Re: [ovirt-users] Importing Libvirt Kvm Vms to oVirt Status: Released in oVirt 4.2 using ssh - Failed to communicate with the external provider

2018-02-09 Thread maoz zadok
Renout, Thank you! now it works :-) it makes sense.

On Fri, Feb 9, 2018 at 12:03 PM, Renout Gerrits  wrote:

> Hi Maoz,
>
> You should not be using the engine and not the root user for the ssh keys.
> The actions are delegated to a host and the vdsm user. So you should set-up
> ssh keys for the vdsm user on one or all of the hosts (remember to select
> this host as proxy host in the gui). Probably the documentation should be
> updated to make this more clear.
>
> 1. Make the keygen for vdsm user:
>
># sudo -u vdsm ssh-keygen
>
> 2.Do the first login to confirm the fingerprints using "yes":
>
># sudo -u vdsm ssh r...@xxx.xxx.xxx.xxx
>
> 3. Then copy the key to the KVm host running the vm:
>
># sudo -u vdsm ssh-copy-id r...@xxx.xxx.xxx.xxx
>
> 4. Now verify is vdsm can login without password or not:
>
># sudo -u vdsm ssh r...@xxx.xxx.xxx.xxx
>
>
> On Thu, Feb 8, 2018 at 3:12 PM, Petr Kotas  wrote:
>
>> You can generate one :). There are different guides for different
>> platforms.
>>
>> The link I sent is the good start on where to put the keys and how to set
>> it up.
>>
>> Petr
>>
>> On Thu, Feb 8, 2018 at 3:09 PM, maoz zadok  wrote:
>>
>>> Using the command line on the engine machine (as root) works fine. I
>>> don't use ssh key from the agent GUI but the authentication section (with
>>> root user and password),
>>> I think that it's a bug, I manage to migrate with TCP but I just want to
>>> let you know.
>>>
>>> is it possible to use ssh-key from the agent GUI? how can I get the key?
>>>
>>> On Thu, Feb 8, 2018 at 2:51 PM, Petr Kotas  wrote:
>>>
 Hi Maoz,

 it looks like cannot connect due to wrong setup of ssh keys. Which
 linux are you using?
 The guide for setting the ssh connection to  libvirt is here:
 https://wiki.libvirt.org/page/SSHSetup

 May it helps?

 Petr

 On Wed, Feb 7, 2018 at 10:53 PM, maoz zadok  wrote:

> Hello there,
>
> I'm following https://www.ovirt.org/develop/
> release-management/features/virt/KvmToOvirt/ guide in order to import
> VMS from Libvirt to oVirt using ssh.
>  URL:  "qemu+ssh://host1.example.org/system"
>
> and get the following error:
> Failed to communicate with the external provider, see log for
> additional details.
>
>
> *oVirt agent log:*
>
> *- Failed to retrieve VMs information from external server
> qemu+ssh://XXX.XXX.XXX.XXX/system*
> *- VDSM XXX command GetVmsNamesFromExternalProviderVDS failed: Cannot
> recv data: Host key verification failed.: Connection reset by peer*
>
>
>
> *remote host sshd DEBUG log:*
> *Feb  7 16:38:29 XXX sshd[110005]: Connection from XXX.XXX.XXX.147
> port 48148 on XXX.XXX.XXX.123 port 22*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: Client protocol version
> 2.0; client software version OpenSSH_7.4*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: match: OpenSSH_7.4 pat
> OpenSSH* compat 0x0400*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: Local version string
> SSH-2.0-OpenSSH_7.4*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: Enabling compatibility mode
> for protocol 2.0*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: SELinux support disabled
> [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: permanently_set_uid: 74/74
> [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: list_hostkey_types:
> ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 
> [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: SSH2_MSG_KEXINIT sent
> [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: SSH2_MSG_KEXINIT received
> [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: algorithm:
> curve25519-sha256 [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: host key algorithm:
> ecdsa-sha2-nistp256 [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: client->server cipher:
> chacha20-poly1...@openssh.com  MAC:
>  compression: none [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: server->client cipher:
> chacha20-poly1...@openssh.com  MAC:
>  compression: none [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: curve25519-sha256
> need=64 dh_need=64 [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: curve25519-sha256
> need=64 dh_need=64 [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: expecting
> SSH2_MSG_KEX_ECDH_INIT [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: rekey after 134217728
> blocks [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: SSH2_MSG_NEWKEYS sent
> [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: expecting SSH2_MSG_NEWKEYS
> [preauth]*
> 

Re: [ovirt-users] Importing Libvirt Kvm Vms to oVirt Status: Released in oVirt 4.2 using ssh - Failed to communicate with the external provider

2018-02-09 Thread Renout Gerrits
Hi Maoz,

You should not be using the engine and not the root user for the ssh keys.
The actions are delegated to a host and the vdsm user. So you should set-up
ssh keys for the vdsm user on one or all of the hosts (remember to select
this host as proxy host in the gui). Probably the documentation should be
updated to make this more clear.

