How to preserve the ssh public key during a reimage of a TIBCO LogLogic LMI appliance
Article ID: KB0077096
Updated On:
| Products | Versions |
|---|---|
| TIBCO LogLogic Log Management Intelligence | all versions |
Description
If an LMI appliance needs re-imaged (for physical, or an OVA re-deployed in the case of a VM) and it performs file collections via SSH then it is recommended to preserve the SSH files to avoid a new key having to be deployed to all the log sources that LMI connects to and to avoid having to rebuild the authorized_keys file and known_hosts.
Issue/Introduction
This article provides the procedure for saving the ssh keys to reuse them after reimaging a TIBCO LogLogic LMI appliance.
Environment
Users must have the ability to SSH to the appliance as 'toor' user.
Resolution
Backup all the files under the /root/.ssh directory to another server. Then restore the same files back to the appliance after the re-image procedure has completed:
Logapp root:~/.ssh $ ls -l
-rw-r--r-- 1 root root 1222 Jan 12 16:35 authorized_keys
-rw------- 1 root root 672 Jan 12 10:44 id_dsa
-rw-r--r-- 1 root root 611 Jan 12 10:44 id_dsa.pub
-rw-r--r-- 1 root root 393 Jan 12 16:35 known_hosts
In addition, starting with version 6.2.0 LMI performs file collections as the logapp user rather than root. The logapp ssh keys are identical to root's so when restoring root's ssh keys after a reimage the logapp user's files should also be restored using the same files. These are located in /loglogic/logapp/.ssh. See below for file permissions.
Logapp root:/loglogic/logapp/.ssh 0$ ls -la
total 24
drwxr-xr-x 2 logapp logapp 4096 May 16 17:39 .
drwx------ 3 logapp logapp 4096 May 16 17:39 ..
-rw------- 1 logapp logapp 668 May 16 17:39 id_dsa
-rw------- 1 logapp logapp 601 May 16 17:39 id_dsa.pub
-rw------- 1 logapp logapp 3243 May 14 11:09 id_rsa
-rw------- 1 logapp logapp 739 May 14 11:09 id_rsa.pub
Logapp root:~/.ssh $ ls -l
-rw-r--r-- 1 root root 1222 Jan 12 16:35 authorized_keys
-rw------- 1 root root 672 Jan 12 10:44 id_dsa
-rw-r--r-- 1 root root 611 Jan 12 10:44 id_dsa.pub
-rw-r--r-- 1 root root 393 Jan 12 16:35 known_hosts
In addition, starting with version 6.2.0 LMI performs file collections as the logapp user rather than root. The logapp ssh keys are identical to root's so when restoring root's ssh keys after a reimage the logapp user's files should also be restored using the same files. These are located in /loglogic/logapp/.ssh. See below for file permissions.
Logapp root:/loglogic/logapp/.ssh 0$ ls -la
total 24
drwxr-xr-x 2 logapp logapp 4096 May 16 17:39 .
drwx------ 3 logapp logapp 4096 May 16 17:39 ..
-rw------- 1 logapp logapp 668 May 16 17:39 id_dsa
-rw------- 1 logapp logapp 601 May 16 17:39 id_dsa.pub
-rw------- 1 logapp logapp 3243 May 14 11:09 id_rsa
-rw------- 1 logapp logapp 739 May 14 11:09 id_rsa.pub
Feedback
Yes
No
Powered by
