How to ssh into a LXD guest?
I have a host machine (KVM with Kubuntu 18.04) with a LDX guest (based on ubuntu18.04 image).
I can ssh from guest to host.
But trying to ssh from host to guest gives an
Permission denied (publickey)
error
Step to reproduce:
- lxc exec into the guest
- exec login with ubuntu user (to avoid root permissions problems)
- ssh to host - SUCCESS
- exit form user ubuntu - exit from guest
- from host ssh into ubuntu@guest - ERROR
What I'm doing wrong?
Below the complete session transcript
sysop@kvmneo4j:~$ lxc list
+----------+---------+-------------------+------+------------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+----------+---------+-------------------+------+------------+-----------+
| base1804 | RUNNING | 10.0.0.205 (eth0) | | PERSISTENT | 0 |
+----------+---------+-------------------+------+------------+-----------+
sysop@kvmneo4j:~$ lxc exec base1804 bash
root@base1804:~# exec login ubuntu
Password:
Last login: Wed Jan 2 18:58:10 UTC 2019 on UNKNOWN
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-43-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
System information as of Wed Jan 2 19:02:28 UTC 2019
System load: 1.69 Processes: 22
Usage of /home: unknown Users logged in: 0
Memory usage: 1% IP address for eth0: 10.0.0.205
Swap usage: 0%
Get cloud support with Ubuntu Advantage Cloud Guest:
http://www.ubuntu.com/business/services/cloud
0 packages can be updated.
0 updates are security updates.
Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.
ubuntu@base1804:~$ ssh sysop@10.0.0.1
sysop@10.0.0.1's password:
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-43-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
* Canonical Livepatch is available for installation.
- Reduce system reboots and improve kernel security. Activate at:
https://ubuntu.com/livepatch
Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings
Last login: Wed Jan 2 19:58:42 2019 from 10.0.0.205
sysop@kvmneo4j:~$ logout
Connection to 10.0.0.1 closed.
ubuntu@base1804:~$ logout
sysop@kvmneo4j:~$ ssh -v ubuntu@10.0.0.205
OpenSSH_7.6p1 Ubuntu-4ubuntu0.1, OpenSSL 1.0.2n 7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 10.0.0.205 [10.0.0.205] port 22.
debug1: Connection established.
debug1: identity file /home/sysop/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6p1 Ubuntu-4ubuntu0.1
debug1: match: OpenSSH_7.6p1 Ubuntu-4ubuntu0.1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 10.0.0.205:22 as 'ubuntu'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:i0Ezo01qJyhIue4PIRobOw/qKuvDW/7OJZzgB0X5jGM
debug1: Host '10.0.0.205' is known and matches the ECDSA host key.
debug1: Found key in /home/sysop/.ssh/known_hosts:1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:EfYKpv5N+M8YBgCFjjy3P9M0jYt7DObq9ApoZ0G8qL4 /home/sysop/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: /home/sysop/.ssh/id_dsa
debug1: Trying private key: /home/sysop/.ssh/id_ecdsa
debug1: Trying private key: /home/sysop/.ssh/id_ed25519
debug1: No more authentication methods to try.
ubuntu@10.0.0.205: Permission denied (publickey).
sysop@kvmneo4j:~$
permissions ssh kvm lxd
add a comment |
I have a host machine (KVM with Kubuntu 18.04) with a LDX guest (based on ubuntu18.04 image).
I can ssh from guest to host.
But trying to ssh from host to guest gives an
Permission denied (publickey)
error
Step to reproduce:
- lxc exec into the guest
- exec login with ubuntu user (to avoid root permissions problems)
- ssh to host - SUCCESS
- exit form user ubuntu - exit from guest
- from host ssh into ubuntu@guest - ERROR
What I'm doing wrong?
