Hi. I have an Ovirt 4.4.10 system - its a standalone setup (not hosted engine) - ovirt-vmconsole-proxy-sshd is running on the engine.
Presently I just cannot connect via port 2222. I have never been able to connect via serial console and require help connecting, pretty sure its due to not using the right key/cert .. I have tried to follow something like this -> https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.3/html-single/virtual_machine_management_guide/index#Opening_a_Serial_Console_to_a_Virtual_Machine i.e I created a serialconsole key - added to my user in Ovirt UI (as my user 'mcox') however if I try # ssh -t -i /home/mcox/.ssh/ -p 2222 ng2-ovirt-mgmt1 -l ovirt-vmconsole I get ovirt-vmconsole@10.168.69.200: Permission denied (publickey). I get in ovirt-vmconsole-proxy-sshd logs "May 10 15:54:37 ng2-ovirt-mgmt1 ovirt-vmconsole[301584]: 2023-05-10 15:54:37,221+0000 ovirt-vmconsole-list: ERROR main:265 Error: <urlopen error [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:897)> May 10 15:54:37 ng2-ovirt-mgmt1 ovirt-vmconsole-proxy-keys[301580]: ERROR Key list execution failed rc=1 May 10 15:54:37 ng2-ovirt-mgmt1 sshd[301578]: AuthorizedKeysCommand /usr/libexec/ovirt-vmconsole-proxy-keys ovirt-vmconsole failed, status 1 May 10 15:54:37 ng2-ovirt-mgmt1 ovirt-vmconsole[301589]: 2023-05-10 15:54:37,543+0000 ovirt-vmconsole-list: ERROR main:265 Error: <urlopen error [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:897)> May 10 15:54:37 ng2-ovirt-mgmt1 ovirt-vmconsole-proxy-keys[301585]: ERROR Key list execution failed rc=1 May 10 15:54:37 ng2-ovirt-mgmt1 sshd[301578]: AuthorizedKeysCommand /usr/libexec/ovirt-vmconsole-proxy-keys ovirt-vmconsole failed, status 1 May 10 15:54:37 ng2-ovirt-mgmt1 sshd[301578]: Connection closed by authenticating user ovirt-vmconsole 10.88.1.105 port 52858 [preauth]" Am I using the right key ? I have tried to troubleshoot this - if I use # /usr/libexec/ovirt-vmconsole-proxy-keys list ERROR: Internal error If it helps here is : /usr/share/ovirt-vmconsole/ovirt-vmconsole-proxy/ovirt-vmconsole-proxy-sshd/sshd_config ------------ AllowAgentForwarding no #AllowStreamLocalForwarding no AllowTcpForwarding no AllowUsers ovirt-vmconsole AuthorizedKeysCommand /usr/libexec/ovirt-vmconsole-proxy-keys AuthorizedKeysCommandUser ovirt-vmconsole ChallengeResponseAuthentication no ClientAliveCountMax 3 ClientAliveInterval 10 GSSAPIAuthentication no HostCertificate /etc/pki/ovirt-vmconsole/proxy-ssh_host_rsa-cert.pub HostKey /etc/pki/ovirt-vmconsole/proxy-ssh_host_rsa HostbasedAuthentication no KbdInteractiveAuthentication no KerberosAuthentication no PasswordAuthentication no #PermitUserRC no PidFile /dev/null Port 2222 Protocol 2 PubkeyAuthentication yes TrustedUserCAKeys /etc/pki/ovirt-vmconsole/ca.pub X11Forwarding no ------------ _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/NFX5WGJLHXZZE45SNCIS7IUHDQWKUXEW/
