Invalid password "nsgslbautosync: unable to establish master SSH connection: master process exited"
Article ID: CTX209561
Updated On:
Description
After changing the RPC passwords on our Netscalers, GSLB synchronization fails.
Reverting to the default passwords allows GSLB sync to function.
A non-default password is desired.
Errors in the ns.log: "nsgslbautosync: Error executing command on gslb site...Reason: Error: Invalid username or password" "nsgslbautosync: unable to establish master SSH connection: master process exited unexpectedly" Netscaler version 10.5 build 56.22
Resolution
All rpcNode passwords have to be the same for all NetScaler GSLB Sites, especially the GSLB Site IP Nodes/SNIPs and the hidden node 127.0.0.1 password
- Login to the NS via SSH
- Check the 127.0.0.1 password (sh ns rpcNode 127.0.0.1)
- Change the 127.0.0.1 rpc password if necessary (set ns rpcNode 127.0.0.1 -password type_your_password_here -secure yes|no)
After you upgrade a NetScaler appliance to release 13.1 build 33.x or later, the secure option for the RPC node is enabled or disabled on the basis of the TLS 1.2 setting (enabled or disabled) present for the internal RPCS and KRPCS services.) See the links in Additional Resources section for more details.
Make sure all NetScaler GSLB Sites are running the same version and build
Make sure port 22 TCP is open between the NetScaler GSLB sites
The master site will initiate the TCP port 22 communication from the NSIP ---TCP/22--- GSLB Site IP. Ensure this port is open with a tcpdump or trace.
Problem Cause
There seems to be a hidden 127.0.0.1 rpcnode and check if this matches the rpc node of NSIP .Check if hidden 127.0.0.1 rpcnode matched the NSIP's password (sh ns rpcNode 127.0.0.1)
If not change the password of the node 127.0.0.1 as well so that it is same and matches the NSIP's password (set ns rpcNode 127.0.0.1 -password type_your_password_here -secure yes|no)
Issue/Introduction
Additional Information
