How to ssh into a LXD guest?












1















I have a host machine (KVM with Kubuntu 18.04) with a LDX guest (based on ubuntu18.04 image).



I can ssh from guest to host.



But trying to ssh from host to guest gives an




Permission denied (publickey)




error



Step to reproduce:




  • lxc exec into the guest

  • exec login with ubuntu user (to avoid root permissions problems)

  • ssh to host - SUCCESS

  • exit form user ubuntu - exit from guest

  • from host ssh into ubuntu@guest - ERROR


What I'm doing wrong?



Below the complete session transcript



sysop@kvmneo4j:~$ lxc list

+----------+---------+-------------------+------+------------+-----------+

|   NAME   |  STATE  |       IPV4        | IPV6 |    TYPE    | SNAPSHOTS |

+----------+---------+-------------------+------+------------+-----------+

| base1804 | RUNNING | 10.0.0.205 (eth0) |      | PERSISTENT | 0         |

+----------+---------+-------------------+------+------------+-----------+

sysop@kvmneo4j:~$ lxc exec base1804 bash

root@base1804:~# exec login ubuntu

Password: 

Last login: Wed Jan  2 18:58:10 UTC 2019 on UNKNOWN

Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-43-generic x86_64)



* Documentation:  https://help.ubuntu.com

* Management:     https://landscape.canonical.com

* Support:        https://ubuntu.com/advantage



System information as of Wed Jan  2 19:02:28 UTC 2019



System load:    1.69      Processes:           22

Usage of /home: unknown   Users logged in:     0

Memory usage:   1%        IP address for eth0: 10.0.0.205

Swap usage:     0%





Get cloud support with Ubuntu Advantage Cloud Guest:

    http://www.ubuntu.com/business/services/cloud



0 packages can be updated.

0 updates are security updates.



Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings





To run a command as administrator (user "root"), use "sudo <command>".

See "man sudo_root" for details.



ubuntu@base1804:~$ ssh sysop@10.0.0.1

sysop@10.0.0.1's password: 

Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-43-generic x86_64)



* Documentation:  https://help.ubuntu.com

* Management:     https://landscape.canonical.com

* Support:        https://ubuntu.com/advantage





* Canonical Livepatch is available for installation.

- Reduce system reboots and improve kernel security. Activate at:

    https://ubuntu.com/livepatch

Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings



Last login: Wed Jan  2 19:58:42 2019 from 10.0.0.205

sysop@kvmneo4j:~$ logout

Connection to 10.0.0.1 closed.

ubuntu@base1804:~$ logout

sysop@kvmneo4j:~$ ssh -v ubuntu@10.0.0.205

OpenSSH_7.6p1 Ubuntu-4ubuntu0.1, OpenSSL 1.0.2n  7 Dec 2017

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: /etc/ssh/ssh_config line 19: Applying options for *

debug1: Connecting to 10.0.0.205 [10.0.0.205] port 22.

debug1: Connection established.

debug1: identity file /home/sysop/.ssh/id_rsa type 0

debug1: key_load_public: No such file or directory

debug1: identity file /home/sysop/.ssh/id_rsa-cert type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/sysop/.ssh/id_dsa type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/sysop/.ssh/id_dsa-cert type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/sysop/.ssh/id_ecdsa type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/sysop/.ssh/id_ecdsa-cert type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/sysop/.ssh/id_ed25519 type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/sysop/.ssh/id_ed25519-cert type -1

debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.1

debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6p1 Ubuntu-4ubuntu0.1

debug1: match: OpenSSH_7.6p1 Ubuntu-4ubuntu0.1 pat OpenSSH* compat 0x04000000

debug1: Authenticating to 10.0.0.205:22 as 'ubuntu'

debug1: SSH2_MSG_KEXINIT sent

debug1: SSH2_MSG_KEXINIT received

debug1: kex: algorithm: curve25519-sha256

debug1: kex: host key algorithm: ecdsa-sha2-nistp256

debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none

debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none

debug1: expecting SSH2_MSG_KEX_ECDH_REPLY

debug1: Server host key: ecdsa-sha2-nistp256 SHA256:i0Ezo01qJyhIue4PIRobOw/qKuvDW/7OJZzgB0X5jGM

debug1: Host '10.0.0.205' is known and matches the ECDSA host key.

