[Lxc-users] Broken pipe when ssh from host to container

Verdi March cincaipatron at gmx.net
Thu Dec 15 09:51:55 UTC 2011


As additional info, the network configuration of the container is as
follows:

lxc.network.type = veth                                                                       
lxc.network.flags = up                                                                        
lxc.network.link = br0                                                                        
lxc.network.name = eth0                                                                       
lxc.network.mtu = 1500

Regards,
Verdi

-------- Original-Nachricht --------
> Datum: Thu, 15 Dec 2011 07:21:06 +0100
> Von: "Verdi March" <cincaipatron at gmx.net>
> An: lxc-users at lists.sourceforge.net
> Betreff: [Lxc-users] Broken pipe when ssh from host to container

> Hi,
> 
> I setup a container on Ubuntu 10.04, using kernel 3.0 (backported from
> oneiric) and lxc 0.7.5.
> 
> If I ssh from the host to the container, my session will be terminated
> in about 5 seconds with a error message "Write failed: broken pipe".
> Ssh keep alive doesn't seem to be the issue, as I've enabled/set all
> relevant options.
> 
> Interestingly, if I ssh from another machine rather from the host, I do
> not encounter this issue.
> 
> Any insight on solving this problem is appreciated.
> 
> ps. I'm including the debug output of ssh -vvv for your reference.
> 
> ===================== begin ssh log ========================
> verdi.march at opencirrus-07308:~$ ssh -vvv root at 198.55.37.111
> OpenSSH_5.3p1 Debian-3ubuntu7, OpenSSL 0.9.8k 25 Mar 2009
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug2: ssh_connect: needpriv 0
> debug1: Connecting to 198.55.37.111 [198.55.37.111] port 22.
> debug1: Connection established.
> debug1: identity file /home/verdi.march/.ssh/identity type -1
> debug1: identity file /home/verdi.march/.ssh/id_rsa type -1
> debug1: identity file /home/verdi.march/.ssh/id_dsa type -1
> debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1
> Debian-5
> debug1: match: OpenSSH_5.1p1 Debian-5 pat OpenSSH*
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu7
> debug2: fd 3 setting O_NONBLOCK
> debug1: SSH2_MSG_KEXINIT sent
> debug3: Wrote 792 bytes for a total of 831
> debug1: SSH2_MSG_KEXINIT received
> debug2: kex_parse_kexinit:
> diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
> debug2: kex_parse_kexinit:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
> debug2: kex_parse_kexinit:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,umac-64 at openssh.com,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,umac-64 at openssh.com,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
> debug2: kex_parse_kexinit: 
> debug2: kex_parse_kexinit: 
> debug2: kex_parse_kexinit: first_kex_follows 0 
> debug2: kex_parse_kexinit: reserved 0 
> debug2: kex_parse_kexinit:
> diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,umac-64 at openssh.com,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,umac-64 at openssh.com,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none,zlib at openssh.com
> debug2: kex_parse_kexinit: none,zlib at openssh.com
> debug2: kex_parse_kexinit: 
> debug2: kex_parse_kexinit: 
> debug2: kex_parse_kexinit: first_kex_follows 0 
> debug2: kex_parse_kexinit: reserved 0 
> debug2: mac_setup: found hmac-md5
> debug1: kex: server->client aes128-ctr hmac-md5 none
> debug2: mac_setup: found hmac-md5
> debug1: kex: client->server aes128-ctr hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug3: Wrote 24 bytes for a total of 855
> debug2: dh_gen_key: priv key bits set: 139/256
> debug2: bits set: 537/1024
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug3: Wrote 144 bytes for a total of 999
> debug3: check_host_in_hostfile: filename
> /home/verdi.march/.ssh/known_hosts
> debug3: check_host_in_hostfile: match line 1
> debug1: Host '198.55.37.111' is known and matches the RSA host key.
> debug1: Found key in /home/verdi.march/.ssh/known_hosts:1
> debug2: bits set: 516/1024
> debug1: ssh_rsa_verify: signature correct
> debug2: kex_derive_keys
> debug2: set_newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug3: Wrote 16 bytes for a total of 1015
> debug2: set_newkeys: mode 0
> debug1: SSH2_MSG_NEWKEYS received
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug3: Wrote 48 bytes for a total of 1063
> debug2: service_accept: ssh-userauth
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug2: key: /home/verdi.march/.ssh/identity ((nil))
> debug2: key: /home/verdi.march/.ssh/id_rsa ((nil))
> debug2: key: /home/verdi.march/.ssh/id_dsa ((nil))
> debug3: Wrote 64 bytes for a total of 1127
