Istvan,
- "Pongracz Istvan" wrote:
> 2009. 01. 21, szerda keltezéssel 21.35-kor Pongracz Istvan ezt írta:
>
> > I am installing a native debian lenny at this moment to check the
> > "normal" situation. I spoke with the debian maintener, who told me,
> > sshproxy should work without any problem. So, at least in openvz
> > container it is not working.
>
> Yes, inside a normal debian installation (under virtualbox in my
> laptop)
> it is working well.
>
> Under openvz it is not working.
>
> Could someone help in this kind of situation, what to check or
> modify?
> Anyway, I use ProxmoxVE and its previous kernel (2.6.24-1-pve).
>
> Thank you in advance,
> István
>
>
>
> Here is the relevant syslog from the VE:
>
>
> Jan 21 22:04:00 testve sshproxyd[4120] Loaded plugin ini_db
> Jan 21 22:04:00 testve sshproxyd[4120] Loaded plugin sipc
> Jan 21 22:04:00 testve sshproxyd[4120] Loaded plugin
> get_client_scripts
> Jan 21 22:04:00 testve sshproxyd[4120] Initialized plugin ini_db
> Jan 21 22:04:23 testve sshproxyd[4127] Loaded plugin ini_db
> Jan 21 22:04:23 testve sshproxyd[4127] Loaded plugin sipc
> Jan 21 22:04:23 testve sshproxyd[4127] Loaded plugin
> get_client_scripts
> Jan 21 22:04:23 testve sshproxyd[4127] Listening for connection ...
> Jan 21 22:04:23 testve sshproxyd[4130] sshproxy starting
> Jan 21 22:04:23 testve sshproxyd[4130] Initialized plugin ini_db
> Jan 21 22:04:30 testve sshproxyd[4130] Got a connection!
> Jan 21 22:04:30 testve sshproxyd[4132] Serving ('127.0.0.1', 36267)
> Jan 21 22:04:30 testve sshproxyd[4132] IPC: Connecting to server
> #000sshproxy-control#000
> Jan 21 22:04:30 testve sshproxyd[4130] IPC: Accepting new client
> Jan 21 22:04:30 testve sshproxyd[4132] starting thread (server mode):
> 0x83608ecL
> Jan 21 22:04:30 testve sshproxyd[4132] Connected (version 2.0, client
> OpenSSH_5.1p1)
> Jan 21 22:04:30 testve sshproxyd[4132] kex
> algos:['diffie-hellman-group-exchange-sha256',
> 'diffie-hellman-group-exchange-sha1', 'diffie-hellman-group14-sha1',
> 'diffie-hellman-group1-sha1'] server key:['ssh-rsa', 'ssh-dss']
> client
> encrypt:['aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc',
> 'arcfour128', 'arcfour256', 'arcfour', 'aes192-cbc', 'aes256-cbc',
> 'rijndael-...@lysator.liu.se', 'aes128-ctr', 'aes192-ctr',
> 'aes256-ctr']
> server encrypt:['aes128-cbc', '3des-cbc', 'blowfish-cbc',
> 'cast128-cbc',
> 'arcfour128', 'arcfour256', 'arcfour', 'aes192-cbc', 'aes256-cbc',
> 'rijndael-...@lysator.liu.se', 'aes128-ctr', 'aes192-ctr',
> 'aes256-ctr']
> client mac:['hmac-md5', 'hmac-sha1', 'umac...@openssh.com',
> 'hmac-ripemd160', 'hmac-ripemd...@openssh.com', 'hmac-sha1-96',
> 'hmac-md5-96'] server mac:['hmac-md5', 'hmac-sha1',
> 'umac...@openssh.com', 'hmac-ripemd160',
> 'hmac-ripemd...@openssh.com',
> 'hmac-sha1-96', 'hmac-md5-96'] client compress:['none',
> 'z...@openssh.com', 'zlib'] server compress:['none',
> 'z...@openssh.com',
> 'zlib'] client lang:[''] server lang:[''] kex follows?False
> Jan 21 22:04:30 testve sshproxyd[4132] Ciphers agreed:
> local=aes128-cbc,
> remote=aes128-cbc
> Jan 21 22:04:30 testve sshproxyd[4132] using kex
> diffie-hellman-group-exchange-sha1; server key type ssh-dss; cipher:
> local aes128-cbc, remote aes128-cbc; mac: local hmac-md5, remote
> hmac-md5; compression: local none, remote none
> Jan 21 22:04:30 testve sshproxyd[4132] Picking p (1024 <= 1024 <=
> 8192
> bits)
> Jan 21 22:04:30 testve sshproxyd[4132] Switch to new keys ...
> Jan 21 22:04:30 testve sshproxyd[4132] Auth request (type=none)
> service=ssh-connection, username=pongraczi
> Jan 21 22:04:30 testve sshproxyd[4132] Auth rejected (none).
> Jan 21 22:04:33 testve sshproxyd[4132] Auth request (type=password)
> service=ssh-connection, username=pongraczi
> Jan 21 22:04:33 testve sshproxyd[4130] ACL authenticate True
> 'client.username == "adminuser"'
> Jan 21 22:04:33 testve sshproxyd[4132] Auth granted (password).
> Jan 21 22:04:33 testve sshproxyd[4132] check_channel_request session
> 1
> Jan 21 22:04:33 testve sshproxyd[4132] [chan 1] Max packet in: 34816
> bytes
> Jan 21 22:04:33 testve sshproxyd[4132] [chan 1] Max packet out: 16384
> bytes
> Jan 21 22:04:33 testve sshproxyd[4132] Secsh channel 1 (session)
> opened.
> Jan 21 22:04:33 testve sshproxyd[4132] check_channel_shell_request
> Jan 21 22:04:33 testve sshproxyd[4132] Authenticated pongraczi
> Jan 21 22:04:33 testve sshproxyd[4130] ACL console_session True
> 'client.username == "adminuser"'
> Jan 21 22:04:33 testve sshproxyd[4148] IPC: Connecting to server
> #000sshproxy-control-4132#000
> Jan 21 22:04:33 testve sshproxyd[4132] IPC: Accepting new client
> Jan 21 22:04:33 testve sshproxyd[4132] ACL admin True
> 'client.username
> == "adminuser"'
> Jan 21 22:04:33 testve sshproxyd[4132] ACL: True 'client.username ==
> "adminuser"'
> Jan 21 22:04:33 testve sshproxyd[4132] ACL: True 'client.username ==
> "adminuser"'
> Jan 21 22:04:33 testve sshproxyd[4132] ACL: True 'admin'
> Jan 21 22:04:33 testve sshpro