pmgtunnel cannot use -L

May 20, 2017
174
18
83
Netherlands
cyberfusion.io
I'm seeing this on my cluster nodes:

Code:
Nov  2 17:35:14 mgw0-1 sshd[14200]: Received request to connect to path /var/run/postgresql/.s.PGSQL.5432, but the request was denied.

I copied the default `/etc/ssh/sshd_config` from a default Proxmox Mail Gateway ISO install, but I'm still seeing this error. Is there anything I should do other than using default SSH settings to get pmgtunnel's socket map to work?
 
please post your:
/etc/ssh/sshd_config
/etc/ssh/ssh_config (systemwide client settings)
/root/.ssh/config (client settings for root)
and the beginning of all keys in /root/.ssh/authorized_keys (in case you've set options on the ssh_key)
 
please post your:
/etc/ssh/sshd_config
/etc/ssh/ssh_config (systemwide client settings)
/root/.ssh/config (client settings for root)
and the beginning of all keys in /root/.ssh/authorized_keys (in case you've set options on the ssh_key)

sshd_config: https://pastebin.com/raw/vRZiBDG4

ssh_config: https://pastebin.com/raw/jg6gyMRY

Nothing has been changed to them after doing a fresh PMG install from the PMG ISO.

authorized_keys contains two keys added by Ansible, and the keys for the cluster nodes (added automatically). None of these keys have options.

Thanks!
 
the ssh-configs look ok

authorized_keys contains two keys added by Ansible, and the keys for the cluster nodes (added automatically). None of these keys have options.
hmm - can you ssh between the cluster-nodes? (without entering a password)?
can you forwards TCP connections (-L) with such a ssh session?
 
is postgres running? (does the socket '/var/run/postgresql/.s.PGSQL.5432' exist and accept connections)?

does the issue persist after restarting postgresql, pmgtunnel, pmgmirror?
 
hmm - sounds odd - try enabling verbose logging in sshd - maybe this will point to the culprit
(LogLevel DEBUG2 - but check the manpage and keep in mind, that this will log potentially sensitive information - when posting)