pmgtunnel cannot use -L

May 20, 2017
157
15
38
Netherlands
cyberfusion.nl
I'm seeing this on my cluster nodes:

Code:
Nov  2 17:35:14 mgw0-1 sshd[14200]: Received request to connect to path /var/run/postgresql/.s.PGSQL.5432, but the request was denied.

I copied the default `/etc/ssh/sshd_config` from a default Proxmox Mail Gateway ISO install, but I'm still seeing this error. Is there anything I should do other than using default SSH settings to get pmgtunnel's socket map to work?
 

Stoiko Ivanov

Proxmox Staff Member
Staff member
May 2, 2018
5,908
808
148
please post your:
/etc/ssh/sshd_config
/etc/ssh/ssh_config (systemwide client settings)
/root/.ssh/config (client settings for root)
and the beginning of all keys in /root/.ssh/authorized_keys (in case you've set options on the ssh_key)
 
May 20, 2017
157
15
38
Netherlands
cyberfusion.nl
please post your:
/etc/ssh/sshd_config
/etc/ssh/ssh_config (systemwide client settings)
/root/.ssh/config (client settings for root)
and the beginning of all keys in /root/.ssh/authorized_keys (in case you've set options on the ssh_key)

sshd_config: https://pastebin.com/raw/vRZiBDG4

ssh_config: https://pastebin.com/raw/jg6gyMRY

Nothing has been changed to them after doing a fresh PMG install from the PMG ISO.

authorized_keys contains two keys added by Ansible, and the keys for the cluster nodes (added automatically). None of these keys have options.

Thanks!
 

Stoiko Ivanov

Proxmox Staff Member
Staff member
May 2, 2018
5,908
808
148
the ssh-configs look ok

authorized_keys contains two keys added by Ansible, and the keys for the cluster nodes (added automatically). None of these keys have options.
hmm - can you ssh between the cluster-nodes? (without entering a password)?
can you forwards TCP connections (-L) with such a ssh session?
 

Stoiko Ivanov

Proxmox Staff Member
Staff member
May 2, 2018
5,908
808
148
is postgres running? (does the socket '/var/run/postgresql/.s.PGSQL.5432' exist and accept connections)?

does the issue persist after restarting postgresql, pmgtunnel, pmgmirror?
 

Stoiko Ivanov

Proxmox Staff Member
Staff member
May 2, 2018
5,908
808
148
hmm - sounds odd - try enabling verbose logging in sshd - maybe this will point to the culprit
(LogLevel DEBUG2 - but check the manpage and keep in mind, that this will log potentially sensitive information - when posting)
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!