Below the complete session transcript
sysop@kvmneo4j:~$ lxc list
+----------+---------+-------------------+------+------------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+----------+---------+-------------------+------+------------+-----------+
| base1804 | RUNNING | 10.0.0.205 (eth0) | | PERSISTENT | 0 |
+----------+---------+-------------------+------+------------+-----------+
sysop@kvmneo4j:~$ lxc exec base1804 bash
root@base1804:~# exec login ubuntu
Password:
Last login: Wed Jan 2 18:58:10 UTC 2019 on UNKNOWN
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-43-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
System information as of Wed Jan 2 19:02:28 UTC 2019
System load: 1.69 Processes: 22
Usage of /home: unknown Users logged in: 0
Memory usage: 1% IP address for eth0: 10.0.0.205
Swap usage: 0%
Get cloud support with Ubuntu Advantage Cloud Guest:
http://www.ubuntu.com/business/services/cloud
0 packages can be updated.
0 updates are security updates.
Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.
ubuntu@base1804:~$ ssh sysop@10.0.0.1
sysop@10.0.0.1's password:
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-43-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
* Canonical Livepatch is available for installation.
- Reduce system reboots and improve kernel security. Activate at:
https://ubuntu.com/livepatch
Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings
Last login: Wed Jan 2 19:58:42 2019 from 10.0.0.205
sysop@kvmneo4j:~$ logout
Connection to 10.0.0.1 closed.
ubuntu@base1804:~$ logout
sysop@kvmneo4j:~$ ssh -v ubuntu@10.0.0.205
OpenSSH_7.6p1 Ubuntu-4ubuntu0.1, OpenSSL 1.0.2n 7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 10.0.0.205 [10.0.0.205] port 22.
debug1: Connection established.
debug1: identity file /home/sysop/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6p1 Ubuntu-4ubuntu0.1
debug1: match: OpenSSH_7.6p1 Ubuntu-4ubuntu0.1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 10.0.0.205:22 as 'ubuntu'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:i0Ezo01qJyhIue4PIRobOw/qKuvDW/7OJZzgB0X5jGM
debug1: Host '10.0.0.205' is known and matches the ECDSA host key.
debug1: Found key in /home/sysop/.ssh/known_hosts:1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:EfYKpv5N+M8YBgCFjjy3P9M0jYt7DObq9ApoZ0G8qL4 /home/sysop/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: /home/sysop/.ssh/id_dsa
debug1: Trying private key: /home/sysop/.ssh/id_ecdsa
debug1: Trying private key: /home/sysop/.ssh/id_ed25519
debug1: No more authentication methods to try.
ubuntu@10.0.0.205: Permission denied (publickey).
sysop@kvmneo4j:~$
permissions ssh kvm lxd
add a comment |
I have a host machine (KVM with Kubuntu 18.04) with a LDX guest (based on ubuntu18.04 image).
I can ssh from guest to host.
But trying to ssh from host to guest gives an
Permission denied (publickey)
error
Step to reproduce:
- lxc exec into the guest
- exec login with ubuntu user (to avoid root permissions problems)
- ssh to host - SUCCESS
- exit form user ubuntu - exit from guest
- from host ssh into ubuntu@guest - ERROR
What I'm doing wrong?
Below the complete session transcript
sysop@kvmneo4j:~$ lxc list
+----------+---------+-------------------+------+------------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+----------+---------+-------------------+------+------------+-----------+
| base1804 | RUNNING | 10.0.0.205 (eth0) | | PERSISTENT | 0 |
+----------+---------+-------------------+------+------------+-----------+
sysop@kvmneo4j:~$ lxc exec base1804 bash
root@base1804:~# exec login ubuntu
Password:
Last login: Wed Jan 2 18:58:10 UTC 2019 on UNKNOWN
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-43-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
System information as of Wed Jan 2 19:02:28 UTC 2019
System load: 1.69 Processes: 22
Usage of /home: unknown Users logged in: 0
Memory usage: 1% IP address for eth0: 10.0.0.205
Swap usage: 0%
Get cloud support with Ubuntu Advantage Cloud Guest:
http://www.ubuntu.com/business/services/cloud
0 packages can be updated.
0 updates are security updates.
Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.
ubuntu@base1804:~$ ssh sysop@10.0.0.1
sysop@10.0.0.1's password:
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-43-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
* Canonical Livepatch is available for installation.
