---

FinFan wrote:

DNSSYM : Check DNS server symmetry : Warning
: Some DNS servers can not get srv list from domain.
: Some DNS servers not able to look up DC.

---

This is most probably the cause that lead the agent to stay in disconnected mode: i.e. unable to connect AD.

Once joined to AD using Centrify agent, your server/station become a resource of the Domain, and behave like any other resource: i.e. find available DC using DNS records.

If your server is pointing to DNS servers that does not reference all DC then the server will not be able to talk to AD properly.

First step is to make sure that the DNS servers configured for your Linux server are referencing your AD Domain.

Second step is to check the sanity of your DNS records and validate that all DNS servers reference AD services as they should do.

Hope that helps,

Fab

System Diagnostic

========Domain info map========

DC=domain1,DC=com

    CN              = domain1.COM

    SID             = S-1-5-21-583907252-1343024091-1708537768

    TRUST_ATTRS     = 0x20

    TRUST_DIRECTION = 3

    TRUST_TYPE      = 2

    NTLM NAME       = domain1

    LOCAL FOREST    = YES

DC=domain2,DC=net

    CN              = domain2.NET

    SID             = S-1-5-21-299284513-3343122069-2891062105

    TRUST_ATTRS     = 0x20

    TRUST_DIRECTION = 3

    TRUST_TYPE      = 2

    NTLM NAME       = domain2

    LOCAL FOREST    = YES

Domain Diagnostics:
Domain: domain1.com
DNS query for: _ldap._tcp.domain1.com
DNS query for: _gc._tcp.domain1.com
Testing Active Directory connectivity:
Global Catalog: 1
gc: 3268/tcp - good
Global Catalog: 2
gc: 3268/tcp - good
Global Catalog: 3
gc: 3268/tcp - good
Global Catalog: 4
gc: 3268/tcp - good
Global Catalog: 5
gc: 3268/tcp - good
Global Catalog: 6
gc: 3268/tcp - good
Global Catalog: 7
gc: 3268/tcp - good
Global Catalog: 8
gc: 3268/tcp - good
Global Catalog: 9
gc: 3268/tcp - good
Global Catalog: 10
gc: 3268/tcp - good
Global Catalog: 11
gc: 3268/tcp - good
Global Catalog: 12
gc: 3268/tcp - good
Global Catalog: 13
gc: 3268/tcp - good
Domain Controller: 1
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: 2
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: 3
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: 4
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: 5
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: 6
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: 7
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: 8
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: 9
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: 10
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: 11
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good

Hi there,

I'm trying to setup Xrdp to login from Windows stations to Ubuntu using Centrify SSO.

There is a post about doing the same with  CentOS HERE.

But the link to the instruction is broken, and I can't find any other article about it.

The client side of RDP is OK since I can do SSO login to Windows server

Tracing xrdp-sesman, I can see that it calls the Centrify PAM modules, but the login fails.

I think my problem is making Xrdp passing the correct credentials to xrdp-sesman.

Could anybody help me with that?

Thanks

Rafi

Hi all,

I've installed Centify Express DirectManage Deployment Manager (Version: 5.3.1.368) and run a discovery across one of our internal ranges. Picked up a number of machines as I expect. I've picked a non-intrusive target to test against.

I'm attempting to authenticate to it using a private key through the application.

• I know the private key is good, the passphrase is correct, there's no firewalls between my machine and the target.
• I can successfully authenticate using that same private key using the version of PuTTY in the "${InstallDir}\External\putty.exe". 
• I can successfully manually run the command that Centify Express DirectManage Deployment Manager is trying to connect with and it connects without issue:

...\External\putty.exe -ssh XXX.XXX.XXX.XXX -l root -i "z:\Path\to\my\private\key\privatekey.ppk" -P 22

However, when I try to "Refresh Computer Information" I get the following error in the "History" logs:

Wrong key format

Please ensure the user/password is correct, or the computer is not shut down or behind a firewall. You may also disable the ping feature in Network Options.