1. Make the keygen for vdsm user:

   # sudo -u vdsm ssh-keygen

2.Do the first login to confirm the fingerprints using "yes":

   # sudo -u vdsm ssh r...@xxx.xxx.xxx.xxx

3. Then copy the key to the KVm host running the vm:

   # sudo -u vdsm ssh-copy-id r...@xxx.xxx.xxx.xxx

4. Now verify is vdsm can login without password or not:

   # sudo -u vdsm ssh r...@xxx.xxx.xxx.xxx


On Thu, Feb 8, 2018 at 3:12 PM, Petr Kotas  wrote:

> You can generate one :). There are different guides for different
> platforms.
>
> The link I sent is the good start on where to put the keys and how to set
> it up.
>
> Petr
>
> On Thu, Feb 8, 2018 at 3:09 PM, maoz zadok  wrote:
>
>> Using the command line on the engine machine (as root) works fine. I
>> don't use ssh key from the agent GUI but the authentication section (with
>> root user and password),
>> I think that it's a bug, I manage to migrate with TCP but I just want to
>> let you know.
>>
>> is it possible to use ssh-key from the agent GUI? how can I get the key?
>>
>> On Thu, Feb 8, 2018 at 2:51 PM, Petr Kotas  wrote:
>>
>>> Hi Maoz,
>>>
>>> it looks like cannot connect due to wrong setup of ssh keys. Which linux
>>> are you using?
>>> The guide for setting the ssh connection to  libvirt is here:
>>> https://wiki.libvirt.org/page/SSHSetup
>>>
>>> May it helps?
>>>
>>> Petr
>>>
>>> On Wed, Feb 7, 2018 at 10:53 PM, maoz zadok  wrote:
>>>
 Hello there,

 I'm following https://www.ovirt.org/develop/
 release-management/features/virt/KvmToOvirt/ guide in order to import
 VMS from Libvirt to oVirt using ssh.
  URL:  "qemu+ssh://host1.example.org/system"

 and get the following error:
 Failed to communicate with the external provider, see log for
 additional details.


 *oVirt agent log:*

 *- Failed to retrieve VMs information from external server
 qemu+ssh://XXX.XXX.XXX.XXX/system*
 *- VDSM XXX command GetVmsNamesFromExternalProviderVDS failed: Cannot
 recv data: Host key verification failed.: Connection reset by peer*



 *remote host sshd DEBUG log:*
 *Feb  7 16:38:29 XXX sshd[110005]: Connection from XXX.XXX.XXX.147 port
 48148 on XXX.XXX.XXX.123 port 22*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: Client protocol version 2.0;
 client software version OpenSSH_7.4*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: match: OpenSSH_7.4 pat
 OpenSSH* compat 0x0400*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: Local version string
 SSH-2.0-OpenSSH_7.4*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: Enabling compatibility mode
 for protocol 2.0*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: SELinux support disabled
 [preauth]*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: permanently_set_uid: 74/74
 [preauth]*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: list_hostkey_types:
 ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 
 [preauth]*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: SSH2_MSG_KEXINIT sent
 [preauth]*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: SSH2_MSG_KEXINIT received
 [preauth]*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: algorithm:
 curve25519-sha256 [preauth]*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: host key algorithm:
 ecdsa-sha2-nistp256 [preauth]*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: client->server cipher:
 chacha20-poly1...@openssh.com  MAC:
  compression: none [preauth]*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: server->client cipher:
 chacha20-poly1...@openssh.com  MAC:
  compression: none [preauth]*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: curve25519-sha256
 need=64 dh_need=64 [preauth]*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: curve25519-sha256
 need=64 dh_need=64 [preauth]*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: expecting
 SSH2_MSG_KEX_ECDH_INIT [preauth]*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: rekey after 134217728 blocks
 [preauth]*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: SSH2_MSG_NEWKEYS sent
 [preauth]*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: expecting SSH2_MSG_NEWKEYS
 [preauth]*
 *Feb  7 16:38:29 XXX sshd[110005]: Connection closed by XXX.XXX.XXX.147
 port 48148 [preauth]*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: do_cleanup [preauth]*
 *Feb  7 16:38:29 XXX sshd[110005]: debug1: do_cleanup*
 *Feb  7 16:38:29 XXX sshd[110005]: 

Re: [ovirt-users] Importing Libvirt Kvm Vms to oVirt Status: Released in oVirt 4.2 using ssh - Failed to communicate with the external provider

2018-02-08 Thread Petr Kotas
You can generate one :). There are different guides for different platforms.

The link I sent is the good start on where to put the keys and how to set
it up.

Petr

On Thu, Feb 8, 2018 at 3:09 PM, maoz zadok  wrote:

> Using the command line on the engine machine (as root) works fine. I
> don't use ssh key from the agent GUI but the authentication section (with
> root user and password),
> I think that it's a bug, I manage to migrate with TCP but I just want to
> let you know.
>
> is it possible to use ssh-key from the agent GUI? how can I get the key?
>
> On Thu, Feb 8, 2018 at 2:51 PM, Petr Kotas  wrote:
>
>> Hi Maoz,
>>
>> it looks like cannot connect due to wrong setup of ssh keys. Which linux
>> are you using?
>> The guide for setting the ssh connection to  libvirt is here:
>> https://wiki.libvirt.org/page/SSHSetup
>>
>> May it helps?
>>
>> Petr
>>
>> On Wed, Feb 7, 2018 at 10:53 PM, maoz zadok  wrote:
>>
>>> Hello there,
>>>
>>> I'm following https://www.ovirt.org/develop/
>>> release-management/features/virt/KvmToOvirt/ guide in order to import
>>> VMS from Libvirt to oVirt using ssh.
>>>  URL:  "qemu+ssh://host1.example.org/system"
>>>
>>> and get the following error:
>>> Failed to communicate with the external provider, see log for additional
>>> details.
>>>
>>>
>>> *oVirt agent log:*
>>>
>>> *- Failed to retrieve VMs information from external server
>>> qemu+ssh://XXX.XXX.XXX.XXX/system*
>>> *- VDSM XXX command GetVmsNamesFromExternalProviderVDS failed: Cannot
>>> recv data: Host key verification failed.: Connection reset by peer*
>>>
>>>
>>>
>>> *remote host sshd DEBUG log:*
>>> *Feb  7 16:38:29 XXX sshd[110005]: Connection from XXX.XXX.XXX.147 port
>>> 48148 on XXX.XXX.XXX.123 port 22*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: Client protocol version 2.0;
>>> client software version OpenSSH_7.4*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: match: OpenSSH_7.4 pat
>>> OpenSSH* compat 0x0400*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: Local version string
>>> SSH-2.0-OpenSSH_7.4*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: Enabling compatibility mode
>>> for protocol 2.0*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: SELinux support disabled
>>> [preauth]*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: permanently_set_uid: 74/74
>>> [preauth]*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: list_hostkey_types:
>>> ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: SSH2_MSG_KEXINIT sent
>>> [preauth]*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: SSH2_MSG_KEXINIT received
>>> [preauth]*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: algorithm:
>>> curve25519-sha256 [preauth]*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: host key algorithm:
>>> ecdsa-sha2-nistp256 [preauth]*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: client->server cipher:
>>> chacha20-poly1...@openssh.com  MAC:
>>>  compression: none [preauth]*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: server->client cipher:
>>> chacha20-poly1...@openssh.com  MAC:
>>>  compression: none [preauth]*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: curve25519-sha256
>>> need=64 dh_need=64 [preauth]*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: curve25519-sha256
>>> need=64 dh_need=64 [preauth]*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: expecting
>>> SSH2_MSG_KEX_ECDH_INIT [preauth]*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: rekey after 134217728 blocks
>>> [preauth]*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: SSH2_MSG_NEWKEYS sent
>>> [preauth]*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: expecting SSH2_MSG_NEWKEYS
>>> [preauth]*
>>> *Feb  7 16:38:29 XXX sshd[110005]: Connection closed by XXX.XXX.XXX.147
>>> port 48148 [preauth]*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: do_cleanup [preauth]*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: do_cleanup*
>>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: Killing privsep child 110006*
>>> *Feb  7 16:38:29 XXX sshd[109922]: debug1: Forked child 110007.*
>>> *Feb  7 16:38:29 XXX sshd[110007]: debug1: Set /proc/self/oom_score_adj
>>> to 0*
>>> *Feb  7 16:38:29 XXX sshd[110007]: debug1: rexec start in 5 out 5
>>> newsock 5 pipe 7 sock 8*
>>> *Feb  7 16:38:29 XXX sshd[110007]: debug1: inetd sockets after dupping:
>>> 3, 3*
>>> *Feb  7 16:38:29 XXX sshd[110007]: Connection from XXX.XXX.XXX.147 port
>>> 48150 on XXX.XXX.XXX.123 port 22*
>>> *Feb  7 16:38:29 XXX sshd[110007]: debug1: Client protocol version 2.0;
>>> client software version OpenSSH_7.4*
>>> *Feb  7 16:38:29 XXX sshd[110007]: debug1: match: OpenSSH_7.4 pat
>>> OpenSSH* compat 0x0400*
>>> *Feb  7 16:38:29 XXX sshd[110007]: debug1: Local version string
>>> SSH-2.0-OpenSSH_7.4*
>>> *Feb  7 16:38:29 XXX sshd[110007]: debug1: Enabling compatibility mode
>>> for protocol 2.0*
>>> *Feb  

Re: [ovirt-users] Importing Libvirt Kvm Vms to oVirt Status: Released in oVirt 4.2 using ssh - Failed to communicate with the external provider

2018-02-08 Thread maoz zadok
Using the command line on the engine machine (as root) works fine. I
don't use ssh key from the agent GUI but the authentication section (with
root user and password),
I think that it's a bug, I manage to migrate with TCP but I just want to
let you know.

is it possible to use ssh-key from the agent GUI? how can I get the key?

On Thu, Feb 8, 2018 at 2:51 PM, Petr Kotas  wrote:

> Hi Maoz,
>
> it looks like cannot connect due to wrong setup of ssh keys. Which linux
> are you using?
> The guide for setting the ssh connection to  libvirt is here:
> https://wiki.libvirt.org/page/SSHSetup
>
> May it helps?
>
> Petr
>
> On Wed, Feb 7, 2018 at 10:53 PM, maoz zadok  wrote:
>
>> Hello there,
>>
>> I'm following https://www.ovirt.org/develop/
>> release-management/features/virt/KvmToOvirt/ guide in order to import
>> VMS from Libvirt to oVirt using ssh.
>>  URL:  "qemu+ssh://host1.example.org/system"
>>
>> and get the following error:
>> Failed to communicate with the external provider, see log for additional
>> details.
>>
>>
>> *oVirt agent log:*
>>
>> *- Failed to retrieve VMs information from external server
>> qemu+ssh://XXX.XXX.XXX.XXX/system*
>> *- VDSM XXX command GetVmsNamesFromExternalProviderVDS failed: Cannot
>> recv data: Host key verification failed.: Connection reset by peer*
>>
>>
>>
>> *remote host sshd DEBUG log:*
>> *Feb  7 16:38:29 XXX sshd[110005]: Connection from XXX.XXX.XXX.147 port
>> 48148 on XXX.XXX.XXX.123 port 22*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: Client protocol version 2.0;
>> client software version OpenSSH_7.4*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: match: OpenSSH_7.4 pat
>> OpenSSH* compat 0x0400*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: Local version string
>> SSH-2.0-OpenSSH_7.4*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: Enabling compatibility mode
>> for protocol 2.0*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: SELinux support disabled
>> [preauth]*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: permanently_set_uid: 74/74
>> [preauth]*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: list_hostkey_types:
>> ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: SSH2_MSG_KEXINIT sent
>> [preauth]*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: SSH2_MSG_KEXINIT received
>> [preauth]*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: algorithm:
>> curve25519-sha256 [preauth]*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: host key algorithm:
>> ecdsa-sha2-nistp256 [preauth]*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: client->server cipher:
>> chacha20-poly1...@openssh.com  MAC:
>>  compression: none [preauth]*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: server->client cipher:
>> chacha20-poly1...@openssh.com  MAC:
>>  compression: none [preauth]*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: curve25519-sha256 need=64
>> dh_need=64 [preauth]*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: curve25519-sha256 need=64
>> dh_need=64 [preauth]*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: expecting
>> SSH2_MSG_KEX_ECDH_INIT [preauth]*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: rekey after 134217728 blocks
>> [preauth]*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: SSH2_MSG_NEWKEYS sent
>> [preauth]*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: expecting SSH2_MSG_NEWKEYS
>> [preauth]*
>> *Feb  7 16:38:29 XXX sshd[110005]: Connection closed by XXX.XXX.XXX.147
>> port 48148 [preauth]*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: do_cleanup [preauth]*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: do_cleanup*
>> *Feb  7 16:38:29 XXX sshd[110005]: debug1: Killing privsep child 110006*
>> *Feb  7 16:38:29 XXX sshd[109922]: debug1: Forked child 110007.*
>> *Feb  7 16:38:29 XXX sshd[110007]: debug1: Set /proc/self/oom_score_adj
>> to 0*
>> *Feb  7 16:38:29 XXX sshd[110007]: debug1: rexec start in 5 out 5 newsock
>> 5 pipe 7 sock 8*
>> *Feb  7 16:38:29 XXX sshd[110007]: debug1: inetd sockets after dupping:
>> 3, 3*
>> *Feb  7 16:38:29 XXX sshd[110007]: Connection from XXX.XXX.XXX.147 port
>> 48150 on XXX.XXX.XXX.123 port 22*
>> *Feb  7 16:38:29 XXX sshd[110007]: debug1: Client protocol version 2.0;
>> client software version OpenSSH_7.4*
>> *Feb  7 16:38:29 XXX sshd[110007]: debug1: match: OpenSSH_7.4 pat
>> OpenSSH* compat 0x0400*
>> *Feb  7 16:38:29 XXX sshd[110007]: debug1: Local version string
>> SSH-2.0-OpenSSH_7.4*
>> *Feb  7 16:38:29 XXX sshd[110007]: debug1: Enabling compatibility mode
>> for protocol 2.0*
>> *Feb  7 16:38:29 XXX sshd[110007]: debug1: SELinux support disabled
>> [preauth]*
>> *Feb  7 16:38:29 XXX sshd[110007]: debug1: permanently_set_uid: 74/74
>> [preauth]*
>> *Feb  7 16:38:29 XXX sshd[110007]: debug1: list_hostkey_types:
>> ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]*
>> *Feb  7 16:38:29 XXX sshd[110007]: 

Re: [ovirt-users] Importing Libvirt Kvm Vms to oVirt Status: Released in oVirt 4.2 using ssh - Failed to communicate with the external provider

2018-02-08 Thread Petr Kotas
Hi Maoz,

it looks like cannot connect due to wrong setup of ssh keys. Which linux
are you using?
The guide for setting the ssh connection to  libvirt is here:
https://wiki.libvirt.org/page/SSHSetup

May it helps?

Petr

On Wed, Feb 7, 2018 at 10:53 PM, maoz zadok  wrote:

