Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

xscontainer-prepare-vm not working when ~/.ssh/authorized_keys exist #60

Open
HeMaN-NL opened this issue Jun 13, 2022 · 1 comment
Open

xscontainer-prepare-vm not working when ~/.ssh/authorized_keys exist #60

HeMaN-NL opened this issue Jun 13, 2022 · 1 comment

Comments

@HeMaN-NL
Copy link

HeMaN-NL commented Jun 13, 2022
edited
Loading

I tried to prepare an Ubuntu VM with docker etc installed for container view/management in XCP-NG/XOA.

xscontainer-prepare-vm -v 75c67428-b0f3-1e6e-5aa8-3583cab504dd -u the_real_username

At first attempts it failed (said success but could not connect to the vm for monitoring).

[19:15 xcp-ng-01 ~]# xscontainer-prepare-vm -v 75c67428-b0f3-1e6e-5aa8-3583cab504dd -u the_real_username
Would you like to push a pool-specific public SSH key into the ~/.ssh/authorized_keys file of the specified VM and therefore authorize hosts in the pool to interact with the containers inside the VM?
Answer y/n:
y
Attempting to push the public xscontainer key to [email protected].
[email protected]'s password:
Success.
Attempting to refresh the state of the VM
Failure diagnosis: Unable to verify key-based authentication. Please prepare the VM to install a key.

After I renamed the already existing ~/.ssh/authorized_keys on the VM (I already use this for passwordless ssh loging to the vm) the command completed succesfully and created a new ~/.ssh/authorized_keys file.

[19:19 xcp-ng-01 ~]# xscontainer-prepare-vm -v 75c67428-b0f3-1e6e-5aa8-3583cab504dd -u the_real_username
Would you like to push a pool-specific public SSH key into the ~/.ssh/authorized_keys file of the specified VM and therefore authorize hosts in the pool to interact with the containers inside the VM?
Answer y/n:
y
Attempting to push the public xscontainer key to [email protected].
[email protected]'s password:
Success.
Attempting to refresh the state of the VM
Success.
Enabling monitoring for the VM.
Success.

=> If there is already an existing ~/.ssh/authorized_keys the xscontainer-prepare-vm is not able to add the host ssh-key to the existing file
@ravinmiist
Copy link

ravinmiist commented Sep 2, 2023
edited
Loading

I had this issue and doing the above did not work. I attempted this on both Debian and Ubuntu (latest at the time of writing).
In review the logs on the docker server I noticed this:
Sep 02 13:41:09 docker-1 sshd[2484]: error: kex_exchange_identification: Connection closed by remote host
Sep 02 13:41:09 docker-1 sshd[2484]: Connection closed by 172.16.2.31 port 47752

Based on this I found that I needed to add the following to the sshd_config file on the docker host and restart sshd:
PubkeyAcceptedAlgorithms=+ssh-rsa

After the restart the prepare-vm was successful and it finished without any further issues.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@HeMaN-NL @ravinmiist