Project

General

Profile

Actions

Bug #18611

closed

Unable to connect to libvirt server using password, requires ssh key

Added by Marek Hulán almost 8 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Fixed in Releases:
Found in Releases:

Description

Originally reported at https://github.com/theforeman/foreman_virt_who_configure/issues/17

# virt-who --one-shot --debug
2017-02-17 17:10:05,169 [virtwho.init WARNING] MainProcess(27378):MainThread @config.py:checkOptions:328 - Password authentication doesn't work with ssh transport on libvirt backend, copy your public ssh key to the remote machine
2017-02-17 17:10:05,169 [virtwho.init DEBUG] MainProcess(27378):MainThread @executor.py:__init__:66 - Using config named 'virt-who-config-2'
2017-02-17 17:10:05,169 [virtwho.init INFO] MainProcess(27378):MainThread @main.py:main:165 - Using configuration "virt-who-config-2" ("libvirt" mode)
2017-02-17 17:10:05,169 [virtwho.init INFO] MainProcess(27378):MainThread @main.py:main:167 - Using reporter_id='<hidden.-162c36e5653242ecaf1e49629c311950'
2017-02-17 17:10:05,204 [virtwho.virt-who-config-2 DEBUG] Libvirtd-1(27384):MainThread @virt.py:run:379 - Virt backend 'virt-who-config-2' started
2017-02-17 17:10:05,204 [virtwho.virt-who-config-2 INFO] Libvirtd-1(27384):MainThread @libvirtd.py:_get_url:125 - Protocol is not specified in libvirt url, using qemu+ssh://
2017-02-17 17:10:05,205 [virtwho.virt-who-config-2 INFO] Libvirtd-1(27384):MainThread @libvirtd.py:_get_url:136 - Libvirt path is not specified in the url, using /system
2017-02-17 17:10:05,205 [virtwho.virt-who-config-2 INFO] Libvirtd-1(27384):MainThread @libvirtd.py:_connect:157 - Using libvirt url: qemu+ssh://root@<hidden>/system?no_tty=1
2017-02-17 17:10:05,415 [virtwho.virt-who-config-2 ERROR] Libvirtd-1(27384):MainThread @libvirtd.py:_connect:165 - Error in libvirt backend
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/virtwho/virt/libvirtd/libvirtd.py", line 161, in _connect
    v = libvirt.openAuth(url, auth, libvirt.VIR_CONNECT_RO)
  File "/usr/lib64/python2.7/site-packages/libvirt.py", line 105, in openAuth
    if ret is None:raise libvirtError('virConnectOpenAuth() failed')
libvirtError: Cannot recv data: Host key verification failed.: Connection reset by peer
2017-02-17 17:10:05,417 [virtwho.virt-who-config-2 ERROR] Libvirtd-1(27384):MainThread @virt.py:run:390 - Virt backend 'virt-who-config-2' fails with error: Cannot recv data: Host key verification failed.: Connection reset by peer
2017-02-17 17:10:05,417 [virtwho.virt-who-config-2 DEBUG] Libvirtd-1(27384):MainThread @virt.py:enqueue:372 - Report for config "virt-who-config-2" gathered, putting to queue for sending
2017-02-17 17:10:05,423 [virtwho.virt-who-config-2 DEBUG] Libvirtd-1(27384):MainThread @virt.py:run:400 - Virt backend 'virt-who-config-2' stopped after sending one report
2017-02-17 17:10:05,424 [virtwho.main WARNING] MainProcess(27378):MainThread @executor.py:run:252 - Unable to collect report for config "virt-who-config-2" 
2017-02-17 17:10:05,425 [virtwho.main DEBUG] MainProcess(27378):MainThread @__main__.py:main:23 - virt-who terminated
2017-02-17 17:10:05,425 [virtwho.main DEBUG] MainProcess(27378):MainThread @executor.py:terminate:308 - virt-who is shutting down

My config:

yum install -y virt-who
cr_password=`virt-who-password --password <hidden> 2> /dev/null`
user_password=`virt-who-password --password "uHCscz2QtEHY5VhH" 2> /dev/null`

cat > /etc/virt-who.d/virt-who-config-2.conf << EOF
[virt-who-config-2]
type=libvirt
hypervisor_id=hostname
owner=Default Organization
env=Library
server=<hidden>
username=root
encrypted_password=$cr_password
rhsm_hostname=https://<hidden>
rhsm_username=virt_who_reporter_2
rhsm_encrypted_password=$user_password
rhsm_prefix=/rhsm
EOF

cat > /etc/cron.d/virt-who-config-virt-who-config-2 << EOF
0 * * * * virt-who --one-shot --debug --config=/etc/virt-who.d/virt-who-config-2.conf 
EOF

I found the problem, the libvirt backend doesnt support password as per https://bugzilla.redhat.com/show_bug.cgi?id=1258726

# virt-who --one-shot --config=/etc/virt-who.d/virt-who-config-3.conf 
2017-02-20 14:08:46,898 WARNING: Password authentication doesn't work with ssh transport on libvirt backend, copy your public ssh key to the remote machine
2017-02-20 14:08:46,899 WARNING: Password authentication doesn't work with ssh transport on libvirt backend, copy your public ssh key to the remote machine
After configuring the ssh key for the user as mentioned in the warning above, the permission error is gone and it starts working.

More information about libvirt authentication setup can be found at https://libvirt.org/auth.html#ACL_server_username

Actions #1

Updated by Marek Hulán almost 8 years ago

  • Pull request https://github.com/theforeman/foreman_virt_who_configure/pull/24 added
Actions #2

Updated by Marek Hulán almost 8 years ago

The password should be hidden, or even better replaced by a message that explains that SSH key for this must be installed on target host.

Actions #3

Updated by The Foreman Bot over 7 years ago

  • Assignee set to Marek Hulán
  • Pull request https://github.com/theforeman/foreman_virt_who_configure/pull/49 added
Actions #4

Updated by Marek Hulán over 7 years ago

  • Status changed from New to Ready For Testing
Actions #5

Updated by Marek Hulán over 7 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions

Also available in: Atom PDF