[OPENAM-13215] Step Required for Amster Private Key Connections Created: 14/Jun/18  Updated: 18/Jun/18  Resolved: 18/Jun/18

Status: Closed
Project: OpenAM
Component/s: Amster
Affects Version/s: 6.0.0
Fix Version/s: None

Type: Bug Priority: Minor
Reporter: William Hepler Assignee: Unassigned
Resolution: Duplicate Votes: 0
Labels: documentation
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Amster 6.0.0
Openam 6.0.0


Issue Links:
Duplicate
duplicates OPENAM-11134 Amster: Remove the 'from' option in a... Resolved
Rank: 1|hzw4uf:
Support Ticket IDs:

 Description   

Bug description

To use the https://backstage.forgerock.com/docs/amster/6/user-guide/#private-login you must edit the /path/to/openam/authorized_keys and  /path/to/openam/amster_rsa.pub
to use your actual ip instead of localhost.127.0.0.0/24 

Documentation could add a step to clarify this requirement.

How to reproduce the issue

To Recreate In a fresh AM 6.0

  1. Run Amster.sh
  2. try connect -k /data/openam/amster_rsa https://XXX/openam
  3. You will fail with a 401 error
  4. Edit the /path/to/openam/authorized_keys and  /path/to/openam/amster_rsa.pub to use your current IP such as:
    from="172.16.207.107,::1" ssh-rsa
  5. Now you can connect
Expected behaviour
Documenation list this as no steps required, They do say: "The private key must be available to the Amster client, and the AM instance must trust the client IP address and have the public key in its authorized_keys file." but could be clarified as a required step
Current behaviour
Key#cidrMatches: checking IPv4 address 172.16.207.107 is in range 127.0.0.0/24
amLoginModule:06/14/2018 05:03:06:422 PM CDT: Thread[http-nio-8080-exec-11,5,main]: TransactionId[14c31976-9642-4f2d-9395-15564144faa9-7685529]
SETTING Failure Module name.... :Amster{...}

From Amster:

Unexpected response from OpenAM 
[code:401, reason:Unauthorized, message:Authentication Failed]

Work around

Edit the /path/to/openam/authorized_keys and  /path/to/openam/amster_rsa.pub to use your current IP

 


Generated at Mon Mar 01 10:14:06 UTC 2021 using Jira 7.13.12#713012-sha1:6e07c38070d5191bbf7353952ed38f111754533a.