Yalan Zhang
2022-Feb-10 01:52 UTC
qemu+ssh connections to a remote libvirt fail as ssh banner configured
Hi there,
I have a system configured with ssh login banner like as below:
# cat ~/.bashrc
...
echo
"================================================================================="
echo "====== This machine is occupied by xxx for testing now. If you are
about to use it, contact xxx first ======"
echo
"================================================================================="
It works as expected that whenever someone logs into this system by ssh,
he/she will see this warning message.
But it seems such settings will impact a virsh client connection with ssh,
when I try to connect the libvirt daemon on this system, it will error out :
# virsh -c qemu+ssh://${my_host}/system list --all
root@${my_host}'s password:
error: failed to connect to the hypervisor
error: packet 1027423545 bytes received from server too large, want 33554432
I have searched and found some related explanations[1], and [2] says "The
virsh man page doesn't mention ssh, so it sounds like the file
/usr/share/doc/libvirt-doc/remote.html shipped with libvirt-doc could use a
patch mentioning this."
But I can not find anything about this currently on
file:///usr/share/doc/libvirt-docs/html/remote.html.
Could we have this documented for reference with all the possibilities?
Thank you!
[1]
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/868753/comments/17
[2]
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/868753/comments/14
-------
Best Regards,
Yalan Zhang
IRC: yalzhang
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://listman.redhat.com/archives/libvirt-users/attachments/20220210/17016359/attachment.htm>
Daniel P. Berrangé
2022-Feb-10 08:02 UTC
qemu+ssh connections to a remote libvirt fail as ssh banner configured
On Thu, Feb 10, 2022 at 09:52:52AM +0800, Yalan Zhang wrote:> Hi there, > > I have a system configured with ssh login banner like as below: > # cat ~/.bashrc > ... > echo > "=================================================================================" > echo "====== This machine is occupied by xxx for testing now. If you are > about to use it, contact xxx first ======" > echo > "=================================================================================" > > It works as expected that whenever someone logs into this system by ssh, > he/she will see this warning message. > But it seems such settings will impact a virsh client connection with ssh, > when I try to connect the libvirt daemon on this system, it will error out : > # virsh -c qemu+ssh://${my_host}/system list --all > root@${my_host}'s password: > error: failed to connect to the hypervisor > error: packet 1027423545 bytes received from server too large, want 33554432Libvirt is tunnelling an RPC protocol over the SSH connection. Your bashrc is printing this text onto the SSH conmnection and that corrupts the libvirt RPC protocol. If you want to print something whjen people login use the /etc/motd file which is designed for this pupose, don't print stuff from a .bashrc. Libvirt gives the options to SSH that prevent display of /etc/motd contents, so that its RPC protocol doesn't get corrupted. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|