More information. So to recap, i've set up a LXC guest. it has an ip, it can ping out, other computers on the network can ping it, I can ssh to the host machine, and I can ssh from the lxc guest (after consoling in). But i cannot ssh to the lxc guest from the network, from the host, or from the lxc guest itself. to limit the number of problems ive decided to try and ssh to local host while consoled to the lxc guest. here are the results: ---------------------------------------------------- root@virt-host-1:/> ssh -vvv localhost OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to localhost [::1] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/identity type -1 debug1: identity file /root/.ssh/id_rsa type -1 debug1: identity file /root/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.3 debug2: fd 3 setting O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent debug3: Wrote 792 bytes for a total of 813 debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@xxxxxxxxxxxxxx debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@xxxxxxxxxxxxxx debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@xxxxxxxxxxx,hmac-ripemd160,hmac-ripemd160@xxxxxxxxxxx,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@xxxxxxxxxxx,hmac-ripemd160,hmac-ripemd160@xxxxxxxxxxx,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx,zlib debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@xxxxxxxxxxxxxx debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@xxxxxxxxxxxxxx debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@xxxxxxxxxxx,hmac-ripemd160,hmac-ripemd160@xxxxxxxxxxx,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@xxxxxxxxxxx,hmac-ripemd160,hmac-ripemd160@xxxxxxxxxxx,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server->client aes128-ctr hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug3: Wrote 24 bytes for a total of 837 debug2: dh_gen_key: priv key bits set: 144/256 debug2: bits set: 508/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: Wrote 144 bytes for a total of 981 debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts debug3: check_host_in_hostfile: match line 2 debug1: Host 'localhost' is known and matches the RSA host key. debug1: Found key in /root/.ssh/known_hosts:2 debug2: bits set: 528/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug3: Wrote 16 bytes for a total of 997 debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug3: Wrote 48 bytes for a total of 1045 debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /root/.ssh/identity ((nil)) debug2: key: /root/.ssh/id_rsa ((nil)) debug2: key: /root/.ssh/id_dsa ((nil)) debug3: Wrote 64 bytes for a total of 1109 debug1: Authentications that can continue: publickey,password debug3: start over, passed a different list publickey,password debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: /root/.ssh/identity debug3: no such identity: /root/.ssh/identity debug1: Trying private key: /root/.ssh/id_rsa debug3: no such identity: /root/.ssh/id_rsa debug1: Trying private key: /root/.ssh/id_dsa debug3: no such identity: /root/.ssh/id_dsa debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: Next authentication method: password root@localhost's password: debug3: packet_send2: adding 64 (len 59 padlen 5 extra_pad 64) debug2: we sent a password packet, wait for reply debug3: Wrote 144 bytes for a total of 1253 debug1: Authentication succeeded (password). debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug1: Requesting no-more-sessions@xxxxxxxxxxx debug1: Entering interactive session. debug3: Wrote 128 bytes for a total of 1381 debug3: Wrote -1 bytes for a total of 1381 Write failed: Broken pipe ------------------------------------------- it accepts my log in, but fails after that. any clues? On Thu, Feb 28, 2013 at 4:36 PM, Brandon Foster <brandon.foster@xxxxxxxxxxx> wrote: > I was actually able to get ssh to work from the container but using > the full path of the command /usr/bin/ssh, and after I did that i was > able to ssh to the container, but after i logged in it closed the > connection > > any ideas? > > I found in another thread that I am supposed to set a $Path for my > container, but it wasnt fully explained. I assume this is why it > wouldnt read the ssh command without the full path, could someone give > me an example of where and how to set that? > > On Thu, Feb 28, 2013 at 3:08 PM, Brandon Foster > <brandon.foster@xxxxxxxxxxx> wrote: >> Hey all, >> I am new to libvirt lxc and am trying to get a container that i can >> ssh to. So far i've booted up a container and gave it an Ip address, >> it can ping out and I can ping it but I cannot get ssh to work. >> When i try to run an ssh command inside the container I get a command >> not found error. here is my xml file >> >> <domain type='lxc'> >> <name>helloworld</name> >> <memory>102400</memory> >> <os> >> <type>exe</type> >> <init>/bin/sh</init> >> </os> >> <devices> >> <console type='pty'/> >> <filesystem type='mount'> >> <source dir='/export/helloworld/config'/> >> <target dir='/etc/httpd'/> >> </filesystem> >> <filesystem type='mount'> >> <source dir='/export/helloworld/data'/> >> <target dir='/var/www'/> >> </filesystem> >> <interface type='bridge'> >> <mac address='52:54:00:5e:02:45'/> >> <source bridge='br0'/> >> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' >> function='0x0'/> >> <model type='virtio' /> >> </interface> >> </devices> >> </domain> >> >> I havent restricted it with busybox for simplicity thinking it was >> because I wasn't allowing it access to necessary ssh files, but Im not >> sure what I am missing now. >> >> surely someone has done this before. >> >> thanks >> -- >> Brandon Foster >> Infrastructure Administrator >> >> Liferay, Inc. >> Enterprise. Open Source. For life. > > > > -- > Brandon Foster > Infrastructure Administrator > > Liferay, Inc. > Enterprise. Open Source. For life. -- Brandon Foster Infrastructure Administrator Liferay, Inc. Enterprise. Open Source. For life. _______________________________________________ libvirt-users mailing list libvirt-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvirt-users
