This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 448714 - Remote connection over SSH not working with virt-manager
Remote connection over SSH not working with virt-manager
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: Virtualization_Guide (Show other bugs)
5.5
All Linux
low Severity low
: rc
: ---
Assigned To: Christopher Curran
Joshua Wulf
: Documentation
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-05-28 08:19 EDT by Alexander Todorov
Modified: 2014-10-19 18:56 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-04-06 21:41:35 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Alexander Todorov 2008-05-28 08:19:06 EDT
Description of problem:
Remote connection over SSH is not working after configuring according to the
Virt Guide.

Version-Release number of selected component (if applicable):
virt-manager-0.5.3-8.el5
libvirt-0.3.3-7.el5
RHEL5.2

How reproducible:
Always

Steps to Reproduce:
1. Generate ssh key for your desktop user
2. Add the key to /root/.ssh/authorized_keys on the remote host
3. Verify that ssh root@remote-host works without a password
4. In virt-manager create new connection
5. Chose remote tunneling over SSH
6. Type the remote server hostname
  
Actual results:
Unable to open connection to hypervisor URI 'xen+ssh://root@redbull/':
libvirt.libvirtError virConnectOpenReadOnly() failed Connection reset by peer
Traceback (most recent call last):
  File "/usr/share/virt-manager/virtManager/connection.py", line 307, in
_open_thread
    self.vmm = libvirt.openReadOnly(self.uri)
  File "/usr/lib64/python2.4/site-packages/libvirt.py", line 132, in openReadOnly
    if ret is None:raise libvirtError('virConnectOpenReadOnly() failed')
libvirtError: virConnectOpenReadOnly() failed Connection reset by peer


Expected results:
a connection to the remote hypervisor is opened

Additional info:
In my testcase both server and client is the same machine. I used the actual
hostname of the machine rather localhost. Same error happens when using 2
separate machines for client and server.

I have followed strictly the instructions in Virtualization Guide when setting
up the environment.
Comment 2 Daniel Berrange 2008-05-28 10:12:53 EDT
I can't reproduce this problem - works  fine for me, both to and from a RHEL-5
machine.

To a RHEL-5 machine

$ virsh --connect  xen+ssh://root@pumpkin/ list --all
 Id Name                 State
----------------------------------
  0 Domain-0             running
  2 f9x86_64             blocked
  - freeipa              shut off
  - rebootdemo           shut off
  - RHEL51Test           shut off
  - rhel5bug             shut off
  - rhel5fv              shut off
  - rhel5pv              shut off
  - Xen                  shut off

From a RHEL5 machine

$ virsh --connect qemu+ssh://root@10.16.19.138/system list --all
 Id Name                 State
----------------------------------
  - rhel4x86_64          shut off
  - rhel5x86_64          shut off

And even to itself

$ virsh --connect xen+ssh://root@localhost/system list --all
 Id Name                 State
----------------------------------
  0 Domain-0             running
  2 f9x86_64             blocked
  - freeipa              shut off
  - rebootdemo           shut off
  - RHEL51Test           shut off
  - rhel5bug             shut off
  - rhel5fv              shut off
  - rhel5pv              shut off
  - Xen                  shut off



Please verify that the  libvirtd daemon is running on the server being connected
to, and use lsof to verify it is listening for connections on
/var/run/libvirt/libvirt-sock


Comment 3 Alexander Todorov 2008-05-28 10:28:06 EDT
All of the above is correct. virsh --connect works but virtual-manager (the GUI)
doesn't work. Changing summary to reflect that.

Also libvirtd is listening on the above mentioned socket.
Comment 4 Daniel Berrange 2008-05-28 11:04:19 EDT
Ok, with virt-manager things are a little more complicated.  For managing the
local instance, we run virt-manager via console-helper, which makes it switch to
root.  console-helper scrubs all environment variables though, so it won't be
able to access your SSH-agent. So if using  SSH connections, you want to select
'Run unprivileged' when virt-manager starts up
Comment 5 Alexander Todorov 2008-05-29 04:41:18 EDT
Ahh, this worked (connected at least). 
However I haven't seen nothing about it in the documentation. Changing component
to Virtualization_Guide to request documenting this.

Under Administration/Remote management of Virtualized Guests/Remote management
with SSH

<quote>
If you are using virt-manager (the GUI) select the option 'run unprivileged' in
order for the remote connection to work.
</quote>
Comment 6 RHEL Product and Program Management 2008-07-10 12:01:32 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 7 RHEL Product and Program Management 2008-10-27 14:20:55 EDT
This request was previously evaluated by Red Hat Product Management
for inclusion in the current Red Hat Enterprise Linux release, but
Red Hat was unable to resolve it in time.  This request will be
reviewed for a future Red Hat Enterprise Linux release.
Comment 8 Msquared 2009-04-08 03:08:38 EDT
I think I have found another solution that should be documented.

The original poster may have run virt-manager as a normal user, but authenticated as root.

The solution is to make sure that your local machine's root user can ssh to the remote xen server's root account without prompts or passwords.

This means adding the remote server's host key to your local machine's /etc/known_hosts or /root/.ssh/known_hosts, and add your local machine's root user's public key to the remote server's root's authorized_keys file.

(Actually, I'm pretty sure you don't have to set up password-less login, since virt-manager will happily ask for the password, but it sure makes things easier if you do!  I think that just adding the remote host's ssh host key to known_hosts is sufficient to stop this problem from occurring.)
Comment 9 Abed-nego G. Escobal, Jr. 2010-02-17 23:11:35 EST
I had the very exact description, steps and results as indicated in comment 1.

I can confirm the solution on comment 8. I logged in as a normal user but authenticated as root on virt-manager's prompt.
Comment 10 Christopher Curran 2010-03-03 01:03:37 EST
Fixed and expanded in build 92. This will be public for 5.5.

Chris

Note You need to log in before you can comment on or make changes to this bug.