822340 – There are some typos when virsh connect source guest server with ssh PermitRootLogin disabled

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 822340 - There are some typos when virsh connect source guest server with ssh PermitRootLogin disabled

Summary: There are some typos when virsh connect source guest server with ssh PermitRo...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	libvirt
Sub Component:
Version:	6.3
Hardware:	Unspecified
OS:	Unspecified
Priority:	low
Severity:	low
Target Milestone:	rc
Target Release:	---
Assignee:	Gunannan Ren
QA Contact:	Virtualization Bugs
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2012-05-17 06:18 UTC by Cui Lei
Modified:	2013-02-21 07:13 UTC (History)
CC List:	9 users (show)
Fixed In Version:	libvirt-0.10.0-0rc0.el6
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2013-02-21 07:13:23 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2013:0276	0	normal	SHIPPED_LIVE	Moderate: libvirt security, bug fix, and enhancement update	2013-02-20 21:18:26 UTC

Description Cui Lei 2012-05-17 06:18:53 UTC

Description of problem:
When use virsh -c connect source guest server with ssh PermitRootLogin disabled, there are some typos in pop up warning message
Here is the warning message:

The authenticity of host '10.66.6.214 (10.66.6.214)' can't be established.
RSA key fingerprint is 28:96:e7:fb:a3:0d:2e:bc:07:e2:2c:cc:9d:76:39:30.
Are you sure you want to continue connecting (yes/no)? yes
root.6.214's password:
root.6.214's password:
root.6.214's password:
error: Cannot recv data: Warning: Permanently added '10.66.6.214' (RSA) to the list of known hosts.
Permission denied, please try again.
Permission denied, please try again.
: Connection reset by peerey,gssapi-keyex,gssapi-with-mic,password).

Three typos in the last line:
1. First ':' at the begin of the line should be removed.
2. Each ',' should follow a space.
3. The ')' should be removed, as there is no '(' match with it.

Version-Release number of selected component (if applicable):
virt-v2v-0.8.7-6.el6.x86_64
libguestfs-1.16.19-1.el6.x86_64
libvirt-0.9.10-20.el6.x86_64

How reproducible:
Always.

Steps to Reproduce:
1. Disable root login in source guest server and restart sshd service.
2. Use virt-v2v to connect the source guest server, such as command: "virsh -c qemu+ssh://10.66.6.214/system"
3. Input password three times, then check the pop up warning message.

Actual Results:
Three typos existed in the last line of warning message.

Expected results:
There should be no typos in warning message.

Comment 3 Gunannan Ren 2012-07-18 07:26:42 UTC

The error message should be like:
error: Cannot recv data: Warning: Permanently added '10.66.6.214' (RSA) to the list of known hosts.
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). : Connection reset by peer

The "Connection reset by peer" is from errno set by failed read() operation. what libvirt does is to concatenate the string to the ssh error string with the colon ":".
But because ssh error string ends with a carriage return '\r' before concatenating, it becomes
...
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r :
Connection reset by peer

The terminal interprets '\r' as "move the cursor back to the start of the current line", so the results becomes:
...
: Connection reset by peerey,gssapi-keyex,gssapi-with-mic,password).

the errno string messed up with ssh error string.
What we are gonna do is remove the ending '\r' from ssh error string.

Comment 4 Gunannan Ren 2012-07-18 10:23:44 UTC

patch sent to upstream
https://www.redhat.com/archives/libvir-list/2012-July/msg00724.html

Comment 5 Gunannan Ren 2012-07-19 03:27:08 UTC

commit 5b924be906160ac3db884dfb6a063db83f192e65
Author: Guannan Ren <gren>
Date:   Wed Jul 18 23:02:02 2012 +0800

    rpc: remove trailing whitespace character in error string
    
    Instead of only removing the ending newline character, it is
    better to remove all of standard whitespace character for the
    sake of log format.
    
    One example that we have to do this is:
    After three times incorrect password input, virsh command
    virsh -c qemu://remoteserver/system will report error like:
    
    : Connection reset by peerey,gssapi-keyex,gssapi-with-mic,password).
    
    But it should be:
    Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
    : Connection reset by peer
    
    The reason is that we dropped the newline, but have a '\r' left.
    The terminal interprets it as "move the cursor back to the start
    of the current line", so the error string is messed up.

Comment 7 Huang Wenlong 2012-08-06 06:04:13 UTC

Verify this bug with 
libvirt-0.10.0-0rc0.el6.x86_64

input incorrect passwd 3 times 

# virsh -c qemu+ssh://10.66.5.12/system list
root.5.12's password: 
root.5.12's password: 
root.5.12's password: 
error: Cannot recv data: 2012-08-06 05:58:54.155+0000: 22189: info : libvirt version: 0.10.0, package: 0rc0.el6 (Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>, 2012-08-02-03:44:27, x86-007.build.bos.redhat.com)
2012-08-06 05:58:54.155+0000: 22189: warning : virFileClose:65 : Tried to close invalid fd 7
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).: Connection reset by peer
error: failed to connect to the hypervisor

Comment 8 errata-xmlrpc 2013-02-21 07:13:23 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0276.html

Note You need to log in before you can comment on or make changes to this bug.