debug1: Found key in /home/sysop/.ssh/known_hosts:1

debug1: rekey after 134217728 blocks

debug1: SSH2_MSG_NEWKEYS sent

debug1: expecting SSH2_MSG_NEWKEYS

debug1: SSH2_MSG_NEWKEYS received

debug1: rekey after 134217728 blocks

debug1: SSH2_MSG_EXT_INFO received

debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>

debug1: SSH2_MSG_SERVICE_ACCEPT received

debug1: Authentications that can continue: publickey

debug1: Next authentication method: publickey

debug1: Offering public key: RSA SHA256:EfYKpv5N+M8YBgCFjjy3P9M0jYt7DObq9ApoZ0G8qL4 /home/sysop/.ssh/id_rsa

debug1: Authentications that can continue: publickey

debug1: Trying private key: /home/sysop/.ssh/id_dsa

debug1: Trying private key: /home/sysop/.ssh/id_ecdsa

debug1: Trying private key: /home/sysop/.ssh/id_ed25519

debug1: No more authentication methods to try.

ubuntu@10.0.0.205: Permission denied (publickey).

sysop@kvmneo4j:~$





permissions ssh kvm lxd







share|improve this question



























    1















    I have a host machine (KVM with Kubuntu 18.04) with a LDX guest (based on ubuntu18.04 image).



    I can ssh from guest to host.



    But trying to ssh from host to guest gives an




    Permission denied (publickey)




    error



    Step to reproduce:




    • lxc exec into the guest

    • exec login with ubuntu user (to avoid root permissions problems)

    • ssh to host - SUCCESS

    • exit form user ubuntu - exit from guest

    • from host ssh into ubuntu@guest - ERROR


    What I'm doing wrong?



    Below the complete session transcript



    sysop@kvmneo4j:~$ lxc list
    
+----------+---------+-------------------+------+------------+-----------+
    
|   NAME   |  STATE  |       IPV4        | IPV6 |    TYPE    | SNAPSHOTS |
    
+----------+---------+-------------------+------+------------+-----------+
    
| base1804 | RUNNING | 10.0.0.205 (eth0) |      | PERSISTENT | 0         |
    
+----------+---------+-------------------+------+------------+-----------+
    
sysop@kvmneo4j:~$ lxc exec base1804 bash
    
root@base1804:~# exec login ubuntu
    
Password: 
    
Last login: Wed Jan  2 18:58:10 UTC 2019 on UNKNOWN
    
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-43-generic x86_64)
    

    
* Documentation:  https://help.ubuntu.com
    
* Management:     https://landscape.canonical.com
    
* Support:        https://ubuntu.com/advantage
    

    
System information as of Wed Jan  2 19:02:28 UTC 2019
    

    
System load:    1.69      Processes:           22
    
Usage of /home: unknown   Users logged in:     0
    
Memory usage:   1%        IP address for eth0: 10.0.0.205
    
Swap usage:     0%
    

    

    
Get cloud support with Ubuntu Advantage Cloud Guest:
    
    http://www.ubuntu.com/business/services/cloud
    

    
0 packages can be updated.
    
0 updates are security updates.
    

    
Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings
    

    

    
To run a command as administrator (user "root"), use "sudo <command>".
    
See "man sudo_root" for details.
    

    
ubuntu@base1804:~$ ssh sysop@10.0.0.1
    
sysop@10.0.0.1's password: 
    
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-43-generic x86_64)
    

    
* Documentation:  https://help.ubuntu.com
    
* Management:     https://landscape.canonical.com
    
* Support:        https://ubuntu.com/advantage
    

    

    
* Canonical Livepatch is available for installation.
    
- Reduce system reboots and improve kernel security. Activate at:
    
    https://ubuntu.com/livepatch
    
Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings
    

    
Last login: Wed Jan  2 19:58:42 2019 from 10.0.0.205
    
sysop@kvmneo4j:~$ logout
    
Connection to 10.0.0.1 closed.
    
ubuntu@base1804:~$ logout
    
sysop@kvmneo4j:~$ ssh -v ubuntu@10.0.0.205
    
OpenSSH_7.6p1 Ubuntu-4ubuntu0.1, OpenSSL 1.0.2n  7 Dec 2017
    
debug1: Reading configuration data /etc/ssh/ssh_config
    
debug1: /etc/ssh/ssh_config line 19: Applying options for *
    
debug1: Connecting to 10.0.0.205 [10.0.0.205] port 22.
    