On the server, I see the following in /var/log/auth.log

sshd[13915]: fatal: Read from socket failed: Connection reset by peer [preauth]

In the Centify Express DirectManage Deployment Manager logs, I see the following:

[2016-08-19 16:59:17.070 +0100] mmc.exe[7116,1] Verbose: ReportNode`1.get_ResultPaneReady: Result pane column unmatching Time - Host Name
[2016-08-19 16:59:17.070 +0100] mmc.exe[7116,1] Verbose: ReportNode`1.get_ResultPaneReady: Result pane column unmatching Time - Host Name
[2016-08-19 16:59:17.123 +0100] mmc.exe[7116,1] Verbose: ReportNode`1.get_ResultPaneReady: Result pane column unmatching Time - Host Name
[2016-08-19 16:59:17.465 +0100] mmc.exe[7116,1] Verbose: ReportNode`1.get_ResultPaneReady: Result pane column unmatching Time - Host Name
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun: NetIO Exception for computer 'XXXXXXXXXX' IP 'XXXXXXXXXXXX'
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun: Details: Granados.SSHC.SSHException: Wrong key format
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun:    at Granados.SSHCV2.SSH2UserAuthKey.FromSECSHStyleStream(Stream strm, String passphrase)
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun:    at Granados.SSHCV2.SSH2Connection.UserAuth()
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun:    at Granados.SSHCV2.SSH2Connection.Connect(AbstractSocket s)
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun:    at Granados.SSHC.SSHConnection.ConnectMain(SSHConnectionParameter param, ISSHConnectionEventReceiver receiver, ProtocolNegotiationHandler pnh, AbstractSocket s)
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun:    at Centrify.NetIO.Ssh.Connection.Connect(String name, String user, String password, String identityFile, AuthenticationType authenticationType)
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun:    at Centrify.NetIO.Ssh.NetShell..ctor(String host, String identityFile, String user, String pass, Int32 timeout, TextWriter log, TerminalCallback callback, IEnumerable`1 commands, IEnumerable`1 expectPatterns, String targetPrompt, Int32 sshPort)
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun:    at Centrify.DeploymentManager.Task.ComputerTask.MakeNetShellBySshKey(String host, String user, String privateKeyPath, String passphrase, Int32 timeout, TextWriter log, TerminalCallback callback, IEnumerable`1 commands, IEnumerable`1 expectPatterns, String targetPrompt, Int32 sshPort)
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun:    at Centrify.DeploymentManager.Task.ComputerTask.MakeNetShell(RunArguments args, String ipOrHost, Boolean isLogCommands)
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun:    at Centrify.DeploymentManager.Task.ComputerTask.PrepareNetShellAndRun(RunArguments args, String ipOrHost)
[2016-08-19 16:59:17.473 +0100] mmc.exe[7116,1] Verbose: ReportNode`1.get_ResultPaneReady: Result pane column unmatching Time - Host Name
[2016-08-19 16:59:17.479 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.Run: Ping failed for computer XXXXXXXXXXX.
[2016-08-19 16:59:17.481 +0100] mmc.exe[7116,1] Verbose: ReportNode`1.get_ResultPaneReady: Result pane column unmatching Time - Host Name
[2016-08-19 16:59:17.514 +0100] mmc.exe[7116,11] Verbose: {Centrify.DeploymentManager.Task.RefreshTask}Manager.AnnounceChange: Notification: Computer
[2016-08-19 16:59:17.515 +0100] mmc.exe[7116,11] Verbose: {Centrify.DeploymentManager.Task.RefreshTask}Manager.AnnounceChange: Notification: ComputerHistory
[2016-08-19 16:59:17.515 +0100] mmc.exe[7116,11] Verbose: {Centrify.DeploymentManager.Task.RefreshTask}Manager.AnnounceChange: Notification: ComputerHistoryError
[2016-08-19 16:59:17.515 +0100] mmc.exe[7116,11] Verbose: {Centrify.DeploymentManager.Task.RefreshTask}Manager.AnnounceChange: Notification: ToDo
[2016-08-19 16:59:17.519 +0100] mmc.exe[7116,1] Verbose: ReportNode`1.get_ResultPaneReady: Result pane column unmatching Time - Host Name
[2016-08-19 16:59:17.519 +0100] mmc.exe[7116,1] Verbose: ReportNode`1.get_ResultPaneReady: Result pane column unmatching Time - Host Name

