Hi!
I have a KVM guest called "streeling" running on physical host "trantor".
I can easily ssh to "trantor", and from there ssh to "streeling", put I cannot
seem to be able to set the port forward properly to ssh directly to "streeling"
("Connection refused"). This should be simple enough to follow through:
seldon@anacreon:~ $ head .ssh/config
Host streeling
Hostname 10.0.75.192
Port 4077
User root
Host trantor
Hostname 10.0.75.192
ForwardX11=yes
User seldon
seldon@anacreon:~ $ ssh streeling
ssh: connect to host 10.0.75.192 port 4077: Connection refused
seldon@anacreon:~ $ ssh trantor
Last login: Thu Apr 28 09:31:52 2016 from 10.0.75.177
seldon@trantor:~ $ sudo virsh list
Id Name State
----------------------------------------------------
2 streeling running
3 mycogen running
4 dahl running
seldon@trantor:~ $ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp4s1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
qlen 1000
link/ether 6c:62:6d:6a:ab:fc brd ff:ff:ff:ff:ff:ff
inet 10.0.75.192/24 brd 10.0.75.255 scope global enp4s1
valid_lft forever preferred_lft forever
inet6 fe80::6e62:6dff:fe6a:abfc/64 scope link
valid_lft forever preferred_lft forever
3: virbr1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 52:54:00:0d:4a:73 brd ff:ff:ff:ff:ff:ff
inet 192.168.128.1/24 brd 192.168.128.255 scope global virbr1
valid_lft forever preferred_lft forever
4: virbr1-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr1
state DOWN qlen 500
link/ether 52:54:00:0d:4a:73 brd ff:ff:ff:ff:ff:ff
5: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master
virbr1 state UNKNOWN qlen 500
link/ether fe:54:00:89:ac:bc brd ff:ff:ff:ff:ff:ff
inet6 fe80::fc54:ff:fe89:acbc/64 scope link
valid_lft forever preferred_lft forever
seldon@trantor:~ $ getenforce
Enforcing
seldon@trantor:~ $ sudo grep "Port" /etc/ssh/sshd_config
Port 22
Port 4077
seldon@trantor:~ $ sudo semanage port -l | grep ssh
ssh_port_t tcp 4077, 22
seldon@trantor:~ $ cat /proc/sys/net/ipv4/ip_forward
1
seldon@trantor:~ $ head -4 .ssh/config
Host streeling
Hostname 192.168.128.128
User root
seldon@trantor:~ $ sudo firewall-cmd --list-all
public (default, active)
interfaces: enp4s1
sources:
services: ssh
ports: 4077/tcp
masquerade: yes
forward-ports: port=4077:proto=tcp:toport=22:toaddr=192.168.128.128
icmp-blocks:
rich rules:
seldon@trantor:~ $ ssh streeling
Last login: Thu Apr 28 09:10:57 2016 from 192.168.128.1
root@streeling:~ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group
default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP
group default qlen 1000
link/ether 52:54:00:89:ac:bc brd ff:ff:ff:ff:ff:ff
inet 192.168.128.128/24 brd 192.168.128.255 scope global ens3
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fe89:acbc/64 scope link
valid_lft forever preferred_lft forever
What should I do?
Regards,
Benjamin Lefoul