debug1: Connection established.
    
debug1: identity file /home/sysop/.ssh/id_rsa type 0
    
debug1: key_load_public: No such file or directory
    
debug1: identity file /home/sysop/.ssh/id_rsa-cert type -1
    
debug1: key_load_public: No such file or directory
    
debug1: identity file /home/sysop/.ssh/id_dsa type -1
    
debug1: key_load_public: No such file or directory
    
debug1: identity file /home/sysop/.ssh/id_dsa-cert type -1
    
debug1: key_load_public: No such file or directory
    
debug1: identity file /home/sysop/.ssh/id_ecdsa type -1
    
debug1: key_load_public: No such file or directory
    
debug1: identity file /home/sysop/.ssh/id_ecdsa-cert type -1
    
debug1: key_load_public: No such file or directory
    
debug1: identity file /home/sysop/.ssh/id_ed25519 type -1
    
debug1: key_load_public: No such file or directory
    
debug1: identity file /home/sysop/.ssh/id_ed25519-cert type -1
    
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.1
    
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6p1 Ubuntu-4ubuntu0.1
    
debug1: match: OpenSSH_7.6p1 Ubuntu-4ubuntu0.1 pat OpenSSH* compat 0x04000000
    
debug1: Authenticating to 10.0.0.205:22 as 'ubuntu'
    
debug1: SSH2_MSG_KEXINIT sent
    
debug1: SSH2_MSG_KEXINIT received
    
debug1: kex: algorithm: curve25519-sha256
    
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
    
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
    
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
    
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
    
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:i0Ezo01qJyhIue4PIRobOw/qKuvDW/7OJZzgB0X5jGM
    
debug1: Host '10.0.0.205' is known and matches the ECDSA host key.
    
debug1: Found key in /home/sysop/.ssh/known_hosts:1
    
debug1: rekey after 134217728 blocks
    
debug1: SSH2_MSG_NEWKEYS sent
    
debug1: expecting SSH2_MSG_NEWKEYS
    
debug1: SSH2_MSG_NEWKEYS received
    
debug1: rekey after 134217728 blocks
    
debug1: SSH2_MSG_EXT_INFO received
    
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
    
debug1: SSH2_MSG_SERVICE_ACCEPT received
    
debug1: Authentications that can continue: publickey
    
debug1: Next authentication method: publickey
    
debug1: Offering public key: RSA SHA256:EfYKpv5N+M8YBgCFjjy3P9M0jYt7DObq9ApoZ0G8qL4 /home/sysop/.ssh/id_rsa
    
debug1: Authentications that can continue: publickey
    
debug1: Trying private key: /home/sysop/.ssh/id_dsa
    
debug1: Trying private key: /home/sysop/.ssh/id_ecdsa
    
debug1: Trying private key: /home/sysop/.ssh/id_ed25519
    
debug1: No more authentication methods to try.
    
ubuntu@10.0.0.205: Permission denied (publickey).
    
sysop@kvmneo4j:~$





    permissions ssh kvm lxd







    share|improve this question

























      1












      1








      1








      I have a host machine (KVM with Kubuntu 18.04) with a LDX guest (based on ubuntu18.04 image).



      I can ssh from guest to host.



      But trying to ssh from host to guest gives an




      Permission denied (publickey)




      error



      Step to reproduce:




      • lxc exec into the guest

      • exec login with ubuntu user (to avoid root permissions problems)

      • ssh to host - SUCCESS

      • exit form user ubuntu - exit from guest

      • from host ssh into ubuntu@guest - ERROR


      What I'm doing wrong?



      Below the complete session transcript



      sysop@kvmneo4j:~$ lxc list
      
+----------+---------+-------------------+------+------------+-----------+
      
|   NAME   |  STATE  |       IPV4        | IPV6 |    TYPE    | SNAPSHOTS |
      
+----------+---------+-------------------+------+------------+-----------+
      
| base1804 | RUNNING | 10.0.0.205 (eth0) |      | PERSISTENT | 0         |
      
+----------+---------+-------------------+------+------------+-----------+
      
sysop@kvmneo4j:~$ lxc exec base1804 bash
      
root@base1804:~# exec login ubuntu
      
Password: 
      
Last login: Wed Jan  2 18:58:10 UTC 2019 on UNKNOWN
      
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-43-generic x86_64)
      

      
* Documentation:  https://help.ubuntu.com
      
* Management:     https://landscape.canonical.com
      
* Support:        https://ubuntu.com/advantage
      

      
System information as of Wed Jan  2 19:02:28 UTC 2019
      

      
System load:    1.69      Processes:           22
      
Usage of /home: unknown   Users logged in:     0
      
Memory usage:   1%        IP address for eth0: 10.0.0.205
      
Swap usage:     0%
      

      

      
Get cloud support with Ubuntu Advantage Cloud Guest:
      
    http://www.ubuntu.com/business/services/cloud
      

      
0 packages can be updated.
      