- Reduce system reboots and improve kernel security. Activate at:
https://ubuntu.com/livepatch
Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings
Last login: Wed Jan 2 19:58:42 2019 from 10.0.0.205
sysop@kvmneo4j:~$ logout
Connection to 10.0.0.1 closed.
ubuntu@base1804:~$ logout
sysop@kvmneo4j:~$ ssh -v ubuntu@10.0.0.205
OpenSSH_7.6p1 Ubuntu-4ubuntu0.1, OpenSSL 1.0.2n 7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 10.0.0.205 [10.0.0.205] port 22.
debug1: Connection established.
debug1: identity file /home/sysop/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6p1 Ubuntu-4ubuntu0.1
debug1: match: OpenSSH_7.6p1 Ubuntu-4ubuntu0.1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 10.0.0.205:22 as 'ubuntu'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:i0Ezo01qJyhIue4PIRobOw/qKuvDW/7OJZzgB0X5jGM
debug1: Host '10.0.0.205' is known and matches the ECDSA host key.
debug1: Found key in /home/sysop/.ssh/known_hosts:1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:EfYKpv5N+M8YBgCFjjy3P9M0jYt7DObq9ApoZ0G8qL4 /home/sysop/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: /home/sysop/.ssh/id_dsa
debug1: Trying private key: /home/sysop/.ssh/id_ecdsa
debug1: Trying private key: /home/sysop/.ssh/id_ed25519
debug1: No more authentication methods to try.
ubuntu@10.0.0.205: Permission denied (publickey).
sysop@kvmneo4j:~$
permissions ssh kvm lxd
I have a host machine (KVM with Kubuntu 18.04) with a LDX guest (based on ubuntu18.04 image).
I can ssh from guest to host.
But trying to ssh from host to guest gives an
Permission denied (publickey)
error
Step to reproduce:
- lxc exec into the guest
- exec login with ubuntu user (to avoid root permissions problems)
- ssh to host - SUCCESS
- exit form user ubuntu - exit from guest
- from host ssh into ubuntu@guest - ERROR
What I'm doing wrong?
Below the complete session transcript
sysop@kvmneo4j:~$ lxc list
+----------+---------+-------------------+------+------------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+----------+---------+-------------------+------+------------+-----------+
| base1804 | RUNNING | 10.0.0.205 (eth0) | | PERSISTENT | 0 |
+----------+---------+-------------------+------+------------+-----------+
sysop@kvmneo4j:~$ lxc exec base1804 bash
root@base1804:~# exec login ubuntu
Password:
Last login: Wed Jan 2 18:58:10 UTC 2019 on UNKNOWN
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-43-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
System information as of Wed Jan 2 19:02:28 UTC 2019
System load: 1.69 Processes: 22
Usage of /home: unknown Users logged in: 0
Memory usage: 1% IP address for eth0: 10.0.0.205
Swap usage: 0%
Get cloud support with Ubuntu Advantage Cloud Guest:
http://www.ubuntu.com/business/services/cloud
0 packages can be updated.
0 updates are security updates.
Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.
ubuntu@base1804:~$ ssh sysop@10.0.0.1
sysop@10.0.0.1's password:
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-43-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
* Canonical Livepatch is available for installation.
- Reduce system reboots and improve kernel security. Activate at:
https://ubuntu.com/livepatch
Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings
Last login: Wed Jan 2 19:58:42 2019 from 10.0.0.205
sysop@kvmneo4j:~$ logout
Connection to 10.0.0.1 closed.
ubuntu@base1804:~$ logout
sysop@kvmneo4j:~$ ssh -v ubuntu@10.0.0.205
OpenSSH_7.6p1 Ubuntu-4ubuntu0.1, OpenSSL 1.0.2n 7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 10.0.0.205 [10.0.0.205] port 22.
debug1: Connection established.
debug1: identity file /home/sysop/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/sysop/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6p1 Ubuntu-4ubuntu0.1
debug1: match: OpenSSH_7.6p1 Ubuntu-4ubuntu0.1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 10.0.0.205:22 as 'ubuntu'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:i0Ezo01qJyhIue4PIRobOw/qKuvDW/7OJZzgB0X5jGM
debug1: Host '10.0.0.205' is known and matches the ECDSA host key.
