[Lxc-users] Unable to SSH to the containers.

Serge E. Hallyn serue at us.ibm.com
Wed Feb 10 15:20:20 UTC 2010 

Quoting Sai Ram Purandhar-B22305 (B22305 at freescale.com):
> Hi Daniel,
> 
>  
> 
> I tried the same procedure as discussed by you and srikanth. Following
> are the debug prints of ssh client:
> 
>  
> 
> [root at localhost ~]# ssh -vvv 192.168.1.4
> 
> OpenSSH_5.2p1, OpenSSL 1.0.0-fips-beta3 15 Jul 2009
> 
> debug1: Reading configuration data /etc/ssh/ssh_config
> 
> debug1: Applying options for *
> 
> debug2: ssh_connect: needpriv 0
> 
> debug1: Connecting to 192.168.1.4 [192.168.1.4] port 22.
> 
> debug1: Connection established.
> 
> debug1: permanently_set_uid: 0/0
> 
> debug1: identity file /root/.ssh/identity type -1
> 
> debug1: identity file /root/.ssh/id_rsa type -1
> 
> debug1: identity file /root/.ssh/id_dsa type -1
> 
> debug1: Remote protocol version 2.0, remote software version OpenSSH_5.2
> 
> debug1: match: OpenSSH_5.2 pat OpenSSH*
> 
> debug1: Enabling compatibility mode for protocol 2.0
> 
> debug1: Local version string SSH-2.0-OpenSSH_5.2
> 
> debug2: fd 3 setting O_NONBLOCK
> 
> debug1: SSH2_MSG_KEXINIT sent
> 
> debug1: SSH2_MSG_KEXINIT received
> 
> debug2: kex_parse_kexinit:
> diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,
> diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> 
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
> 
> debug2: kex_parse_kexinit:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-c
> bc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at l
> ysator.liu.se
> 
> debug2: kex_parse_kexinit:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-c
> bc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at l
> ysator.liu.se
> 
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,umac-64 at openssh.com,hmac-ripemd160,hmac-ripemd160 at ope
> nssh.com,hmac-sha1-96,hmac-md5-96
> 
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,umac-64 at openssh.com,hmac-ripemd160,hmac-ripemd160 at ope
> nssh.com,hmac-sha1-96,hmac-md5-96
> 
> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
> 
> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
> 
> debug2: kex_parse_kexinit:
> 
> debug2: kex_parse_kexinit:
> 
> debug2: kex_parse_kexinit: first_kex_follows 0
> 
> debug2: kex_parse_kexinit: reserved 0
> 
> debug2: kex_parse_kexinit:
> diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,
> diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> 
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
> 
> debug2: kex_parse_kexinit:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-c
> bc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at l
> ysator.liu.se
> 
> debug2: kex_parse_kexinit:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-c
> bc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at l
> ysator.liu.se
> 
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,umac-64 at openssh.com,hmac-ripemd160,hmac-ripemd160 at ope
> nssh.com,hmac-sha1-96,hmac-md5-96
> 
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,umac-64 at openssh.com,hmac-ripemd160,hmac-ripemd160 at ope
> nssh.com,hmac-sha1-96,hmac-md5-96
> 
> debug2: kex_parse_kexinit: none,zlib at openssh.com
> 
> debug2: kex_parse_kexinit: none,zlib at openssh.com
> 
> debug2: kex_parse_kexinit:
> 
> debug2: kex_parse_kexinit:
> 
> debug2: kex_parse_kexinit: first_kex_follows 0
> 
> debug2: kex_parse_kexinit: reserved 0
> 
> debug2: mac_setup: found hmac-md5
> 
> debug1: kex: server->client aes128-ctr hmac-md5 none
> 
> debug2: mac_setup: found hmac-md5
> 
> debug1: kex: client->server aes128-ctr hmac-md5 none
> 
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
> 
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> 
> debug2: dh_gen_key: priv key bits set: 114/256
> 
> debug2: bits set: 503/1024
> 
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> 
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> 
> debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
> 
> debug3: check_host_in_hostfile: match line 1
> 
> debug1: Host '192.168.1.4' is known and matches the RSA host key.
> 
> debug1: Found key in /root/.ssh/known_hosts:1
> 
> debug2: bits set: 503/1024
> 
> debug1: ssh_rsa_verify: signature correct
> 
> debug2: kex_derive_keys
> 
> debug2: set_newkeys: mode 1
> 
> debug1: SSH2_MSG_NEWKEYS sent
> 
> debug1: expecting SSH2_MSG_NEWKEYS
> 
> debug2: set_newkeys: mode 0
> 
> debug1: SSH2_MSG_NEWKEYS received
> 
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> 
> debug2: service_accept: ssh-userauth
> 
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> 
> debug2: key: /root/.ssh/identity ((nil))
> 
> debug2: key: /root/.ssh/id_rsa ((nil))
> 
> debug2: key: /root/.ssh/id_dsa ((nil))
> 
> debug1: Authentications that can continue:
> publickey,gssapi-with-mic,password
> 
> debug3: start over, passed a different list
> publickey,gssapi-with-mic,password
> 
> debug3: preferred
> gssapi-with-mic,publickey,keyboard-interactive,password
> 
> debug3: authmethod_lookup gssapi-with-mic
> 
> debug3: remaining preferred: publickey,keyboard-interactive,password
> 
> debug3: authmethod_is_enabled gssapi-with-mic
> 
> debug1: Next authentication method: gssapi-with-mic
> 
> debug3: Trying to reverse map address 192.168.1.4.
> 
> debug1: An invalid name was supplied
> 
> Cannot determine realm for numeric host address

Try 'UseDNS no' in /etc/ssh/sshd_config on the host

-serge

More information about the lxc-users mailing list