0 updates are security updates.
      

      
Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings
      

      

      
To run a command as administrator (user "root"), use "sudo <command>".
      
See "man sudo_root" for details.
      

      
ubuntu@base1804:~$ ssh sysop@10.0.0.1
      
sysop@10.0.0.1's password: 
      
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-43-generic x86_64)
      

      
* Documentation:  https://help.ubuntu.com
      
* Management:     https://landscape.canonical.com
      
* Support:        https://ubuntu.com/advantage
      

      

      
* Canonical Livepatch is available for installation.
      
- Reduce system reboots and improve kernel security. Activate at:
      
    https://ubuntu.com/livepatch
      
Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings
      

      
Last login: Wed Jan  2 19:58:42 2019 from 10.0.0.205
      
sysop@kvmneo4j:~$ logout
      
Connection to 10.0.0.1 closed.
      
ubuntu@base1804:~$ logout
      
sysop@kvmneo4j:~$ ssh -v ubuntu@10.0.0.205
      
OpenSSH_7.6p1 Ubuntu-4ubuntu0.1, OpenSSL 1.0.2n  7 Dec 2017
      
debug1: Reading configuration data /etc/ssh/ssh_config
      
debug1: /etc/ssh/ssh_config line 19: Applying options for *
      
debug1: Connecting to 10.0.0.205 [10.0.0.205] port 22.
      
debug1: Connection established.
      
debug1: identity file /home/sysop/.ssh/id_rsa type 0
      
debug1: key_load_public: No such file or directory
      
debug1: identity file /home/sysop/.ssh/id_rsa-cert type -1
      
debug1: key_load_public: No such file or directory
      
debug1: identity file /home/sysop/.ssh/id_dsa type -1
      
debug1: key_load_public: No such file or directory
      
debug1: identity file /home/sysop/.ssh/id_dsa-cert type -1
      
debug1: key_load_public: No such file or directory
      
debug1: identity file /home/sysop/.ssh/id_ecdsa type -1
      
debug1: key_load_public: No such file or directory
      
debug1: identity file /home/sysop/.ssh/id_ecdsa-cert type -1
      
debug1: key_load_public: No such file or directory
      
debug1: identity file /home/sysop/.ssh/id_ed25519 type -1
      
debug1: key_load_public: No such file or directory
      
debug1: identity file /home/sysop/.ssh/id_ed25519-cert type -1
      
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.1
      
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6p1 Ubuntu-4ubuntu0.1
      
debug1: match: OpenSSH_7.6p1 Ubuntu-4ubuntu0.1 pat OpenSSH* compat 0x04000000
      
debug1: Authenticating to 10.0.0.205:22 as 'ubuntu'
      
debug1: SSH2_MSG_KEXINIT sent
      
debug1: SSH2_MSG_KEXINIT received
      
debug1: kex: algorithm: curve25519-sha256
      
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
      
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
      
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
      
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
      
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:i0Ezo01qJyhIue4PIRobOw/qKuvDW/7OJZzgB0X5jGM
      
debug1: Host '10.0.0.205' is known and matches the ECDSA host key.
      
debug1: Found key in /home/sysop/.ssh/known_hosts:1
      
debug1: rekey after 134217728 blocks
      
debug1: SSH2_MSG_NEWKEYS sent
      
debug1: expecting SSH2_MSG_NEWKEYS
      
debug1: SSH2_MSG_NEWKEYS received
      
debug1: rekey after 134217728 blocks
      
debug1: SSH2_MSG_EXT_INFO received
      
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
      
debug1: SSH2_MSG_SERVICE_ACCEPT received
      
debug1: Authentications that can continue: publickey
      
debug1: Next authentication method: publickey
      
debug1: Offering public key: RSA SHA256:EfYKpv5N+M8YBgCFjjy3P9M0jYt7DObq9ApoZ0G8qL4 /home/sysop/.ssh/id_rsa
      
debug1: Authentications that can continue: publickey
      
debug1: Trying private key: /home/sysop/.ssh/id_dsa
      
debug1: Trying private key: /home/sysop/.ssh/id_ecdsa
      
debug1: Trying private key: /home/sysop/.ssh/id_ed25519
      
debug1: No more authentication methods to try.
      
