ssh
to this machine, I get a "Connection refused" error.
My /dev/*random files have the correct permissions and major
numbers. I've tried removing them, rebooting, and then
uninstalling the ssh filesets that were successful and
reinstalling it again, but that still gives me the same
error! The base.server fileset still fails. I have
verified twice that I am on a 5.2 system and am using the
5.2 .tar.Z file. I noticed I was at ML0 so I updated to
ML4 and it still fails. Any ideas?
Logged In: NO
This has to do with the random devices in /dev major #'s
mismatch with what the ODM believes them to be.
To check the ODM :
cd /etc/objrepos
odmget CuDvDr|grep -p random # the "value2" field holds
the random # ODM thinks it should be
To check the random devices :
ls -alt /dev/*random
If the major #'s in the ODM mismatch the devices do :
/usr/sbin/randomctl -u # this stops the random generator)
rm -rf /dev/*random
/usr/sbin/randomctl -l # this rebuilds the devices
Logged In: NO
Well I have now had this same problem on several 5.2
systems. Everytime it happens, I run the odmget command,
and check the output of "ls -alt /dev/*random" and it ALWAYS
looks fine. If I go ahead and run the randomctl -u, rm the
/dev/*random, and then randomctl -l and then
reboot...everything magically works once the system finally
comes back up. It doesn't work however if I just execute
those 3 commands WITHOUT a reboot. Something quirky is
going on. Everything looks normal, but I always have to run
those 3 commands and reboot for it to work, even though
after the reboot, the output of the odmget and ls -alt
commands are identical to what they were before the reboot.
It seems like something's getting out of sync.