New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can't SSH into naked container with my own CI/CD .img #272
Comments
I also had this problem yesterday, but it was my VPN. Do you have a VPN on? |
Also double check your username |
Hello @sickcodes , thanks for the reply. No I am not using VPN on my docker computer. So weird, port SSH is running, but I can't logging at all into the naked one (SSH is working fine on big sur image with display). |
I have followed your steps @JB-CHAUVIN and I am having a similar issue although I am mapping the ports 1:1 from the VM to the container this works when I run the But when I run with the img I copied from To be honest I am not sure how to debug it further from here. Your screenshots above are the same thing I see in my system, the port open and docker listening. on those port for both ssh and vnc. Can it be that the container is getting stuck in the disk picker and never booting ? |
Can you + exec qemu-system-x86_64 -m 3000 -cpu Penryn,vendor=GenuineIntel,+invtsc,vmware-cpuid-freq=on,+pcid,+ssse3,+sse4.2,+popcnt,+avx,+aes,+xsave,+xsaveopt,check, -machine q35,accel=kvm:tcg -smp 4,cores=4 -usb -device usb-kbd -device usb-tablet -device 'isa-applesmc,osk=ourhardworkbythesewordsguardedpleasedontsteal(c)AppleComputerInc' -drive if=pflash,format=raw,readonly,file=/home/arch/OSX-KVM/OVMF_CODE.fd -drive if=pflash,format=raw,file=/home/arch/OSX-KVM/OVMF_VARS-1024x768.fd -smbios type=2 -audiodev alsa,id=hda -device ich9-intel-hda -device hda-duplex,audiodev=hda -device ich9-ahci,id=sata -drive id=OpenCoreBoot,if=none,snapshot=on,format=qcow2,file=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2 -device ide-hd,bus=sata.2,drive=OpenCoreBoot -device ide-hd,bus=sata.3,drive=InstallMedia -drive id=InstallMedia,if=none,file=/home/arch/OSX-KVM/BaseSystem.img,format=qcow2 -drive id=MacHDD,if=none,file=/home/arch/OSX-KVM/mac_hdd_ng.img,format=qcow2 -device ide-hd,bus=sata.4,drive=MacHDD -netdev user,id=net0,hostfwd=tcp::10022-:22,hostfwd=tcp::5900-:5900, -device vmxnet3,netdev=net0,id=net0,mac=52:54:00:09:49:17 -monitor stdio -vga vmware -display none -vnc 0.0.0.0:99
qemu-system-x86_64: -drive if=pflash,format=raw,readonly,file=/home/arch/OSX-KVM/OVMF_CODE.fd: warning: short-form boolean option 'readonly' deprecated
Please use readonly=on instead
QEMU 6.0.0 monitor - type 'help' for more information |
Trying with latest image:
I see in the VM ports are mapped to docker
It seems 5999 is not open on the host machine, but 50922 on the other hand is open and proxied to the container, this might be because naked image only accept and open port 50922 in its docker file (no vnc) but still is not accesible after it started. Can it be that the mac we installed is not listening in Happy to help debug this further if something is needed to troubleshoot. Edit: I also notice that the image I have created even though it has autologin enable it does not auto login. |
I have try booting up again the machine with the big-sur docker image, changing the port for ssh from 22 to 10022 in
EDIT: Another test I did was:
This actually start working and ssh reply to me asking for a password but the password I set up for the user does not work. |
Same problem here.
|
Found something new. BTW, I am using Given that this problem happens with both podman & docker, |
@coppercash can you share the complete command you run to accomplished this ? I have just re tried and I got this ports listening on the docker host machine, but then no route to the container running the OSX tcp 0 0 0.0.0.0:10022 0.0.0.0:* LISTEN 11489/qemu-system-x And same issue I had it seems that something is open in the port but nothing is listening in ssh.