ubuntu@10.0.0.205: Permission denied (publickey).
      
sysop@kvmneo4j:~$





      permissions ssh kvm lxd







      share|improve this question














      I have a host machine (KVM with Kubuntu 18.04) with a LDX guest (based on ubuntu18.04 image).



      I can ssh from guest to host.



      But trying to ssh from host to guest gives an




      Permission denied (publickey)




      error



      Step to reproduce:




      • lxc exec into the guest

      • exec login with ubuntu user (to avoid root permissions problems)

      • ssh to host - SUCCESS

      • exit form user ubuntu - exit from guest

      • from host ssh into ubuntu@guest - ERROR


      What I'm doing wrong?



      Below the complete session transcript



      sysop@kvmneo4j:~$ lxc list
      
+----------+---------+-------------------+------+------------+-----------+
      
|   NAME   |  STATE  |       IPV4        | IPV6 |    TYPE    | SNAPSHOTS |
      
+----------+---------+-------------------+------+------------+-----------+
      
| base1804 | RUNNING | 10.0.0.205 (eth0) |      | PERSISTENT | 0         |
      
+----------+---------+-------------------+------+------------+-----------+
      
sysop@kvmneo4j:~$ lxc exec base1804 bash
      
root@base1804:~# exec login ubuntu
      
Password: 
      
Last login: Wed Jan  2 18:58:10 UTC 2019 on UNKNOWN
      
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-43-generic x86_64)
      

      
* Documentation:  https://help.ubuntu.com
      
* Management:     https://landscape.canonical.com
      
* Support:        https://ubuntu.com/advantage
      

      
System information as of Wed Jan  2 19:02:28 UTC 2019
      

      
System load:    1.69      Processes:           22
      
Usage of /home: unknown   Users logged in:     0
      
Memory usage:   1%        IP address for eth0: 10.0.0.205
      
Swap usage:     0%
      

      

      
Get cloud support with Ubuntu Advantage Cloud Guest:
      
    http://www.ubuntu.com/business/services/cloud
      

      
0 packages can be updated.
      
0 updates are security updates.
      

      
Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings
      

      

      
To run a command as administrator (user "root"), use "sudo <command>".
      
See "man sudo_root" for details.
      

      
ubuntu@base1804:~$ ssh sysop@10.0.0.1
      
sysop@10.0.0.1's password: 
      
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-43-generic x86_64)
      

      
* Documentation:  https://help.ubuntu.com
      
* Management:     https://landscape.canonical.com
      
* Support:        https://ubuntu.com/advantage
      

      

      
* Canonical Livepatch is available for installation.
      
- Reduce system reboots and improve kernel security. Activate at:
      
    https://ubuntu.com/livepatch
      
Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings
      

      
Last login: Wed Jan  2 19:58:42 2019 from 10.0.0.205
      
sysop@kvmneo4j:~$ logout
      
Connection to 10.0.0.1 closed.
      
ubuntu@base1804:~$ logout
      
sysop@kvmneo4j:~$ ssh -v ubuntu@10.0.0.205
      
OpenSSH_7.6p1 Ubuntu-4ubuntu0.1, OpenSSL 1.0.2n  7 Dec 2017
      
debug1: Reading configuration data /etc/ssh/ssh_config
      
debug1: /etc/ssh/ssh_config line 19: Applying options for *
      
debug1: Connecting to 10.0.0.205 [10.0.0.205] port 22.
      
debug1: Connection established.
      