debug1: Found key in /home/sysop/.ssh/known_hosts:1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:EfYKpv5N+M8YBgCFjjy3P9M0jYt7DObq9ApoZ0G8qL4 /home/sysop/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: /home/sysop/.ssh/id_dsa
debug1: Trying private key: /home/sysop/.ssh/id_ecdsa
debug1: Trying private key: /home/sysop/.ssh/id_ed25519
debug1: No more authentication methods to try.
ubuntu@10.0.0.205: Permission denied (publickey).
sysop@kvmneo4j:~$
permissions ssh kvm lxd
permissions ssh kvm lxd
asked Jan 2 at 19:22
Mirto BusicoMirto Busico
1851620
1851620
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
By default, all Ubuntu lxd
images for containers are set up with PasswordAuthentication no
in their SSH configuration.
You need to go into the container directly and edit the config as root
.
(1) lxc shell CONTAINER-NAME
will drop you to a root
shell.
(2) nano /etc/ssh/sshd_config
will open the nano
text editor to that file.
(3) Find the line PasswordAuthentication no
and set it to yes
.
(4) Ctrl+W to write the file, and Ctrl+X to close the file.
(5) Restart the SSH service with sudo systemctl restart ssh
.
You should now be able to SSH into the container from the host system.
Thanks it worked. BTW what is the recommended method to interact by script with an LXD container? I mean rcp to transer files or something similar
– Mirto Busico
Jan 4 at 10:41
The standard way you would transfer data between host and container would bescp
orrsync
- but you have to either use SSH keys or do these steps to enable password authentication. Treat the container as its own OS whne you consider file transfers to/from it
– Thomas Ward♦
Jan 4 at 14:26
add a comment |
Try from the guest:
ssh -A host
then from the host:
ssh final-destination
The "-A" forwards your agent from the guest to the host.
1
This won't work because of the container defaults which forbid password authentication.
– Thomas Ward♦
Jan 2 at 20:28
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1106369%2fhow-to-ssh-into-a-lxd-guest%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
By default, all Ubuntu lxd
images for containers are set up with PasswordAuthentication no
in their SSH configuration.
You need to go into the container directly and edit the config as root
.
(1) lxc shell CONTAINER-NAME
will drop you to a root
shell.
(2) nano /etc/ssh/sshd_config
will open the nano
text editor to that file.
(3) Find the line PasswordAuthentication no
and set it to yes
.
(4) Ctrl+W to write the file, and Ctrl+X to close the file.
(5) Restart the SSH service with sudo systemctl restart ssh
.
You should now be able to SSH into the container from the host system.
Thanks it worked. BTW what is the recommended method to interact by script with an LXD container? I mean rcp to transer files or something similar
– Mirto Busico
Jan 4 at 10:41
The standard way you would transfer data between host and container would bescp
orrsync
- but you have to either use SSH keys or do these steps to enable password authentication. Treat the container as its own OS whne you consider file transfers to/from it
– Thomas Ward♦
Jan 4 at 14:26
add a comment |
By default, all Ubuntu lxd
images for containers are set up with PasswordAuthentication no
in their SSH configuration.
You need to go into the container directly and edit the config as root
.
(1) lxc shell CONTAINER-NAME
will drop you to a root
shell.
(2) nano /etc/ssh/sshd_config
will open the nano
text editor to that file.
(3) Find the line PasswordAuthentication no
and set it to yes
.
(4) Ctrl+W to write the file, and Ctrl+X to close the file.
(5) Restart the SSH service with sudo systemctl restart ssh
.
You should now be able to SSH into the container from the host system.
Thanks it worked. BTW what is the recommended method to interact by script with an LXD container? I mean rcp to transer files or something similar
– Mirto Busico
Jan 4 at 10:41
The standard way you would transfer data between host and container would bescp
orrsync
- but you have to either use SSH keys or do these steps to enable password authentication. Treat the container as its own OS whne you consider file transfers to/from it
– Thomas Ward♦
Jan 4 at 14:26
add a comment |
By default, all Ubuntu lxd
images for containers are set up with PasswordAuthentication no
in their SSH configuration.
You need to go into the container directly and edit the config as root
.
(1) lxc shell CONTAINER-NAME
will drop you to a root
shell.