(for clarity, I've blanked out the hostname and IP with "XXXXXXXXXXX")

I can successfully connect using the username and password. It's just when using the private key through the application I get this issue. 

• I get the same issue on another server I've tried.
• The private key is a 2048 RSA key so should be supported.
• The target server is Ubuntu 12.04.5
• OpenSSH is stock from the Ubuntu repos (version 1:5.9p1-5ubuntu1.10)

Any ideas? I don't seem to be able to find anybody else who has had this issue. Googling any combination of the errors I'm seeing either take me to Chinese websites or site saying I'm being DDoS'd by China.

Cheers,
Sam

Can centrify users can login to JupyterHub?. Is there any method available to integrate Centrify with JupyterHub for authentication purpose.

Yes, recall from my first post I can get it working by manually runing

# adclient

Bonus comment - this is affecting just 'that' system and I could not repro in my own CentOS 7.2

Without knowing what's going on with that system, it's going to be hard to pinpoint.

Is there anythign else you can tell me in particular about this system?  Is this a "managed" AWS system??

Did somebody fiddle with the resource limits?

Was the machine rebooted prematurely before the cache was completely built?

I'm sorry.  Which logs specifically?  Do I just post them here?

Moderation:

This is a resolved thread from 2012. 

Please create a new thread based on your issue.  If you are still trying to deal with disconnects - do an adinfo -T and check connectivity with your domain controllers.

It is a physical server, on the same domain as the domain controllers, and on the same VLAN.  It was a fresh install of CentOS 7.1, upgraded through yum update to 7.2.  Once fully updated, I downloaded the .tgz file that contained the install.sh, and manually installed the epress edition.  The server is not in production yet, and nothing else has been installed on it.  No prematre reboots.

# adinfo -T
Domain Diagnostics:
Domain: mtips.xxx.local
DNS query for: _ldap._tcp.mtips.xxx.local
DNS query for: _gc._tcp.mtips.xxx.local
Testing Active Directory connectivity:
Global Catalog: mtipsxxx3dc02.mtips.xxx.local
gc: 3268/tcp - good
Global Catalog: mtipsxxx3dc01.mtips.xxx.local
gc: 3268/tcp - good
Domain Controller: mtipsxxx3dc02.mtips.xxx.local
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: mtipsxxx3dc01.mtips.xxx.local
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good

Thanks for the help.  All looks good.

Note that I was referring to the output looking good.  Problem persists 

Is this a server or a laptop?

The output of adinfo -T shows that you can communicate with those sytems so you should be fine bearing other issues with DNS, etc.

Let me see this

/usr/share/centrifydc/bin/adcheck [domain.name]

unidentified please

3 warnings...

# /usr/share/centrifydc/bin/adcheck mtips.xxx.local
OSCHK : Verify that this is a supported OS : Pass
PATCH : Linux patch check : Pass
PERL : Verify perl is present and is a good version : Pass
SAMBA : Inspecting Samba installation : Pass
SPACECHK : Check if there is enough disk space in /var /usr /tmp : Pass
HOSTNAME : Verify hostname setting : Pass
NSHOSTS : Check hosts line in /etc/nsswitch.conf : Pass
DNSPROBE : Probe DNS server 10.254.3.100 : Pass
DNSPROBE : Probe DNS server 10.254.3.101 : Pass
DNSPROBE : Probe DNS server 8.8.8.8 : Pass
DNSCHECK : Analyze basic health of DNS servers : Pass
WHATSSH : Is this an SSH that DirectControl works well with : Pass
SSH : SSHD version and configuration : Warning
: You are running OpenSSH_6.6.1p1, OpenSSL 1.0.1e-fips 11 Feb 2013.
:
: This version of OpenSSH does not seem to be configured for PAM,
: ChallengeResponse and Kerberos/GSSAPI support.
: To get Active Directory users to successfully login,
: you need to configure your OpenSSH with the following options:
: (display the ones we identified were not set)
: ChallengeResponseAuthentication yes
: UsePAM Yes
:
: Centrify provides a version of OpenSSH that's configured properly
: to allow AD users to login and provides Kerberos GSSAPI support.