> debug1: Authentications that can continue: publickey,password
> debug3: start over, passed a different list publickey,password
> debug3: preferred
> gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive,password
> debug3: authmethod_lookup publickey
> debug3: remaining preferred: keyboard-interactive,password
> debug3: authmethod_is_enabled publickey
> debug1: Next authentication method: publickey
> debug1: Trying private key: /home/verdi.march/.ssh/identity
> debug3: no such identity: /home/verdi.march/.ssh/identity
> debug1: Trying private key: /home/verdi.march/.ssh/id_rsa
> debug3: no such identity: /home/verdi.march/.ssh/id_rsa
> debug1: Trying private key: /home/verdi.march/.ssh/id_dsa
> debug3: no such identity: /home/verdi.march/.ssh/id_dsa
> debug2: we did not send a packet, disable method
> debug3: authmethod_lookup password
> debug3: remaining preferred: ,password
> debug3: authmethod_is_enabled password
> debug1: Next authentication method: password
> root at 198.55.37.111's password: 
> debug3: packet_send2: adding 48 (len 63 padlen 17 extra_pad 64)
> debug2: we sent a password packet, wait for reply
> debug3: Wrote 144 bytes for a total of 1271
> debug1: Authentication succeeded (password).
> debug1: channel 0: new [client-session]
> debug3: ssh_session2_open: channel_new: 0
> debug2: channel 0: send open
> debug1: Requesting no-more-sessions at openssh.com
> debug1: Entering interactive session.
> debug3: Wrote 128 bytes for a total of 1399
> debug2: callback start
> debug2: client_session2_setup: id 0
> debug2: channel 0: request pty-req confirm 1
> debug1: Sending environment.
> debug3: Ignored env SHELL
> debug3: Ignored env TERM
> debug3: Ignored env SSH_CLIENT
> debug3: Ignored env SSH_TTY
> debug1: Sending env LC_ALL = en_US.UTF-8
> debug2: channel 0: request env confirm 0
> debug3: Ignored env USER
> debug3: Ignored env LS_COLORS
> debug3: Ignored env PATH
> debug3: Ignored env MAIL
> debug3: Ignored env PWD
> debug1: Sending env LANG = en_US.UTF-8
> debug2: channel 0: request env confirm 0
> debug3: Ignored env SHLVL
> debug3: Ignored env HOME
> debug3: Ignored env LANGUAGE
> debug3: Ignored env LOGNAME
> debug3: Ignored env SSH_CONNECTION
> debug1: Sending env LC_CTYPE = C
> debug2: channel 0: request env confirm 0
> debug3: Ignored env LESSOPEN
> debug3: Ignored env LESSCLOSE
> debug3: Ignored env _
> debug2: channel 0: request shell confirm 1
> debug2: fd 3 setting TCP_NODELAY
> debug2: callback done
> debug2: channel 0: open confirm rwindow 0 rmax 32768
> debug3: Wrote 576 bytes for a total of 1975
> debug2: channel_input_status_confirm: type 99 id 0
> debug2: PTY allocation request accepted on channel 0
> debug2: channel 0: rcvd adjust 2097152
> debug2: channel_input_status_confirm: type 99 id 0
> debug2: shell request accepted on channel 0
> Last login: Thu Dec 15 05:22:09 2011 from 203.30.38.226
> Linux opencirrus-07308-c001 3.0.0-13-server #22~lucid1-Ubuntu SMP Thu Nov
> 3 14:46:55 UTC 2011 x86_64
> 
> The programs included with the Debian GNU/Linux system are free software;
> the exact distribution terms for each program are described in the
> individual files in /usr/share/doc/*/copyright.
> 
> Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
> permitted by applicable law.
> opencirrus-07308-c001:~# debug1: client_input_channel_req: channel 0 rtype
> keepalive at openssh.com reply 1
> debug3: Wrote 32 bytes for a total of 2007
> debug1: client_input_channel_req: channel 0 rtype keepalive at openssh.com
> reply 1
> debug3: Wrote 32 bytes for a total of 2039
> debug1: client_input_channel_req: channel 0 rtype keepalive at openssh.com
> reply 1
> debug3: Wrote 32 bytes for a total of 2071
> debug3: Wrote -1 bytes for a total of 2071
> Write failed: Broken pipe
> ===================== end ssh log ========================
> 
> Regards,
> Verdi
> 
> -- 
> NEU: FreePhone - 0ct/min Handyspartarif mit Geld-zurück-Garantie!		
> Jetzt informieren: http://www.gmx.net/de/go/freephone
> 
> ------------------------------------------------------------------------------
> 10 Tips for Better Server Consolidation
> Server virtualization is being driven by many needs.  
> But none more important than the need to reduce IT complexity 
> while improving strategic productivity.  Learn More! 
> http://www.accelacomm.com/jaw/sdnl/114/51507609/
> _______________________________________________
> Lxc-users mailing list
> Lxc-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-users

-- 
NEU: FreePhone - 0ct/min Handyspartarif mit Geld-zurück-Garantie!		
Jetzt informieren: http://www.gmx.net/de/go/freephone




More information about the lxc-users mailing list