I will really appreciate your docker run command for the naked image to see if I am setting some options wrong. |
podman run -i --name mike \
--device /dev/kvm \
-e EXTRA="-display none -vnc 0.0.0.0:99,password=on" \
-v `pwd`/volumes/image:/image \
-e SMP=30 -e CORES=1 -e RAM=56 \
-e WIDTH=1600 -e HEIGHT=900 \
-e NOPICKER=true \
-e GENERATE_UNIQUE=true \
-e MASTER_PLIST_URL='https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-nopicker-custom.plist' \
--network=host \
docker.io/sickcodes/docker-osx:naked Here it is, the complete command. Although, now,
Gonna dig deeper when I get some time. |
@coppercash solved the above issue with Docker-OSX podman in the following comment: #246 |
podman run --name mike \
-d \
--device /dev/kvm \
-v `pwd`/volumes/image:/image \
-e EXTRA="-display none -vnc 0.0.0.0:99,password=on" \
-e SMP=30 -e CORES=1 -e RAM=56 \
-e WIDTH=1600 -e HEIGHT=900 \
-e GENERATE_UNIQUE=true \
-e MASTER_PLIST_URL='https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-nopicker-custom.plist' \
-p 65022:10022 \
-p 65000:5900 \
-p 65001:5999 \
docker.io/sickcodes/docker-osx:naked This is my current command to boot. $ ssh will@127.0.0.1 -p 65022 -vvvvv
OpenSSH_8.4p1, OpenSSL 1.1.1k FIPS 25 Mar 2021
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: /etc/ssh/ssh_config line 55: Including file /etc/ssh/ssh_config.d/50-redhat.conf depth 0
debug1: Reading configuration data /etc/ssh/ssh_config.d/50-redhat.conf
debug2: checking match for 'final all' host 127.0.0.1 originally 127.0.0.1
debug3: /etc/ssh/ssh_config.d/50-redhat.conf line 3: not matched 'final'
debug2: match not found
debug3: /etc/ssh/ssh_config.d/50-redhat.conf line 5: Including file /etc/crypto-policies/back-ends/openssh.config depth 1 (parse only)
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug3: gss kex names ok: [gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-]
debug3: kex names ok: [curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512]
debug1: configuration requests final Match pass
debug2: resolve_canonicalize: hostname 127.0.0.1 is address
debug1: re-parsing configuration
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: /etc/ssh/ssh_config line 55: Including file /etc/ssh/ssh_config.d/50-redhat.conf depth 0
debug1: Reading configuration data /etc/ssh/ssh_config.d/50-redhat.conf
debug2: checking match for 'final all' host 127.0.0.1 originally 127.0.0.1
debug3: /etc/ssh/ssh_config.d/50-redhat.conf line 3: matched 'final'
debug2: match found
debug3: /etc/ssh/ssh_config.d/50-redhat.conf line 5: Including file /etc/crypto-policies/back-ends/openssh.config depth 1
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug3: gss kex names ok: [gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-]
debug3: kex names ok: [curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512]
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/var/home/core/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/var/home/core/.ssh/known_hosts2'
debug2: ssh_connect_direct
debug1: Connecting to 127.0.0.1 [127.0.0.1] port 65022.
debug1: Connection established.
debug1: identity file /var/home/core/.ssh/id_rsa type -1
debug1: identity file /var/home/core/.ssh/id_rsa-cert type -1
debug1: identity file /var/home/core/.ssh/id_dsa type -1
debug1: identity file /var/home/core/.ssh/id_dsa-cert type -1
debug1: identity file /var/home/core/.ssh/id_ecdsa type -1
debug1: identity file /var/home/core/.ssh/id_ecdsa-cert type -1
debug1: identity file /var/home/core/.ssh/id_ecdsa_sk type -1
debug1: identity file /var/home/core/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /var/home/core/.ssh/id_ed25519 type 3
debug1: identity file /var/home/core/.ssh/id_ed25519-cert type -1
debug1: identity file /var/home/core/.ssh/id_ed25519_sk type -1
debug1: identity file /var/home/core/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /var/home/core/.ssh/id_xmss type -1
debug1: identity file /var/home/core/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.4
^C And, still, ssh just stucks at the last line. |
|
It turned out the cause I found was not the real one. Previously I was using I suspect that plain |
Have we found any solution ? I keep getting the same "wrong password" error. Port looks running, but I can't log in into the MAC DOCKER via SSH. PS : I don't have podman on my system. |
Have you tried |
I have the same problem? summary: Only the mapped 50922 port connection did not respond, I suspect that it is a problem with podman. I don't know whether docker also has this problem. |
PodMan correct security breaches by limiting capacities of the container. Using it with sudo or --privilegied basically make it like docker and fail the purpose. Docker-OSX should fine tune what it needs and configure PodMan to work with it, rather than just exploding all securities and executing as root |
Hey @ficofer just wondering if you managed to get it working, having the same issue. Thanks! |
Hello,
I configured an image using the following command :
What I've done :
Then, I saved the HDD :
But when I start it naked, I can't SSH into it...
Error is :
ssh mobile@localhost -p 50922
kex_exchange_identification: Connection closed by remote host
Any ideas why ?
Please find Docker's log when I run naked container, and some info about my system.
OS related issued, please help us identify the issue by posting the output of this :
The text was updated successfully, but these errors were encountered: