Edge Node Debugging Tips

Prerequisites

  • Ensure that Docker application is running.
  • Ensure you have the necessary permissions and credentials to authenticate against your enterprise.

ZEDEDA CLI Overview

Refer to ZEDEDA CLI Overview for information about zcli.

ZCLI to Enable USB Ports Locally

Being “secure by design”, the EVE operating system will lock down local access to physical ports and interfaces of your edge node after it has registered with ZEDEDA (as its controller). To unlock and enable local access to your edge device’s keyboard, mouse, and (sometimes) console, log in via zcli, then run the following command.

zcli edge-node update <EDGE_NODE_NAME> --config=debug.enable.usb:true

Enable SSH for an Edge Device

To learn how to enable SSH, please refer to Enabling SSH for an Edge Device.

Example Commands for EVE-OS

EVE-OS distinguishes itself from traditional Linux distributions, despite its utilization of the Linux kernel. While you can access specific features at the EVE-OS command line for debugging, the primary operational management of an EVE-OS device is designed to be securely overseen by an EVE controller like the ZEDEDA solution. In practice, the command line offers limited control over EVE's functions, as demonstrated by the example commands below.

eve -h
Welcome to EVE!
 commands: enter [qube (assumed pillar)] [command (assumed sh)]
         enter-user-app <qube>
         exec qube command
         list
         status
         start <qube> (requires a qube to be in a destroyed state)
         pause <qube>
         resume <qube>
         destroy <qube>
         persist list
         persist attach <disk>
         firewall drop
         verbose on|off
version

For more information about EVE, visit the source code repository on GitHub.

SSH Key clear

Following a reboot of the edge node, the public shared key is no longer retained. In certain scenarios, it may be necessary to delete the shared key associated with the edge node's IP address before attempting to access the node again. Failure to do so may result in the following error message:

Example of error:

.ssh# ssh -i id_rsa root@192.168.1.191
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the id_rsa key sent by the remote host is
SHA256:L8SY61hfkUymPkja/6Rs133dsbITOv2l+G+7HotWmjs.
Please contact your system administrator.
Add correct host key in /Users/USERNAME/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /Users/USERNAME/.ssh/known_hosts:12
Host key for 192.168.1.191 has changed and you have requested strict checking.
Host key verification failed.

To delete the IP address from known_hosts, run:

ssh-keygen -R <EDGE_NODE_IP>
Was this article helpful?
5 out of 5 found this helpful