Welcome to the new Linux Foundation Forum!

[WORK-AROUND] cannot ssh from host to LFS201 CentOS vm

MaxgMaxg Posts: 3
edited April 1 in LFS201 Class Forum

EDIT 4.1.2018

I've just completed my work-around for this issue, and have documented my solution below. It's not ideal, since I'd like to be working with the VM provided for this course, but this gets the job done for me:

  1. ON HOST - Download the minimal iso from CentOS directly (https://centos.org/download/)
  2. ON HOST - create a new virual machine in VirtualBox with the iso
  3. ON HOST - set up network as NAT (default behavior)
  4. ON HOST - setup port forwarding from Host 2223 to Guest 22
  5. ON HOST - under Settings > System > Processor, set processors to 2
  6. ON GUEST - enable networking by editing

    /etc/sysconfig/network-scripts/ifcfg-$IFACE_NAME
    and setting

    ONBOOT=yes

     

  7. ON GUEST - restart networking via systemctl
  8. ON GUEST - confirm openssh-server is installed
  9. ON GUEST - confirm sshd is running
  10. ON GUEST - confirm ssh to localhost is successful
  11. ON HOST -

    ssh [email protected] -p 2223
    SUCCESSFUL ACCESS OVER SSH!
  12. ON GUEST - run the ready-for.sh script provided by the Linux Foundation (https://training.linuxfoundation.org/cm/prep/?course=LFS201) to install software and confirm hardware configuration
  13. Do a little dance

From what I've fonund, the CentOS VM (possibly others as well? haven't tried them yet) is not provided to the students in such a way to allow access over ssh.

 

-----------------------------------------------------

 

Hello all! I've been trying to figure this out, and no luck...

My goal is to ssh from my local machine to the CentOS VM provided for LFS201. My local machine is running Ubuntu 17.10, and I'm using Virutalbox Version 5.2.8 r121009 (Qt5.9.1).

Things I've checked on the VM itself:

  • sshd is running, confirmed via systemctl and via ssh'ing from the vm itself to localhost (doing `ssh localhost` works just fine)
  • firewalld allows ssh, confirmed via `firewalld-cmd --list-services`
  • iptables is NOT running
  • no mention of an SSH attempt in /var/log/messages or /var/log/secure
  • [[email protected] ~]$ uname -a

    Linux CentOS7 3.10.0-693.21.1.el7.x86_64 #1 SMP Wed Mar 7 19:03:37 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

    [[email protected] ~]$ cat /etc/redhat-release

    CentOS Linux release 7.4.1708 (Core)

Things I've checked on VirtualBox:

  • Networking is setup over NAT
  • Port forwarding is enabled via `VBoxManage showvminfo lfcs | grep ssh

    NIC 1 Rule(0):   name = ssh, protocol = tcp, host ip = 127.0.0.1, host port = 2222, guest ip = 10.10.2.15, guest port = 22`

Here's what happens when I try to ssh:

`ssh -p 2222 [email protected]

ssh_exchange_identification: read: Connection reset by peer`

 

Any thoughts on what I'm missing?

Thanks,

~Max

Comments

  • luisviveropenaluisviveropena Posts: 275
    edited March 25

    Hi,

    1.- Just to be sure, are you trying to connect by ssh from the host to the guest, right?

    2.- Ssh service is running and accepting connections when you try in the vm itself, is that right?

    3.- I see you are trying: ssh -p 2222 [email protected] . Are you doing that in the host? If so, in that case you are trying to connect from the host to the host, not the guest. So you need to use the guest's IP, because the host should be able to reach the guest using the associated network.

    Regards,

    Luis.

  • MaxgMaxg Posts: 3

    Hey Luis! Thanks for taking a look!

    1. confirmed, trying to ssh from host to guest
    2. confirmed, sshd is running in the VM itself and is accepting connections. From inside the VM, executing `ssh localhost` functions correctly (I am prompted for a password, and can authenticate successfully)
    3. confirmed, I am ssh'ing from host to guest. As I understood it, since I am using VirtualBox with a NAT network, I can't ssh directly to the machine's IP and need to use port forwarding (https://www.virtualbox.org/manual/ch06.html#natforward), but I may have misunderstood.
      1. I get a Connection timed out error when ssh'ing to the IP, both with and without the port forwarding:
        1. `➜  ~ ssh -p 2222 [email protected]

          ssh: connect to host 10.10.2.15 port 2222: Connection timed out`

        2. `➜  ~ ssh [email protected]

          ssh: connect to host 10.10.2.15 port 22: Connection timed out`

     

  • Hi,

    If you just need to ssh into the guest, the easiest thing is to setup the network to bridged mode, and that's all. Please tell me if that works for you.

    Take a look to Table 6.1. Overview in the VirtualBox user's manual:

    https://www.virtualbox.org/manual/ch06.html

    Regards,

    Luis.

     

  • MaxgMaxg Posts: 3

    Hey Luis, thanks for checking in!

    I've just completed my work-around for this issue, and have documented my solution below:

    1. ON HOST - Download the minimal iso from CentOS directly (https://centos.org/download/)
    2. ON HOST - create a new virual machine in VirtualBox with the iso
    3. ON HOST - set up network as NAT
    4. ON HOST - setup port forwarding from Host 2223 to Guest 22
    5. ON HOST - under Settings > System > Processor, set processors to 2
    6. ON GUEST - enable networking by editing `/etc/sysconfig/network-scripts/ifcfg-$IFACE_NAME` and setting ONBOOT=yes
    7. ON GUEST - restart networking via systemctl
    8. ON GUEST - confirm openssh-server is installed
    9. ON GUEST - confirm sshd is running
    10. ON GUEST - confirm ssh to localhost is successful
    11. ON HOST - ssh [email protected] -p 2223
      1. SUCCESSFUL ACCESS OVER SSH!
    12. ON GUEST - run the ready-for.sh script provided by the Linux Foundation (https://training.linuxfoundation.org/cm/prep/?course=LFS201) to install software and confirm hardware configuration

    From what I've fonund, the CentOS VM (possibly others as well? haven't tried them yet) is not provided to the students in such a way to allow access over ssh.

  • coopcoop Posts: 221

    SOrry, I still don't understand.  ssh to and from the guest works on the CentOS7 VM's we provide in both vmware and virtual box as confirmed by the experience of many.  (All guest VMS have been through ready-for.sh for all relevant coruses).  The problems you have are purely on the host and the way your firewall etc is set up, probably, as seen by your need to mess with port forwarding.  Finally sshing to 127.0.0.1 would nothing as is always the local host but you have used the -p option as a work around.  Sometimes people have trouble with the ntewrok setup if the host is on wireless and not wired and/or the host is not connected to network, and changing from bridged to NAT can help. 

     

    You have solved a problem with your setup on the host machine, but the workaround is nto necessary.  you should be able to use the actual IP address of the guest.

     

     

  • luisviveropenaluisviveropena Posts: 275

    Hi Maxg!

    Well, that sounds like you found a harder way to solve it! Anyway, you got this fixed, so let's dance a bit and keep progressing.

    Regards,

    Luis.

Sign In or Register to comment.