DOMNAME : Check that the domain name is reasonable : Warning
: The Active Directory domain name mtips.xxx.local may cause
: resolution problems with the operating system domain
: name server. We strongly suggest you do not use .local
: as the last component in your Active Directory domain name.
: If you must, please see the release notes for your operating
: system and ensure you have disabled multicast DNS.

ADDC : Find domain controllers in DNS : Pass
ADDNS : DNS lookup of DC mtipsxxxdc01.mtips.xxx.local : Pass
ADPORT : Port scan of DC mtipsxxxdc01.mtips.xxx.local 10.254.3.100: Pass
ADDNS : DNS lookup of DC mtipsxxxdc02.mtips.xxx.local : Pass
ADPORT : Port scan of DC mtipsxxxdc02.mtips.xxx.local 10.254.3.101: Pass
ADDC : Check Domain Controllers : Pass
ADDNS : DNS lookup of DC mtipsxxxdc01.mtips.xxx.local : Pass
GCPORT : Port scan of GC mtipsxxxdc01.mtips.xxx.local 10.254.3.100: Pass
ADDNS : DNS lookup of DC mtipsxxxdc02.mtips.xxx.local : Pass
GCPORT : Port scan of GC mtipsxxxdc02.mtips.xxx.local 10.254.3.101: Pass
ADGC : Check Global Catalog servers : Pass
DCUP : Check for operational DCs in mtips.xxx.local : Pass
SITEUP : Check DCs for mtips.xxx.local in our site : Pass
DNSSYM : Check DNS server symmetry : Warning
: Some DNS servers can not get srv list from domain.
: Some DNS servers not able to look up DC.

ADSITE : Check that this machine's subnet is in a site known by AD : Pass
GSITE : See if we think this is the correct site : Pass
TIME : Check clock synchronization : Pass
ADSYNC : Check domains all synchronized : Pass
3 warnings were encountered during check. We recommend checking these before proceeding

CentOS 7 server

---

FinFan wrote:

DNSSYM : Check DNS server symmetry : Warning
: Some DNS servers can not get srv list from domain.
: Some DNS servers not able to look up DC.

---

This is most probably the cause that lead the agent to stay in disconnected mode: i.e. unable to connect AD.

Once joined to AD using Centrify agent, your server/station become a resource of the Domain, and behave like any other resource: i.e. find available DC using DNS records.

If your server is pointing to DNS servers that does not reference all DC then the server will not be able to talk to AD properly.

First step is to make sure that the DNS servers configured for your Linux server are referencing your AD Domain.

Second step is to check the sanity of your DNS records and validate that all DNS servers reference AD services as they should do.

