[Lxc-users] Unable to SSH to the containers.
Serge E. Hallyn
serue at us.ibm.com
Wed Feb 10 15:20:20 UTC 2010
Quoting Sai Ram Purandhar-B22305 (B22305 at freescale.com):
> Hi Daniel,
>
>
>
> I tried the same procedure as discussed by you and srikanth. Following
> are the debug prints of ssh client:
>
>
>
> [root at localhost ~]# ssh -vvv 192.168.1.4
>
> OpenSSH_5.2p1, OpenSSL 1.0.0-fips-beta3 15 Jul 2009
>
> debug1: Reading configuration data /etc/ssh/ssh_config
>
> debug1: Applying options for *
>
> debug2: ssh_connect: needpriv 0
>
> debug1: Connecting to 192.168.1.4 [192.168.1.4] port 22.
>
> debug1: Connection established.
>
> debug1: permanently_set_uid: 0/0
>
> debug1: identity file /root/.ssh/identity type -1
>
> debug1: identity file /root/.ssh/id_rsa type -1
>
> debug1: identity file /root/.ssh/id_dsa type -1
>
> debug1: Remote protocol version 2.0, remote software version OpenSSH_5.2
>
> debug1: match: OpenSSH_5.2 pat OpenSSH*
>
> debug1: Enabling compatibility mode for protocol 2.0
>
> debug1: Local version string SSH-2.0-OpenSSH_5.2
>
> debug2: fd 3 setting O_NONBLOCK
>
> debug1: SSH2_MSG_KEXINIT sent
>
> debug1: SSH2_MSG_KEXINIT received
>
> debug2: kex_parse_kexinit:
> diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,
> diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
>
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
>
> debug2: kex_parse_kexinit:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-c
> bc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at l
> ysator.liu.se
>
> debug2: kex_parse_kexinit:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-c
> bc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at l
> ysator.liu.se
>
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,umac-64 at openssh.com,hmac-ripemd160,hmac-ripemd160 at ope
> nssh.com,hmac-sha1-96,hmac-md5-96
>
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,umac-64 at openssh.com,hmac-ripemd160,hmac-ripemd160 at ope
> nssh.com,hmac-sha1-96,hmac-md5-96
>
> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
>
> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
>
> debug2: kex_parse_kexinit:
>
> debug2: kex_parse_kexinit:
>
> debug2: kex_parse_kexinit: first_kex_follows 0
>
> debug2: kex_parse_kexinit: reserved 0
>
> debug2: kex_parse_kexinit:
> diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,
> diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
>
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
>
> debug2: kex_parse_kexinit:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-c
> bc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at l
> ysator.liu.se
>
> debug2: kex_parse_kexinit:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-c
> bc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at l
> ysator.liu.se
>
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,umac-64 at openssh.com,hmac-ripemd160,hmac-ripemd160 at ope
> nssh.com,hmac-sha1-96,hmac-md5-96
>
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,umac-64 at openssh.com,hmac-ripemd160,hmac-ripemd160 at ope
> nssh.com,hmac-sha1-96,hmac-md5-96
>
> debug2: kex_parse_kexinit: none,zlib at openssh.com
>
> debug2: kex_parse_kexinit: none,zlib at openssh.com
>
> debug2: kex_parse_kexinit:
>
> debug2: kex_parse_kexinit:
>
> debug2: kex_parse_kexinit: first_kex_follows 0
>
> debug2: kex_parse_kexinit: reserved 0
>
> debug2: mac_setup: found hmac-md5
>
> debug1: kex: server->client aes128-ctr hmac-md5 none
>
> debug2: mac_setup: found hmac-md5
>
> debug1: kex: client->server aes128-ctr hmac-md5 none
>
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
>
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
>
> debug2: dh_gen_key: priv key bits set: 114/256
>
> debug2: bits set: 503/1024
>
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
>
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
>
> debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
>
> debug3: check_host_in_hostfile: match line 1
>
> debug1: Host '192.168.1.4' is known and matches the RSA host key.
>
> debug1: Found key in /root/.ssh/known_hosts:1
>
> debug2: bits set: 503/1024
>
> debug1: ssh_rsa_verify: signature correct
>
> debug2: kex_derive_keys
>
> debug2: set_newkeys: mode 1
>
> debug1: SSH2_MSG_NEWKEYS sent
>
> debug1: expecting SSH2_MSG_NEWKEYS
>
> debug2: set_newkeys: mode 0
>
> debug1: SSH2_MSG_NEWKEYS received
>
> debug1: SSH2_MSG_SERVICE_REQUEST sent
>
> debug2: service_accept: ssh-userauth
>
> debug1: SSH2_MSG_SERVICE_ACCEPT received
>
> debug2: key: /root/.ssh/identity ((nil))
>
> debug2: key: /root/.ssh/id_rsa ((nil))
>
> debug2: key: /root/.ssh/id_dsa ((nil))
>
> debug1: Authentications that can continue:
> publickey,gssapi-with-mic,password
>
> debug3: start over, passed a different list
> publickey,gssapi-with-mic,password
>
> debug3: preferred
> gssapi-with-mic,publickey,keyboard-interactive,password
>
> debug3: authmethod_lookup gssapi-with-mic
>
> debug3: remaining preferred: publickey,keyboard-interactive,password
>
> debug3: authmethod_is_enabled gssapi-with-mic
>
> debug1: Next authentication method: gssapi-with-mic
>
> debug3: Trying to reverse map address 192.168.1.4.
>
> debug1: An invalid name was supplied
>
> Cannot determine realm for numeric host address
Try 'UseDNS no' in /etc/ssh/sshd_config on the host
-serge
More information about the lxc-users
mailing list