debug1: identity file /home/sysop/.ssh/id_rsa type 0
      
debug1: key_load_public: No such file or directory
      
debug1: identity file /home/sysop/.ssh/id_rsa-cert type -1
      
debug1: key_load_public: No such file or directory
      
debug1: identity file /home/sysop/.ssh/id_dsa type -1
      
debug1: key_load_public: No such file or directory
      
debug1: identity file /home/sysop/.ssh/id_dsa-cert type -1
      
debug1: key_load_public: No such file or directory
      
debug1: identity file /home/sysop/.ssh/id_ecdsa type -1
      
debug1: key_load_public: No such file or directory
      
debug1: identity file /home/sysop/.ssh/id_ecdsa-cert type -1
      
debug1: key_load_public: No such file or directory
      
debug1: identity file /home/sysop/.ssh/id_ed25519 type -1
      
debug1: key_load_public: No such file or directory
      
debug1: identity file /home/sysop/.ssh/id_ed25519-cert type -1
      
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.1
      
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6p1 Ubuntu-4ubuntu0.1
      
debug1: match: OpenSSH_7.6p1 Ubuntu-4ubuntu0.1 pat OpenSSH* compat 0x04000000
      
debug1: Authenticating to 10.0.0.205:22 as 'ubuntu'
      
debug1: SSH2_MSG_KEXINIT sent
      
debug1: SSH2_MSG_KEXINIT received
      
debug1: kex: algorithm: curve25519-sha256
      
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
      
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
      
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
      
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
      
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:i0Ezo01qJyhIue4PIRobOw/qKuvDW/7OJZzgB0X5jGM
      
debug1: Host '10.0.0.205' is known and matches the ECDSA host key.
      
debug1: Found key in /home/sysop/.ssh/known_hosts:1
      
debug1: rekey after 134217728 blocks
      
debug1: SSH2_MSG_NEWKEYS sent
      
debug1: expecting SSH2_MSG_NEWKEYS
      
debug1: SSH2_MSG_NEWKEYS received
      
debug1: rekey after 134217728 blocks
      
debug1: SSH2_MSG_EXT_INFO received
      
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
      
debug1: SSH2_MSG_SERVICE_ACCEPT received
      
debug1: Authentications that can continue: publickey
      
debug1: Next authentication method: publickey
      
debug1: Offering public key: RSA SHA256:EfYKpv5N+M8YBgCFjjy3P9M0jYt7DObq9ApoZ0G8qL4 /home/sysop/.ssh/id_rsa
      
debug1: Authentications that can continue: publickey
      
debug1: Trying private key: /home/sysop/.ssh/id_dsa
      
debug1: Trying private key: /home/sysop/.ssh/id_ecdsa
      
debug1: Trying private key: /home/sysop/.ssh/id_ed25519
      
debug1: No more authentication methods to try.
      
ubuntu@10.0.0.205: Permission denied (publickey).
      
sysop@kvmneo4j:~$





      permissions ssh kvm lxd




      permissions ssh kvm lxd






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Jan 2 at 19:22









      Mirto BusicoMirto Busico

      1851620




      1851620






















          2 Answers
          2






          active

          oldest

          votes


















          3














          By default, all Ubuntu lxd images for containers are set up with PasswordAuthentication no in their SSH configuration.



          You need to go into the container directly and edit the config as root.



          (1) lxc shell CONTAINER-NAME will drop you to a root shell.



          (2) nano /etc/ssh/sshd_config will open the nano text editor to that file.



          (3) Find the line PasswordAuthentication no and set it to yes.



          (4) Ctrl+W to write the file, and Ctrl+X to close the file.



          (5) Restart the SSH service with sudo systemctl restart ssh.



          You should now be able to SSH into the container from the host system.






          share|improve this answer


























          • Thanks it worked. BTW what is the recommended method to interact by script with an LXD container? I mean rcp to transer files or something similar

            – Mirto Busico
            Jan 4 at 10:41











          • The standard way you would transfer data between host and container would be scp or rsync - but you have to either use SSH keys or do these steps to enable password authentication. Treat the container as its own OS whne you consider file transfers to/from it

            – Thomas Ward
            Jan 4 at 14:26



















          0














          Try from the guest:



          ssh -A host


          then from the host:



          ssh final-destination


          The "-A" forwards your agent from the guest to the host.






          share|improve this answer



















          • 1





            This won't work because of the container defaults which forbid password authentication.

            – Thomas Ward
            Jan 2 at 20:28













          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "89"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1106369%2fhow-to-ssh-into-a-lxd-guest%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          2 Answers
          2






          active

          oldest

          votes








          2 Answers
          2






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          3














          By default, all Ubuntu lxd images for containers are set up with PasswordAuthentication no in their SSH configuration.



          You need to go into the container directly and edit the config as root.



