Establish A Trust Relationship problem

[HOSTFORWEB]

Hi,
I am now on my second server. I want to use my server #1 nameservers on my second server.
What I did.

On the second server:
1. Edit Setup
2. Master Nameserver - added IP of my first server.
Primary Nameserver: ns.myfirstserver.com
Secondary Nameserver: ns2.myfirstserver.com
3. &Establish A Trust Relationship With a Primary Nameserver&
and here I get problems. It asked for root pass. Ok. Do it.
WHM replies:
&spawn scp /root/.sshscript root@66.197.132.115:/root/.sshscript


spawn /usr/bin/ssh root@66.197.132.115 /bin/sh /root/.sshscript
Trust Relationship Created!&

This happened with any root or without. So root has no rule here.
4. &Synchronize DNS Records With Primary Nameserver&:

WHM replies:
&Rebuilding DNS Zones List from master server .....
You have no controlling tty. Cannot read passphrase.
ndc: reload command successful
Rebuild Complete&


Please help!
Thank you.

[rastoma]

why do so many questions go unanswered here in this forum? if a solution has been found and sent privately why not include it here for the rest of us? i'm having the same problem and it would be great to see the answer instead of posting the same quesitons again.

[jumpdomain]

Hello,

Are you sure the transfer failed? The error about no tty happens all the time but the transfer still occurs.

[rastoma]

[quote:7449b95109][i:7449b95109]Originally posted by jumpdomain[/i:7449b95109]

Hello,

Are you sure the transfer failed? The error about no tty happens all the time but the transfer still occurs.
[/quote:7449b95109]

As far as mine is concerned no it didn't transfer.

[jumpdomain]

Do you see the key for the secondary name server in the /root/.ssh/authorized_keys file?

[rastoma]

[quote:08e327e598][i:08e327e598]Originally posted by jumpdomain[/i:08e327e598]

Do you see the key for the secondary name server in the /root/.ssh/authorized_keys file?
[/quote:08e327e598]


no.. i checked and see no file or entry called authorized_keys

how does that get created?

[jumpdomain]

I might not of been clear... On the master DNS server machine, do you have this file with the secondary name server key in:
/root/.ssh/authorized_keys

Then on the secondary name server machine, do you have this file:
/root/.ssh/identity.pub

[Bravo]

I was having the exact same problem, here's a step by step how I got it working:

Say, you have server1, which contains your web site www.domain.com and the associated nameservers, ns1.domain.com & ns2.domain.com.
Now, you are bringing online a second server and you want ns1.domain.com to be on server1 (master) and ns2.domain.com to be on server 2 (slave).

1. In WHM on server2: Edit Setup:
Master Nameserver: enter the IP address of ns1.domain.com
Primary Nameserver: ns1.domain.com
Secondary Nameserver: ns2.domain.com

2. Pick a free IP address on server2 (I reserve my nameserver IP's but I don't think this is significant)

3. On server1, edit the DNS zone for domain.com and change the IP address in the A record of ns2.domain.com to the one obtained in step 2 above.

4. On server2, go to DNS Functions: Establish A Trust Relationship With a Primary Nameserver. You will be asked for the root password of the Master Nameserver

5. On server2, Synchronize DNS Records With Primary Nameserver: You may get a tty error, but I found that it works anyway.

6. On server2: Edit a DNS Zone You should now see all zones from server1.

7. Go to the web site of the registrar where you registered domain.com, and change the nameserver registration record for ns2.domain.com to point to the corresponding IP on server2.

Done!

[rastoma]

thank you for the suggestion, but I tried it and it doesn't work on my servers.

[AlaskanWolf]

likewise here, doesnt work, i get the passphrase doesnt work and i looked in /root/.ssh and nothing is in there other then known_hosts2


during inital setup i get

spawn scp /root/.sshscript root@64.71.176.102:/root/.sshscript
spawn /usr/bin/ssh root@64.71.176.102 /bin/sh /root/.sshscript
Trust Relationship Created!

but still the passphrase error on syncing

[bert]

This is quite easy to do manually:

First you need to generate a key in your secondary server (in case you don't have it):

root& ssh-keygen

Once you are done with that, go inside /root/.ssh and look for identity.pub there. If you can see it, then do this from your secondary server:

root& scp /root/.ssh/indentity.pub serverX:/root/.ssh/identity.ns2

Change serverX above for the name of your primary DNS server.

Then go into your primary name server:

root& cd /root/.ssh
root& cat identity.ns2 && authorized_keys

This should do it for you.

[rastoma]

bert... you're a genious!!!!

it worked... thanks.

it's amazing how long it took to get this info... not from you bert but just from the forum in general. hopefully this will allow people to start fixing their trust problems.

[kwimberl]

I noticed today that ssh-keygen seems to have updated and now require a key type to be specified. Here's the new command:

ssh-keygen -t rsa

That should do it for you. :-)

[bert]

Hi rastoma,

Sorry I missed your post. I am glad it is working for you. I had a problem similar and it was the ssh config that had the wrong version. I was really going crazy with it

[bert]

[quote:9487c91171][i:9487c91171]Originally posted by kwimberl[/i:9487c91171]

I noticed today that ssh-keygen seems to have updated and now require a key type to be specified. Here's the new command:

ssh-keygen -t rsa

That should do it for you. :-)[/quote:9487c91171]

Actually, you need to do this:

ssh-keygen -t rsa1

Make sure you use rsa1, otherwise you will not be able to connect to other servers that had the key generated before the update.