> Hello there,
>
> I'm following https://www.ovirt.org/develop/release-management/features/
> virt/KvmToOvirt/ guide in order to import VMS from Libvirt to oVirt using
> ssh.
>  URL:  "qemu+ssh://host1.example.org/system"
>
> and get the following error:
> Failed to communicate with the external provider, see log for additional
> details.
>
>
> *oVirt agent log:*
>
> *- Failed to retrieve VMs information from external server
> qemu+ssh://XXX.XXX.XXX.XXX/system*
> *- VDSM XXX command GetVmsNamesFromExternalProviderVDS failed: Cannot recv
> data: Host key verification failed.: Connection reset by peer*
>
>
>
> *remote host sshd DEBUG log:*
> *Feb  7 16:38:29 XXX sshd[110005]: Connection from XXX.XXX.XXX.147 port
> 48148 on XXX.XXX.XXX.123 port 22*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: Client protocol version 2.0;
> client software version OpenSSH_7.4*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: match: OpenSSH_7.4 pat OpenSSH*
> compat 0x0400*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: Local version string
> SSH-2.0-OpenSSH_7.4*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: Enabling compatibility mode for
> protocol 2.0*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: SELinux support disabled
> [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: permanently_set_uid: 74/74
> [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: list_hostkey_types:
> ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: SSH2_MSG_KEXINIT sent [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: SSH2_MSG_KEXINIT received
> [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: algorithm:
> curve25519-sha256 [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: host key algorithm:
> ecdsa-sha2-nistp256 [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: client->server cipher:
> chacha20-poly1...@openssh.com  MAC:
>  compression: none [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: server->client cipher:
> chacha20-poly1...@openssh.com  MAC:
>  compression: none [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: curve25519-sha256 need=64
> dh_need=64 [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: curve25519-sha256 need=64
> dh_need=64 [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: expecting
> SSH2_MSG_KEX_ECDH_INIT [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: rekey after 134217728 blocks
> [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: SSH2_MSG_NEWKEYS sent [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: expecting SSH2_MSG_NEWKEYS
> [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: Connection closed by XXX.XXX.XXX.147
> port 48148 [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: do_cleanup [preauth]*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: do_cleanup*
> *Feb  7 16:38:29 XXX sshd[110005]: debug1: Killing privsep child 110006*
> *Feb  7 16:38:29 XXX sshd[109922]: debug1: Forked child 110007.*
> *Feb  7 16:38:29 XXX sshd[110007]: debug1: Set /proc/self/oom_score_adj to
> 0*
> *Feb  7 16:38:29 XXX sshd[110007]: debug1: rexec start in 5 out 5 newsock
> 5 pipe 7 sock 8*
> *Feb  7 16:38:29 XXX sshd[110007]: debug1: inetd sockets after dupping: 3,
> 3*
> *Feb  7 16:38:29 XXX sshd[110007]: Connection from XXX.XXX.XXX.147 port
> 48150 on XXX.XXX.XXX.123 port 22*
> *Feb  7 16:38:29 XXX sshd[110007]: debug1: Client protocol version 2.0;
> client software version OpenSSH_7.4*
> *Feb  7 16:38:29 XXX sshd[110007]: debug1: match: OpenSSH_7.4 pat OpenSSH*
> compat 0x0400*
> *Feb  7 16:38:29 XXX sshd[110007]: debug1: Local version string
> SSH-2.0-OpenSSH_7.4*
> *Feb  7 16:38:29 XXX sshd[110007]: debug1: Enabling compatibility mode for
> protocol 2.0*
> *Feb  7 16:38:29 XXX sshd[110007]: debug1: SELinux support disabled
> [preauth]*
> *Feb  7 16:38:29 XXX sshd[110007]: debug1: permanently_set_uid: 74/74
> [preauth]*
> *Feb  7 16:38:29 XXX sshd[110007]: debug1: list_hostkey_types:
> ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]*
> *Feb  7 16:38:29 XXX sshd[110007]: debug1: SSH2_MSG_KEXINIT sent [preauth]*
> *Feb  7 16:38:29 XXX sshd[110007]: debug1: SSH2_MSG_KEXINIT received
> [preauth]*
> *Feb  7 16:38:29 XXX sshd[110007]: debug1: kex: algorithm:
> curve25519-sha256 [preauth]*
> *Feb  7 16:38:29 XXX sshd[110007]: debug1: kex: host key algorithm:
> ecdsa-sha2-nistp256 [preauth]*
> *Feb  7 16:38:29 XXX sshd[110007]: debug1: kex: client->server cipher:
> chacha20-poly1...@openssh.com  MAC:
>  compression: none [preauth]*
> *Feb  7 16:38:29 XXX 

[ovirt-users] Importing Libvirt Kvm Vms to oVirt Status: Released in oVirt 4.2 using ssh - Failed to communicate with the external provider

2018-02-07 Thread maoz zadok
Hello there,

I'm following
https://www.ovirt.org/develop/release-management/features/virt/KvmToOvirt/
guide
in order to import VMS from Libvirt to oVirt using ssh.
 URL:  "qemu+ssh://host1.example.org/system"

and get the following error:
Failed to communicate with the external provider, see log for additional
details.