          (1) lxc shell CONTAINER-NAME will drop you to a root shell.



          (2) nano /etc/ssh/sshd_config will open the nano text editor to that file.



          (3) Find the line PasswordAuthentication no and set it to yes.



          (4) Ctrl+W to write the file, and Ctrl+X to close the file.



          (5) Restart the SSH service with sudo systemctl restart ssh.



          You should now be able to SSH into the container from the host system.






          share|improve this answer


























          • Thanks it worked. BTW what is the recommended method to interact by script with an LXD container? I mean rcp to transer files or something similar

            – Mirto Busico
            Jan 4 at 10:41











          • The standard way you would transfer data between host and container would be scp or rsync - but you have to either use SSH keys or do these steps to enable password authentication. Treat the container as its own OS whne you consider file transfers to/from it

            – Thomas Ward
            Jan 4 at 14:26
















          3














          By default, all Ubuntu lxd images for containers are set up with PasswordAuthentication no in their SSH configuration.



          You need to go into the container directly and edit the config as root.



          (1) lxc shell CONTAINER-NAME will drop you to a root shell.



          (2) nano /etc/ssh/sshd_config will open the nano text editor to that file.



          (3) Find the line PasswordAuthentication no and set it to yes.



          (4) Ctrl+W to write the file, and Ctrl+X to close the file.



          (5) Restart the SSH service with sudo systemctl restart ssh.



          You should now be able to SSH into the container from the host system.






          share|improve this answer


























          • Thanks it worked. BTW what is the recommended method to interact by script with an LXD container? I mean rcp to transer files or something similar

            – Mirto Busico
            Jan 4 at 10:41











          • The standard way you would transfer data between host and container would be scp or rsync - but you have to either use SSH keys or do these steps to enable password authentication. Treat the container as its own OS whne you consider file transfers to/from it

            – Thomas Ward
            Jan 4 at 14:26














          3












          3








          3







          By default, all Ubuntu lxd images for containers are set up with PasswordAuthentication no in their SSH configuration.



          You need to go into the container directly and edit the config as root.



          (1) lxc shell CONTAINER-NAME will drop you to a root shell.



          (2) nano /etc/ssh/sshd_config will open the nano text editor to that file.



          (3) Find the line PasswordAuthentication no and set it to yes.



          (4) Ctrl+W to write the file, and Ctrl+X to close the file.



          (5) Restart the SSH service with sudo systemctl restart ssh.



          You should now be able to SSH into the container from the host system.






          share|improve this answer















          By default, all Ubuntu lxd images for containers are set up with PasswordAuthentication no in their SSH configuration.



          You need to go into the container directly and edit the config as root.



          (1) lxc shell CONTAINER-NAME will drop you to a root shell.



          (2) nano /etc/ssh/sshd_config will open the nano text editor to that file.



          (3) Find the line PasswordAuthentication no and set it to yes.



          (4) Ctrl+W to write the file, and Ctrl+X to close the file.



          (5) Restart the SSH service with sudo systemctl restart ssh.



          You should now be able to SSH into the container from the host system.







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited Jan 8 at 13:28

























          answered Jan 2 at 20:31









          Thomas WardThomas Ward

          43.9k23121174




          43.9k23121174













          • Thanks it worked. BTW what is the recommended method to interact by script with an LXD container? I mean rcp to transer files or something similar

            – Mirto Busico
            Jan 4 at 10:41











          • The standard way you would transfer data between host and container would be scp or rsync - but you have to either use SSH keys or do these steps to enable password authentication. Treat the container as its own OS whne you consider file transfers to/from it

            – Thomas Ward
            Jan 4 at 14:26



















          • Thanks it worked. BTW what is the recommended method to interact by script with an LXD container? I mean rcp to transer files or something similar

            – Mirto Busico
            Jan 4 at 10:41











          • The standard way you would transfer data between host and container would be scp or rsync - but you have to either use SSH keys or do these steps to enable password authentication. Treat the container as its own OS whne you consider file transfers to/from it

            – Thomas Ward
            Jan 4 at 14:26

















          Thanks it worked. BTW what is the recommended method to interact by script with an LXD container? I mean rcp to transer files or something similar

          – Mirto Busico
          Jan 4 at 10:41





          Thanks it worked. BTW what is the recommended method to interact by script with an LXD container? I mean rcp to transer files or something similar