(2) nano /etc/ssh/sshd_config
will open the nano
text editor to that file.
(3) Find the line PasswordAuthentication no
and set it to yes
.
(4) Ctrl+W to write the file, and Ctrl+X to close the file.
(5) Restart the SSH service with sudo systemctl restart ssh
.
You should now be able to SSH into the container from the host system.
By default, all Ubuntu lxd
images for containers are set up with PasswordAuthentication no
in their SSH configuration.
You need to go into the container directly and edit the config as root
.
(1) lxc shell CONTAINER-NAME
will drop you to a root
shell.
(2) nano /etc/ssh/sshd_config
will open the nano
text editor to that file.
(3) Find the line PasswordAuthentication no
and set it to yes
.
(4) Ctrl+W to write the file, and Ctrl+X to close the file.
(5) Restart the SSH service with sudo systemctl restart ssh
.
You should now be able to SSH into the container from the host system.
edited Jan 8 at 13:28
answered Jan 2 at 20:31
Thomas Ward♦Thomas Ward
43.8k23121174
43.8k23121174
Thanks it worked. BTW what is the recommended method to interact by script with an LXD container? I mean rcp to transer files or something similar
– Mirto Busico
Jan 4 at 10:41
The standard way you would transfer data between host and container would bescp
orrsync
- but you have to either use SSH keys or do these steps to enable password authentication. Treat the container as its own OS whne you consider file transfers to/from it
– Thomas Ward♦
Jan 4 at 14:26
add a comment |
Thanks it worked. BTW what is the recommended method to interact by script with an LXD container? I mean rcp to transer files or something similar
– Mirto Busico
Jan 4 at 10:41
The standard way you would transfer data between host and container would bescp
orrsync
- but you have to either use SSH keys or do these steps to enable password authentication. Treat the container as its own OS whne you consider file transfers to/from it
– Thomas Ward♦
Jan 4 at 14:26
Thanks it worked. BTW what is the recommended method to interact by script with an LXD container? I mean rcp to transer files or something similar
– Mirto Busico
Jan 4 at 10:41
Thanks it worked. BTW what is the recommended method to interact by script with an LXD container? I mean rcp to transer files or something similar
– Mirto Busico
Jan 4 at 10:41
The standard way you would transfer data between host and container would be
scp
or rsync
- but you have to either use SSH keys or do these steps to enable password authentication. Treat the container as its own OS whne you consider file transfers to/from it– Thomas Ward♦
Jan 4 at 14:26
The standard way you would transfer data between host and container would be
scp
or rsync
- but you have to either use SSH keys or do these steps to enable password authentication. Treat the container as its own OS whne you consider file transfers to/from it– Thomas Ward♦
Jan 4 at 14:26
add a comment |
Try from the guest:
ssh -A host
then from the host:
ssh final-destination
The "-A" forwards your agent from the guest to the host.
1
This won't work because of the container defaults which forbid password authentication.
– Thomas Ward♦
Jan 2 at 20:28
add a comment |
Try from the guest:
ssh -A host
then from the host:
ssh final-destination
The "-A" forwards your agent from the guest to the host.
1
This won't work because of the container defaults which forbid password authentication.
– Thomas Ward♦
Jan 2 at 20:28
add a comment |
Try from the guest:
ssh -A host
then from the host:
ssh final-destination
The "-A" forwards your agent from the guest to the host.
Try from the guest:
ssh -A host
then from the host:
ssh final-destination
The "-A" forwards your agent from the guest to the host.
answered Jan 2 at 20:21
Eric MintzEric Mintz
584112
584112
1
This won't work because of the container defaults which forbid password authentication.
– Thomas Ward♦
Jan 2 at 20:28
add a comment |
1
This won't work because of the container defaults which forbid password authentication.
– Thomas Ward♦
Jan 2 at 20:28
1
1
This won't work because of the container defaults which forbid password authentication.
– Thomas Ward♦
Jan 2 at 20:28
This won't work because of the container defaults which forbid password authentication.
– Thomas Ward♦
Jan 2 at 20:28
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1106369%2fhow-to-ssh-into-a-lxd-guest%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown