sshd doesnt work (but started) in lxc (ubuntu)

Question

When I'm trying to connect with ssh ubuntu@10.0.0.* it fails with Read from socket failed: Connection reset by peer, and I can connect to containers only with lxc-attach -n (name).

How can I fix this?

UPD 0:

$ ssh -vvv ubuntu@10.0.0.243
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 10.0.0.243 [10.0.0.243] port 22.
debug1: Connection established.
debug1: identity file /home/guava/.ssh/id_rsa type -1
debug1: identity file /home/guava/.ssh/id_rsa-cert type -1
debug1: identity file /home/guava/.ssh/id_dsa type -1
debug1: identity file /home/guava/.ssh/id_dsa-cert type -1
debug1: identity file /home/guava/.ssh/id_ecdsa type -1
debug1: identity file /home/guava/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/guava/.ssh/id_ed25519 type -1
debug1: identity file /home/guava/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3
debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3 pat OpenSSH_6.6.1* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "10.0.0.243" from file "/home/guava/.ssh/known_hosts"
debug3: load_hostkeys: loaded 0 keys
debug1: SSH2_MSG_KEXINIT sent
Read from socket failed: Connection reset by peer

What do your sshd logs say? – user9517 Dec 08 '15 at 07:49 — user9517, Dec 08 '15 at 07:49

score 0 · Accepted Answer · edited Dec 08 '15 at 09:55

0

You can try to add verbose svitch to ssd command for debug purposes:

ssh -vvv ubuntu@10.0.0.1

-v - stands for verbose, you can multiply options, the maximum cuont is 3

UPD0

Are permissions seted right?

sudo chmod 644 ~/.ssh/known_hosts
sudo chmod 755 ~/.ssh
sudo chmod 600 ~/.ssh/id_rsa
sudo chmod 600 ~/.ssh/id_rsa.pub

On remote host:

sudo chmod 600 /etc/ssh/ssh_host_*

Is time is syncronized on both machines?

UPD 1

Can you put tail on remote mechine's auth.log?

tail -500 /var/log/auth.log | grep 'sshd'

In /etc/ssh/sshd_config log_level DEBUG/INFO:

SyslogFacility AUTH
LogLevel INFO

edited Dec 08 '15 at 09:55

Kirill Danshin

23
3

answered Dec 08 '15 at 07:19

shcherbak

289
1
12

I don't have any id_* file, and yes, permissions seted right yes, it synchronized thank you! i've found the error! – Kirill Danshin Dec 08 '15 at 08:04
You are wellcome! In most cases the "Connection reset by peer" is a handshke error – shcherbak Dec 08 '15 at 08:09

score 0 · Answer 2 · answered Aug 08 '16 at 09:30

This is ages old, but no answer addresses LXC here.

If the host has sshd bound to 0.0.0.0:22, then the sshd on the host machine occupies all interfaces, and hence the sshd in the container cannot grab a free interface. The sshd on the host machine must be configured to not listen on all interfaces, so in /etc/ssh/sshd_config, the line

ListenAddress 0.0.0.0

must be replaced by

ListenAddress 192.168.0.55

if the IP address of the network interface is 192.168.0.55 (change it to whatever the IP address of the network interface is).

sshd doesnt work (but started) in lxc (ubuntu)

2 Answers2