Unauthorized Error: Authentication error on one machine but not the other

mattrcairns · July 19, 2024, 9:39pm

Hi,

I am using ansible to deploy mender to multiple machines (jetsons). For some reason, despite the settings being exactly the same on two machines, one machine successfully connects to mender and the other does not.

I have checked both mender.conf, device_type, and mender-device-identity. They all are exactly the same on both machines.

The device that fails outputs:

Jul 19 14:28:40 TJETSON mender-auth[1474464]: record_id=1 severity=info time="2024-Jul-19 14:28:40.522817" name="Global" msg="Successfully loaded private key from /var/lib/mender/mender-agent.pem"
Jul 19 14:28:40 TJETSON mender-auth[1474464]: record_id=2 severity=info time="2024-Jul-19 14:28:40.536485" name="Global" msg="The authentication daemon is now ready to accept incoming authentication request"
Jul 19 14:28:40 TJETSON mender-update[1474463]: record_id=1 severity=info time="2024-Jul-19 14:28:40.537749" name="Global" msg="Running Mender client 4.0.3"
Jul 19 14:28:40 TJETSON mender-update[1474463]: record_id=2 severity=info time="2024-Jul-19 14:28:40.538118" name="Global" msg="The update client daemon is now ready to handle incoming deployments"
Jul 19 14:28:41 TJETSON mender-auth[1474564]: using interface /sys/class/net/eth0
Jul 19 14:28:41 TJETSON mender-auth[1474464]: record_id=3 severity=info time="2024-Jul-19 14:28:41.034545" name="Global" msg="Signing with: /var/lib/mender/mender-agent.pem"
Jul 19 14:28:41 TJETSON mender-auth[1474464]: record_id=4 severity=info time="2024-Jul-19 14:28:41.663518" name="Global" msg="Authentication error trying server 'https://hosted.mender.io': Unauthorized error: Authentication error(Unauthorized): Failed to authorize with the server.({"error":"Unauthorized","request_id":"9b7de8bd-daec-425d-8bc5-8a54e615bc15"})"
Jul 19 14:28:41 TJETSON mender-auth[1474464]: record_id=5 severity=error time="2024-Jul-19 14:28:41.663724" name="Global" msg="Failed to fetch new token: Authentication error: No more servers to try for authentication"
Jul 19 14:28:41 TJETSON mender-update[1474463]: record_id=3 severity=error time="2024-Jul-19 14:28:41.664800" name="Global" msg="Failed to set new authentication data on HTTP request"
Jul 19 14:28:41 TJETSON mender-update[1474463]: record_id=4 severity=error time="2024-Jul-19 14:28:41.665081" name="Global" msg="Request to push inventory data failed: Cannot submit API request"
Jul 19 14:28:41 TJETSON mender-update[1474463]: record_id=5 severity=error time="2024-Jul-19 14:28:41.665179" name="Global" msg="Failed to submit inventory: Unauthorized error: Cannot submit API request"
Jul 19 14:28:41 TJETSON mender-auth[1474616]: using interface /sys/class/net/eth0
Jul 19 14:28:41 TJETSON mender-auth[1474464]: record_id=6 severity=info time="2024-Jul-19 14:28:41.816887" name="Global" msg="Signing with: /var/lib/mender/mender-agent.pem"
Jul 19 14:28:42 TJETSON mender-auth[1474464]: record_id=7 severity=info time="2024-Jul-19 14:28:42.410666" name="Global" msg="Authentication error trying server 'https://hosted.mender.io': Unauthorized error: Authentication error(Unauthorized): Failed to authorize with the server.({"error":"Unauthorized","request_id":"37e9d690-ee27-4e8c-9ce1-88a5a632641f"})"
Jul 19 14:28:42 TJETSON mender-auth[1474464]: record_id=8 severity=error time="2024-Jul-19 14:28:42.410880" name="Global" msg="Failed to fetch new token: Authentication error: No more servers to try for authentication"
Jul 19 14:28:42 TJETSON mender-update[1474463]: record_id=6 severity=error time="2024-Jul-19 14:28:42.412104" name="Global" msg="Failed to set new authentication data on HTTP request"
Jul 19 14:28:42 TJETSON mender-update[1474463]: record_id=7 severity=error time="2024-Jul-19 14:28:42.412381" name="Global" msg="Request to check new deployments failed: Cannot submit API request"
Jul 19 14:28:42 TJETSON mender-update[1474463]: record_id=8 severity=error time="2024-Jul-19 14:28:42.412504" name="Global" msg="Error while polling for deployment: Unauthorized error: Cannot submit API request"

The command ran by ansible to setup mender is the following:

mender-setup --device-type {{ device_type }} --hosted-mender --tenant-token {{ tenant_token }} --inventory-poll 28800 --retry-poll 300 --update-poll 1800

Both device_type and tenant_token are set to the same values for both devices.

Thanks

mattrcairns · July 19, 2024, 9:52pm

Update: I restarted the mender-auth service on the working device and it now has the same issue as the broken device.

mattrcairns · July 19, 2024, 10:05pm

Ok well i solved the problem myself. At some point I think i managed to switch the value of the tenant token from the organization token to my accounts session token. The issue is now resolved.

Topic		Replies	Views
Mender Authentication Error General Discussions yocto , hosted-mender , zeus , imx8mq	8	2089	January 12, 2021
Mender Client not authorising when using GO 1.15 General Discussions mender-server	8	896	January 6, 2021
Device can't connect to hosted server General Discussions hosted-mender , deviceauth , authorization	3	868	March 27, 2023
Authorization request error: Host validation error General Discussions	3	1494	March 9, 2021
Install Mender Client script returns 401 General Discussions mender-client , bug	3	108	May 24, 2024

Unauthorized Error: Authentication error on one machine but not the other

Related Topics