qemu+ssh connections to a remote libvirt fail as ssh banner configured
Michal Prívozník
mprivozn at redhat.com
Thu Feb 10 08:33:38 UTC 2022
On 2/10/22 09:02, Daniel P. Berrangé wrote:
> On Thu, Feb 10, 2022 at 09:52:52AM +0800, Yalan Zhang wrote:
>> Hi there,
>>
>> I have a system configured with ssh login banner like as below:
>> # cat ~/.bashrc
>> ...
>> echo
>> "================================================================================="
>> echo "====== This machine is occupied by xxx for testing now. If you are
>> about to use it, contact xxx first ======"
>> echo
>> "================================================================================="
>>
>> It works as expected that whenever someone logs into this system by ssh,
>> he/she will see this warning message.
>> But it seems such settings will impact a virsh client connection with ssh,
>> when I try to connect the libvirt daemon on this system, it will error out :
>> # virsh -c qemu+ssh://${my_host}/system list --all
>> root@${my_host}'s password:
>> error: failed to connect to the hypervisor
>> error: packet 1027423545 bytes received from server too large, want 33554432
>
> Libvirt is tunnelling an RPC protocol over the SSH connection.
> Your bashrc is printing this text onto the SSH conmnection and
> that corrupts the libvirt RPC protocol.
>
> If you want to print something whjen people login use the
> /etc/motd file which is designed for this pupose, don't
> print stuff from a .bashrc. Libvirt gives the options to
> SSH that prevent display of /etc/motd contents, so that
> its RPC protocol doesn't get corrupted.
One more thing, I wasn't able to reproduce when virt-ssh-helper was
used. But maybe I wasn't trying hard enough.
Michal
More information about the libvirt-users
mailing list