Warm Spare backup - can't connect to primary PBX

I rebuilt my warm spare server lately. I am now setting up the warm spare backup and having issues. I get the error “Something went wrong when connecting to remote server. Aborting!”

Here is my ssh output when I set up the ssh access .107 is my warm spare server, .109 is my primary PBX

Current Network Configuration
±----------±------------------±--------------------------+
| Interface | MAC Address | IP Addresses |
±----------±------------------±--------------------------+
| eth0 | 68:05:CA:2D:8F:63 | 192.168.1.107 |
| | | fe80::6a05:caff:fe2d:8f63 |
±----------±------------------±--------------------------+

Please note most tasks should be handled through the GUI.
You can access the GUI by typing one of the above IPs in to your web browser.
For support please visit:
http://www.freepbx.org/support-and-professional-services

[[email protected] ~]# sudo -u asterisk ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/asterisk/.ssh/id_rsa):
/home/asterisk/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/asterisk/.ssh/id_rsa.
Your public key has been saved in /home/asterisk/.ssh/id_rsa.pub.
The key fingerprint is:
cc:0a:41:05:f8:37:b5:54:a7:91:a6:c4:42:97:01:bf [email protected]
The key’s randomart image is:
±-[ RSA 2048]----+
| .o++oo+o… |
| … .o* o+ |
| … =.+. |
| …ooo. |
| … .E |
| . . |
| . |
| |
| |
±----------------+
[[email protected] ~]# sudo -u asterisk ssh-copy-id -i /home/asterisk/.ssh/id_rsa.pub [email protected]
[email protected]’s password:
Now try logging into the machine, with “ssh ‘[email protected]’”, and check in:

.ssh/authorized_keys

to make sure we haven’t added extra keys that you weren’t expecting.

[[email protected] ~]# ssh -i /home/asterisk/.ssh/id_rsa [email protected]
Last login: Mon Oct 30 19:04:24 2017 from 192.168.1.107


| | __ ___ | _ | __ ) / /
| |
| '
/ _ / _ \ |
) | _ \ /
| || | | __/ __/ __/| |) / \
|
| |
| _|_|| |__//_\

NOTICE! You have 1 notifications! Please log into the UI to see them!

Current Network Configuration
±----------±------------------±--------------------------+
| Interface | MAC Address | IP Addresses |
±----------±------------------±--------------------------+
| eth0 | 68:05:CA:2D:B6:E6 | 192.168.1.109 |
| | | fe80::6a05:caff:fe2d:b6e6 |
| eth1 | 00:21:97:6A:9C:3F | |
±----------±------------------±--------------------------+

Please note most tasks should be handled through the GUI.
You can access the GUI by typing one of the above IPs in to your web browser.
For support please visit:
http://www.freepbx.org/support-and-professional-services

[[email protected] ~]#

Error in UI when trying to run the backup

functions.inc.php(48) :=log_dir’/var/log/asterisk’
Initializing Backup 2
functions.inc.php(48) :=log_dir’/var/log/asterisk’
Connecting to remote server…
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
functions.inc.php(48) :=log_dir’/var/log/asterisk’
Something went wrong when connecting to remote server. Aborting!

This worked before I rebuilt the server. I have tried deleting the keys and retrying but can’t get it to work.

Even just trying to SSH from the warm backup to the primary doesn’t work.

[[email protected] ~]# ssh [email protected]
ssh: connect to host 192.168.1.109 port 22: Connection refused
[[email protected] ~]#

Is there a way to do a clean erase of the connecton between servers so I can start fresh? I feel like that may fix it.

maybe probing with

ssh -vvv [email protected] will give you a clue . . .

e.g.

ssh -vvv [email protected]

I’m not sure how to read this, but here is the output.

[[email protected] ~]# ssh -vvv [email protected]
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.1.109 [192.168.1.109] port 22.
debug1: connect to address 192.168.1.109 port 22: Connection refused
ssh: connect to host 192.168.1.109 port 22: Connection refused
[[email protected] ~]#

I’m getting some really odd behavior now. I have an SSH terminal open for my warm spare (.107). If I log in to the UI on my primary PBX (.109) and disable the firewall the SSH session for my warm spare reacts. The SSH for the warm spare also reacts when I shut down my primary PBX.

[[email protected] ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 68:05:CA:2D:8F:63
inet addr:192.168.1.107 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::6a05:caff:fe2d:8f63/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:11753 errors:0 dropped:0 overruns:0 frame:0
TX packets:6979 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1306868 (1.2 MiB) TX bytes:2679770 (2.5 MiB)
Interrupt:17 Memory:febe0000-fec00000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:24323 errors:0 dropped:0 overruns:0 frame:0
TX packets:24323 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2247010 (2.1 MiB) TX bytes:2247010 (2.1 MiB)

[[email protected] ~]#
Broadcast message from [email protected] (Mon Oct 30 20:49:12 2017):

Firewall has been disabled. Shutting down.

Broadcast message from [email protected] (Mon Oct 30 20:49:17 2017):

Firewall service now starting.

Broadcast message from [email protected]
(unknown) at 20:49 …

The system is going down for reboot NOW!
packet_write_wait: Connection to UNKNOWN port -1: I/O error
NaCl plugin exited with status code 255.
®econnect, ©hoose another connection, or E(x)it?
failed!

I’ve rebooted my primary PBX. I can now SSH from my warm spare to my primary, but it asks for a password each time. I re-ran the warm spare set up commands and it still asks for a password:

[[email protected] ~]# ssh [email protected]
[email protected]’s password:
Last login: Mon Oct 30 20:55:02 2017 from 192.168.1.107

Got it fixed. Not sure how, but it works now.