*oVirt agent log:*

*- Failed to retrieve VMs information from external server
qemu+ssh://XXX.XXX.XXX.XXX/system*
*- VDSM XXX command GetVmsNamesFromExternalProviderVDS failed: Cannot recv
data: Host key verification failed.: Connection reset by peer*



*remote host sshd DEBUG log:*
*Feb  7 16:38:29 XXX sshd[110005]: Connection from XXX.XXX.XXX.147 port
48148 on XXX.XXX.XXX.123 port 22*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: Client protocol version 2.0;
client software version OpenSSH_7.4*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: match: OpenSSH_7.4 pat OpenSSH*
compat 0x0400*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: Local version string
SSH-2.0-OpenSSH_7.4*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: Enabling compatibility mode for
protocol 2.0*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: SELinux support disabled
[preauth]*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: permanently_set_uid: 74/74
[preauth]*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: list_hostkey_types:
ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: SSH2_MSG_KEXINIT sent [preauth]*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: SSH2_MSG_KEXINIT received
[preauth]*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: algorithm:
curve25519-sha256 [preauth]*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: host key algorithm:
ecdsa-sha2-nistp256 [preauth]*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: client->server cipher:
chacha20-poly1...@openssh.com  MAC:
 compression: none [preauth]*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: server->client cipher:
chacha20-poly1...@openssh.com  MAC:
 compression: none [preauth]*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: curve25519-sha256 need=64
dh_need=64 [preauth]*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: kex: curve25519-sha256 need=64
dh_need=64 [preauth]*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT
[preauth]*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: rekey after 134217728 blocks
[preauth]*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: SSH2_MSG_NEWKEYS sent [preauth]*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: expecting SSH2_MSG_NEWKEYS
[preauth]*
*Feb  7 16:38:29 XXX sshd[110005]: Connection closed by XXX.XXX.XXX.147
port 48148 [preauth]*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: do_cleanup [preauth]*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: do_cleanup*
*Feb  7 16:38:29 XXX sshd[110005]: debug1: Killing privsep child 110006*
*Feb  7 16:38:29 XXX sshd[109922]: debug1: Forked child 110007.*
*Feb  7 16:38:29 XXX sshd[110007]: debug1: Set /proc/self/oom_score_adj to
0*
*Feb  7 16:38:29 XXX sshd[110007]: debug1: rexec start in 5 out 5 newsock 5
pipe 7 sock 8*
*Feb  7 16:38:29 XXX sshd[110007]: debug1: inetd sockets after dupping: 3,
3*
*Feb  7 16:38:29 XXX sshd[110007]: Connection from XXX.XXX.XXX.147 port
48150 on XXX.XXX.XXX.123 port 22*
*Feb  7 16:38:29 XXX sshd[110007]: debug1: Client protocol version 2.0;
client software version OpenSSH_7.4*
*Feb  7 16:38:29 XXX sshd[110007]: debug1: match: OpenSSH_7.4 pat OpenSSH*
compat 0x0400*
*Feb  7 16:38:29 XXX sshd[110007]: debug1: Local version string
SSH-2.0-OpenSSH_7.4*
*Feb  7 16:38:29 XXX sshd[110007]: debug1: Enabling compatibility mode for
protocol 2.0*
*Feb  7 16:38:29 XXX sshd[110007]: debug1: SELinux support disabled
[preauth]*
*Feb  7 16:38:29 XXX sshd[110007]: debug1: permanently_set_uid: 74/74
[preauth]*
*Feb  7 16:38:29 XXX sshd[110007]: debug1: list_hostkey_types:
ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]*
*Feb  7 16:38:29 XXX sshd[110007]: debug1: SSH2_MSG_KEXINIT sent [preauth]*
*Feb  7 16:38:29 XXX sshd[110007]: debug1: SSH2_MSG_KEXINIT received
[preauth]*
*Feb  7 16:38:29 XXX sshd[110007]: debug1: kex: algorithm:
curve25519-sha256 [preauth]*
*Feb  7 16:38:29 XXX sshd[110007]: debug1: kex: host key algorithm:
ecdsa-sha2-nistp256 [preauth]*
*Feb  7 16:38:29 XXX sshd[110007]: debug1: kex: client->server cipher:
chacha20-poly1...@openssh.com  MAC:
 compression: none [preauth]*
*Feb  7 16:38:29 XXX sshd[110007]: debug1: kex: server->client cipher:
chacha20-poly1...@openssh.com  MAC:
 compression: none [preauth]*
*Feb  7 16:38:29 XXX sshd[110007]: debug1: kex: curve25519-sha256 need=64
dh_need=64 [preauth]*
*Feb  7 16:38:29 XXX sshd[110007]: debug1: kex: curve25519-sha256 need=64
dh_need=64 [preauth]*
*Feb  7 16:38:29 XXX sshd[110007]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT
[preauth]*
*Feb  7 16:38:29 XXX sshd[110007]: debug1: rekey after 134217728