Hope that helps,

Fab

System Diagnostic

========Domain info map========

DC=domain1,DC=com

    CN              = domain1.COM

    SID             = S-1-5-21-583907252-1343024091-1708537768

    TRUST_ATTRS     = 0x20

    TRUST_DIRECTION = 3

    TRUST_TYPE      = 2

    NTLM NAME       = domain1

    LOCAL FOREST    = YES

DC=domain2,DC=net

    CN              = domain2.NET

    SID             = S-1-5-21-299284513-3343122069-2891062105

    TRUST_ATTRS     = 0x20

    TRUST_DIRECTION = 3

    TRUST_TYPE      = 2

    NTLM NAME       = domain2

    LOCAL FOREST    = YES

Domain Diagnostics:
Domain: domain1.com
DNS query for: _ldap._tcp.domain1.com
DNS query for: _gc._tcp.domain1.com
Testing Active Directory connectivity:
Global Catalog: 1
gc: 3268/tcp - good
Global Catalog: 2
gc: 3268/tcp - good
Global Catalog: 3
gc: 3268/tcp - good
Global Catalog: 4
gc: 3268/tcp - good
Global Catalog: 5
gc: 3268/tcp - good
Global Catalog: 6
gc: 3268/tcp - good
Global Catalog: 7
gc: 3268/tcp - good
Global Catalog: 8
gc: 3268/tcp - good
Global Catalog: 9
gc: 3268/tcp - good
Global Catalog: 10
gc: 3268/tcp - good
Global Catalog: 11
gc: 3268/tcp - good
Global Catalog: 12
gc: 3268/tcp - good
Global Catalog: 13
gc: 3268/tcp - good
Domain Controller: 1
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: 2
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: 3
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: 4
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: 5
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: 6
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: 7
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: 8
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: 9
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: 10
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: 11
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good

Hi there,

I'm trying to setup Xrdp to login from Windows stations to Ubuntu using Centrify SSO.

There is a post about doing the same with  CentOS HERE.

But the link to the instruction is broken, and I can't find any other article about it.

The client side of RDP is OK since I can do SSO login to Windows server

Tracing xrdp-sesman, I can see that it calls the Centrify PAM modules, but the login fails.

I think my problem is making Xrdp passing the correct credentials to xrdp-sesman.

Could anybody help me with that?

Thanks

Rafi

Hi all,

I've installed Centify Express DirectManage Deployment Manager (Version: 5.3.1.368) and run a discovery across one of our internal ranges. Picked up a number of machines as I expect. I've picked a non-intrusive target to test against.

I'm attempting to authenticate to it using a private key through the application.

• I know the private key is good, the passphrase is correct, there's no firewalls between my machine and the target.
• I can successfully authenticate using that same private key using the version of PuTTY in the "${InstallDir}\External\putty.exe". 
• I can successfully manually run the command that Centify Express DirectManage Deployment Manager is trying to connect with and it connects without issue:

...\External\putty.exe -ssh XXX.XXX.XXX.XXX -l root -i "z:\Path\to\my\private\key\privatekey.ppk" -P 22

However, when I try to "Refresh Computer Information" I get the following error in the "History" logs:

Wrong key format

Please ensure the user/password is correct, or the computer is not shut down or behind a firewall. You may also disable the ping feature in Network Options.

On the server, I see the following in /var/log/auth.log

sshd[13915]: fatal: Read from socket failed: Connection reset by peer [preauth]

In the Centify Express DirectManage Deployment Manager logs, I see the following:

[2016-08-19 16:59:17.070 +0100] mmc.exe[7116,1] Verbose: ReportNode`1.get_ResultPaneReady: Result pane column unmatching Time - Host Name
[2016-08-19 16:59:17.070 +0100] mmc.exe[7116,1] Verbose: ReportNode`1.get_ResultPaneReady: Result pane column unmatching Time - Host Name
[2016-08-19 16:59:17.123 +0100] mmc.exe[7116,1] Verbose: ReportNode`1.get_ResultPaneReady: Result pane column unmatching Time - Host Name
[2016-08-19 16:59:17.465 +0100] mmc.exe[7116,1] Verbose: ReportNode`1.get_ResultPaneReady: Result pane column unmatching Time - Host Name
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun: NetIO Exception for computer 'XXXXXXXXXX' IP 'XXXXXXXXXXXX'
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun: Details: Granados.SSHC.SSHException: Wrong key format
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun:    at Granados.SSHCV2.SSH2UserAuthKey.FromSECSHStyleStream(Stream strm, String passphrase)
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun:    at Granados.SSHCV2.SSH2Connection.UserAuth()
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun:    at Granados.SSHCV2.SSH2Connection.Connect(AbstractSocket s)
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun:    at Granados.SSHC.SSHConnection.ConnectMain(SSHConnectionParameter param, ISSHConnectionEventReceiver receiver, ProtocolNegotiationHandler pnh, AbstractSocket s)
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun:    at Centrify.NetIO.Ssh.Connection.Connect(String name, String user, String password, String identityFile, AuthenticationType authenticationType)
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun:    at Centrify.NetIO.Ssh.NetShell..ctor(String host, String identityFile, String user, String pass, Int32 timeout, TextWriter log, TerminalCallback callback, IEnumerable`1 commands, IEnumerable`1 expectPatterns, String targetPrompt, Int32 sshPort)
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun:    at Centrify.DeploymentManager.Task.ComputerTask.MakeNetShellBySshKey(String host, String user, String privateKeyPath, String passphrase, Int32 timeout, TextWriter log, TerminalCallback callback, IEnumerable`1 commands, IEnumerable`1 expectPatterns, String targetPrompt, Int32 sshPort)
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun:    at Centrify.DeploymentManager.Task.ComputerTask.MakeNetShell(RunArguments args, String ipOrHost, Boolean isLogCommands)
[2016-08-19 16:59:17.469 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.PrepareNetShellAndRun:    at Centrify.DeploymentManager.Task.ComputerTask.PrepareNetShellAndRun(RunArguments args, String ipOrHost)
[2016-08-19 16:59:17.473 +0100] mmc.exe[7116,1] Verbose: ReportNode`1.get_ResultPaneReady: Result pane column unmatching Time - Host Name
[2016-08-19 16:59:17.479 +0100] mmc.exe[7116,11] Information: {Centrify.DeploymentManager.Task.RefreshTask}ComputerTask.Run: Ping failed for computer XXXXXXXXXXX.
[2016-08-19 16:59:17.481 +0100] mmc.exe[7116,1] Verbose: ReportNode`1.get_ResultPaneReady: Result pane column unmatching Time - Host Name
[2016-08-19 16:59:17.514 +0100] mmc.exe[7116,11] Verbose: {Centrify.DeploymentManager.Task.RefreshTask}Manager.AnnounceChange: Notification: Computer
[2016-08-19 16:59:17.515 +0100] mmc.exe[7116,11] Verbose: {Centrify.DeploymentManager.Task.RefreshTask}Manager.AnnounceChange: Notification: ComputerHistory
[2016-08-19 16:59:17.515 +0100] mmc.exe[7116,11] Verbose: {Centrify.DeploymentManager.Task.RefreshTask}Manager.AnnounceChange: Notification: ComputerHistoryError
[2016-08-19 16:59:17.515 +0100] mmc.exe[7116,11] Verbose: {Centrify.DeploymentManager.Task.RefreshTask}Manager.AnnounceChange: Notification: ToDo
[2016-08-19 16:59:17.519 +0100] mmc.exe[7116,1] Verbose: ReportNode`1.get_ResultPaneReady: Result pane column unmatching Time - Host Name
[2016-08-19 16:59:17.519 +0100] mmc.exe[7116,1] Verbose: ReportNode`1.get_ResultPaneReady: Result pane column unmatching Time - Host Name

(for clarity, I've blanked out the hostname and IP with "XXXXXXXXXXX")

I can successfully connect using the username and password. It's just when using the private key through the application I get this issue. 

• I get the same issue on another server I've tried.
• The private key is a 2048 RSA key so should be supported.
• The target server is Ubuntu 12.04.5
• OpenSSH is stock from the Ubuntu repos (version 1:5.9p1-5ubuntu1.10)

Any ideas? I don't seem to be able to find anybody else who has had this issue. Googling any combination of the errors I'm seeing either take me to Chinese websites or site saying I'm being DDoS'd by China.

Cheers,
Sam

Can centrify users can login to JupyterHub?. Is there any method available to integrate Centrify with JupyterHub for authentication purpose.