Highlighted
New Member..
New Member..
2111 views

RTE SSH Script - RSA2 fingerprint security key - TE_connect timeout

Jump to solution

Hello everyone,

 

I'm currently working on a RTE script which is connecting through a SSH connection to a UNIX server, in order to perform some commands before logging out. The target is to be able to run several hundreds of VUsers at the same time.

 

When I execute the script for the first time through VUGen, I'm notified that the RSA2 fingerprint of the UNIX server is unknown to this station and I'm asked to decide whether or not I really want to connect to this server. I'm asked to cache the security key into the Windows registry so that I'm not prompted for the same decision over and over again.

 

The obvious choice is to store the RSA2 fingerprint into the registry. Later on, the script runs fine, and I'm not prompted about this security key again.

 

However, when I try to run the script from Performance Center (with 1 VUser), I have a timeout error for the TE_connect step that I'm pretty sure is coming from the lack of decision regarding the RSA2 fingerprint. I found some previous thread about the very same issue, but it lacks a solution : http://h30499.www3.hp.com/t5/Performance-Center-Support-and/Vugen-RTE-prtotocol-script-unable-to-execute-from-Performance/m-p/4788207/highlight/true#M14576

 

So I'm wondering, how can I disable this warning ?

If it can't be disabled, how can I make the VUsers to automatically accept the RSA2 fingerprint ?

If it can't be automatically accepted by the VUsers, where do I have to manually store the RSA2 fingerprint into the registry so that the VUsers fired up by Performance Center aren't prompted to accept it ? (the location of the prints accepted through the Ericom Software emulator that comes along with VUGen is : HKEY_CURRENT_USER\Software\Ericom Software\SSH\SshHostKeys)

 

Thanks a lot for any help.

 

Matthieu

Tags (1)
0 Likes
1 Solution

Accepted Solutions
Highlighted
New Member..
New Member..

Re: RTE SSH Script - RSA2 fingerprint security key - TE_connect timeout

Jump to solution

In the end, it was pretty simple. I had it right about the registry key, but I was wrong about the location of the key in the registry. If you're running the Performance Center agent with the local default system account, do the following :

1. Run the script once from VUGen
2. Start the Registry Editor (regedit), and go to HKEY_CURRENT_USER\Software\Ericom Software\SSH\SshHostKeys
3. Export the RSA registry key (File > Export)
4. Edit the registry export file with Notepad, replace "HKEY_CURRENT_USER\Software\Ericom Software\SSH\SshHostKeys" with "HKEY_LOCAL_MACHINE\Software\Ericom Software\SSH\SshHostKeys", and save
5. Double-click on the registry export file to apply the new key to the registry

If you're running the Performance Center agent with a specific user, do the same as before until step 4. Then follow these steps :
4. Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
5. Each subfolder contains information about every user. Look at each ProfileImagePath key until you find the user which runs the Performance Center Agent service. Write down the name of this registry subfolder (should be something like S-1-5-**-********-*********-********).
6. Edit the registry export file with Notepad, replace "HKEY_CURRENT_USER\Software\Ericom Software\SSH\SshHostKeys" with "HKEY_USERS\{ProfileFolder}\Software\Ericom Software\SSH\SshHostKeys", and save (where {ProfileFolder} is what you wrote down during step #4)
7. Double-click on the registry export file to apply the new key to the registry

View solution in original post

3 Replies
Highlighted
New Member..
New Member..

Re: RTE SSH Script - RSA2 fingerprint security key - TE_connect timeout

Jump to solution

In the end, it was pretty simple. I had it right about the registry key, but I was wrong about the location of the key in the registry. If you're running the Performance Center agent with the local default system account, do the following :

1. Run the script once from VUGen
2. Start the Registry Editor (regedit), and go to HKEY_CURRENT_USER\Software\Ericom Software\SSH\SshHostKeys
3. Export the RSA registry key (File > Export)
4. Edit the registry export file with Notepad, replace "HKEY_CURRENT_USER\Software\Ericom Software\SSH\SshHostKeys" with "HKEY_LOCAL_MACHINE\Software\Ericom Software\SSH\SshHostKeys", and save
5. Double-click on the registry export file to apply the new key to the registry

If you're running the Performance Center agent with a specific user, do the same as before until step 4. Then follow these steps :
4. Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
5. Each subfolder contains information about every user. Look at each ProfileImagePath key until you find the user which runs the Performance Center Agent service. Write down the name of this registry subfolder (should be something like S-1-5-**-********-*********-********).
6. Edit the registry export file with Notepad, replace "HKEY_CURRENT_USER\Software\Ericom Software\SSH\SshHostKeys" with "HKEY_USERS\{ProfileFolder}\Software\Ericom Software\SSH\SshHostKeys", and save (where {ProfileFolder} is what you wrote down during step #4)
7. Double-click on the registry export file to apply the new key to the registry

View solution in original post

Highlighted
Absent Member.. Absent Member..
Absent Member..

Re: RTE SSH Script - RSA2 fingerprint security key - TE_connect timeout

Jump to solution

I dont write in to these forums often but I just wanted to thank you for your post.  After HOURS of trying to find out why my new ssh vugen scripts wouldnt work, this posting did the trick!

0 Likes
Highlighted
Absent Member.
Absent Member.

Re: RTE SSH Script - RSA2 fingerprint security key - TE_connect timeout

Jump to solution

Even after performing these steps ..I am unable to run my scripts in performance center...Can you please explain..were u able to run it on Performance Center..

 

I am still getting this error:---


Error: TE_connect failed after 1 tries. Retrying Reason: Unable to connect to host. The error message is: Connection closed by host.

During connection of comm-type = telnet;host-name = test565;telnet-port = 22;terminal-id = ;set-window-size = true;security-type = ssh;ssh-type = ssh2;ssh-show-info = false;ssh-show-login-dialog = false;ssh-cipher = 3DES;ssh-enable-compression = false;ssh-enable-x11 = false;ssh-attempt-tis = false;ssh-allow-agent = false;ssh-keyboard-interactive = false;ssh-key-file = ;ssh-username = ;terminal-type = vt420-7;terminal-model = vt220;login-command-file = ;terminal-setup-file = ;

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.