You didn't miss anything. This causes problems with VCL because the code checks the status of SSH commands. SSH returns 255 if the actual SSH connection command failed (couldn't connect, no route, etc). The VCL code attempts to compensate for this bug but it may be missing some conditions. Here is the line where this happens from the 2.2 code:

utils.pm line 5514:

if (($exit_status == 255 && $ssh_command !~ /(vmware-cmd|vim-cmd|vmkfstools)/i) || $ssh_output_formatted =~ /(lost connection|reset by peer|no route to host|connection refused|connection timed out|resource temporarily unavailable)/i) {
   <assume SSH command failed and try again>
}
else {
<assume SSH command was successful and return the exit status and output>
}

The code may differ depending on the version you're running. Please check the run_ssh_command subroutine in your utils.pm file to see what the line contains. Also, please include the vcld.log file output. An adjustment to this line will probably allow things to work.

Regards,
Andy

On 11/15/2010 11:14 AM, David Hutchins wrote:
   So the VMWare uses dropbear ssh in their ESXi 3.5 product, problem is
there is a bug in it where the return status is always 255, regardless of
the commands return status. I'm trying to set up with ESX localdisk, Did I
miss something important here related to the setup of ssh for ESXi 3.5? A
quick google search shows that this is a know bug in dropbear, and has been
patched in recent versions, but vmware does not have an updated version that
I can find. Is there a known work-around?

  example:

[r...@vcl VCL]# /usr/bin/ssh -l root -p 22 -x 192.168.28.2 "echo yeah&&
echo $?"
yeah
0
[r...@vcl VCL]# echo $?
255

So this time with -vv:

[r...@vcl VCL]# /usr/bin/ssh -vv -l root -p 22 -x 192.168.28.2 "echo yeah&&
echo $?"
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.28.2 [192.168.28.2] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug2: key_type_from_name: unknown key type '-----END'
debug1: identity file /etc/vcl/vcl.key type 1
debug1: loaded 1 keys
debug1: Remote protocol version 2.0, remote software version dropbear_0.49
debug1: no match: dropbear_0.49
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,
rijndael-...@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,
rijndael-...@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,
hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,
hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,z...@openssh.com,zlib
debug2: kex_parse_kexinit: none,z...@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-cbc,twofish128-cbc,blowfish-cbc
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-cbc,twofish128-cbc,blowfish-cbc
debug2: kex_parse_kexinit: hmac-sha1-96,hmac-sha1,hmac-md5
debug2: kex_parse_kexinit: hmac-sha1-96,hmac-sha1,hmac-md5
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug2: dh_gen_key: priv key bits set: 145/256
debug2: bits set: 502/1024
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Host '192.168.28.2' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:106
debug2: bits set: 520/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /etc/vcl/vcl.key (0x2b123b080b30)
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: /etc/vcl/vcl.key
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 149
debug2: input_userauth_pk_ok: SHA1 fp
f1:71:90:e3:3f:d9:1e:5e:06:1b:f1:b5:41:82:8b:73:d6:f1:24:ef
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug2: channel 0: send open
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug1: Sending command: echo yeah&&  echo 0
debug2: channel 0: request exec confirm 0
debug2: callback done
debug2: channel 0: open confirm rwindow 8000 rmax 8000
yeah
0
debug2: channel 0: rcvd eof
debug2: channel 0: output open ->  drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain ->  closed
debug2: channel 0: rcvd close
debug2: channel 0: close_read
debug2: channel 0: input open ->  closed
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.0 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status -1
[r...@vcl VCL]# echo $?
255

Reply via email to