          – Mirto Busico
          Jan 4 at 10:41













          The standard way you would transfer data between host and container would be scp or rsync - but you have to either use SSH keys or do these steps to enable password authentication. Treat the container as its own OS whne you consider file transfers to/from it

          – Thomas Ward
          Jan 4 at 14:26





          The standard way you would transfer data between host and container would be scp or rsync - but you have to either use SSH keys or do these steps to enable password authentication. Treat the container as its own OS whne you consider file transfers to/from it

          – Thomas Ward
          Jan 4 at 14:26













          0














          Try from the guest:



          ssh -A host


          then from the host:



          ssh final-destination


          The "-A" forwards your agent from the guest to the host.






          share|improve this answer



















          • 1





            This won't work because of the container defaults which forbid password authentication.

            – Thomas Ward
            Jan 2 at 20:28


















          0














          Try from the guest:



          ssh -A host


          then from the host:



          ssh final-destination


          The "-A" forwards your agent from the guest to the host.






          share|improve this answer



















          • 1





            This won't work because of the container defaults which forbid password authentication.

            – Thomas Ward
            Jan 2 at 20:28
















          0












          0








          0







          Try from the guest:



          ssh -A host


          then from the host:



          ssh final-destination


          The "-A" forwards your agent from the guest to the host.






          share|improve this answer













          Try from the guest:



          ssh -A host


          then from the host:



          ssh final-destination


          The "-A" forwards your agent from the guest to the host.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Jan 2 at 20:21









          Eric MintzEric Mintz

          584112




          584112








          • 1





            This won't work because of the container defaults which forbid password authentication.

            – Thomas Ward
            Jan 2 at 20:28
















          • 1





            This won't work because of the container defaults which forbid password authentication.

            – Thomas Ward
            Jan 2 at 20:28










          1




          1





          This won't work because of the container defaults which forbid password authentication.

          – Thomas Ward
          Jan 2 at 20:28







          This won't work because of the container defaults which forbid password authentication.

          – Thomas Ward
          Jan 2 at 20:28




















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Ask Ubuntu!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1106369%2fhow-to-ssh-into-a-lxd-guest%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          Quarter-circle Tiles

          Image
          up vote 0 down vote favorite I have $99$ identical square tiles, each with a quarter-circle drawn on it like this: [asy] size(1.5cm); draw(Arc((2,0),1,90,180),red+1); draw((0,0)--(2,0)--(2,2)--(0,2)--(0,0)); [/asy] When I arrange the tiles in a $9times 11$ rectangular grid, each with a random orientation, what is the expected value of the number of full circles I form? I think this problem has to do with finding the chance any given 2x2 square has a circle, but I can't find it. expected-value share | cite | improve this question asked Nov 20 at 15:03 6minecraftninja 1 2
          Read more

          build a pushdown automaton that recognizes the reverse language of a given pushdown automaton?

          Image
          0 I think it's similiar to NFAs. I replace the finite states of the given automaton for start-states for my new automaton. I do it with $epsilon$ -transition from the start state to the actual finite states of the given automaton. The start state of the given automaton will be my accepting(finite) state of my new one. All transitions will be reversed of course to recognize the reversed word. But how do I have to change the stack of the pushdown automaton? That's tricky. formal-languages automata context-free-grammar share | cite | improve this question edited Nov 29 '18 at 14:20 joee
          Read more

          Mont Emei

          Image
          Mont Emei.mw-parser-output .entete.map{background-image:url("//upload.wikimedia.org/wikipedia/commons/7/7a/Picto_infobox_map.png")} Vue du sommet Wanfo du mont Emei Géographie Altitude 3 099  m , Wanfo Coordonnées 29° 31′ 11″ nord, 103° 19′ 57″ est Administration Pays   Chine Province Sichuan Ville-préfecture Leshan Géolocalisation sur la carte : Sichuan Mont Emei Géolocalisation sur la carte : Chine Mont Emei modifier   Paysage panoramique du mont Emei, incluant le paysage panoramique du grand Bouddha de Leshan *   Patrimoine mondial de l'UNESCO Passerelle en bois sur le versant ouest Pays   Chine Subdivision Sichuan Type Mixte Critères (iv) (vi) (x) Superficie 15 400 ha Numéro d’identification 779 Zone géographique Asie et Pacifique  ** Année d’inscription 1996 (20 e session) * Descriptif officiel UNESCO ** Classification géog
          Read more