starred/webvirtcloud
1
0
Fork 0
mirror of https://github.com/retspen/webvirtcloud.git synced 2026-04-25 23:45:56 +03:00
Code Issues 199 Projects Releases 1 Packages Wiki Activity

[GH-ISSUE #518] Problem with SSH keys #312

New issue
Open
opened 2026-02-27 15:58:12 +03:00 by kerem · 4 comments
kerem commented 2026-02-27 15:58:12 +03:00
Owner
Copy link

Originally created by @cairoapcampos on GitHub (Jul 13, 2022).
Original GitHub issue: https://github.com/retspen/webvirtcloud/issues/518

I'm using this Dockerfile to build my image:

https://github.com/retspen/webvirtcloud/blob/master/Dockerfile

But as the default user of the container is root I'm having some problems with SSH. The key generated is for the user www-data and not for root when I try to connect with the command ssh root@compute1 the password is requested.

Documentation settings:

chown www-data -R ~www-data
sudo -u www-data ssh-keygen

cat > ~www-data/.ssh/config << EOF
Host *
StrictHostKeyChecking no
EOF

chown www-data -R ~www-data/.ssh/config

To try to get around the problem, I generated the keys for root with the commands below:

ssh-keygen

cat > ~root/.ssh/config << EOF
Host *
StrictHostKeyChecking no
EOF

ssh-copy-id root@compute1

ssh root@compute1

This way the password was no longer requested.

Is there a better way to do these settings?

Note: "passphrase" was not defined when generating the keys. The password requested is the KVM host password.

Originally created by @cairoapcampos on GitHub (Jul 13, 2022). Original GitHub issue: https://github.com/retspen/webvirtcloud/issues/518 I'm using this Dockerfile to build my image: <https://github.com/retspen/webvirtcloud/blob/master/Dockerfile> But as the default user of the container is root I'm having some problems with SSH. The key generated is for the user **www-data** and not for **root** when I try to connect with the command `ssh root@compute1` the password is requested. Documentation settings: `chown www-data -R ~www-data` `sudo -u www-data ssh-keygen` ``` cat > ~www-data/.ssh/config << EOF Host * StrictHostKeyChecking no EOF ``` `chown www-data -R ~www-data/.ssh/config` To try to get around the problem, I generated the keys for root with the commands below: `ssh-keygen` ``` cat > ~root/.ssh/config << EOF Host * StrictHostKeyChecking no EOF ``` `ssh-copy-id root@compute1` `ssh root@compute1` This way the password was no longer requested. Is there a better way to do these settings? Note: "passphrase" was not defined when generating the keys. The password requested is the KVM host password.
kerem commented 2026-02-27 15:58:13 +03:00
Author
Owner
Copy link

@5he1n commented on GitHub (Aug 13, 2022):

The correct way to share ssh key with compute is:

chown www-data -R ~www-data/.ssh/  
setuser www-data ssh-keygen -f ~www-data/.ssh/id_rsa -q -N ""  
setuser www-data ssh-copy-id root@compute1

and then check it

setuser www-data ssh-copy-id root@compute1
<!-- gh-comment-id:1214172726 --> @5he1n commented on GitHub (Aug 13, 2022): The correct way to share ssh key with compute is: ``` chown www-data -R ~www-data/.ssh/ setuser www-data ssh-keygen -f ~www-data/.ssh/id_rsa -q -N "" setuser www-data ssh-copy-id root@compute1 ``` and then check it ``` setuser www-data ssh-copy-id root@compute1 ```
kerem commented 2026-02-27 15:58:13 +03:00
Author
Owner
Copy link

@cairoapcampos commented on GitHub (Aug 24, 2022):

I tested it and it worked correctly. Thank you.

When evaluating compute node security. Is it better to use a user other than root?
Do you use another user?

<!-- gh-comment-id:1226259569 --> @cairoapcampos commented on GitHub (Aug 24, 2022): I tested it and it worked correctly. Thank you. When evaluating compute node security. Is it better to use a user other than root? Do you use another user?
kerem commented 2026-02-27 15:58:13 +03:00
Author
Owner
Copy link

@catborise commented on GitHub (Aug 25, 2022):

yes you can/should manage with a user other than root. To make this, you must configure host libvirt.conf.
there are many resources how you can do that;

  1. https://computingforgeeks.com/use-virt-manager-as-non-root-user/ (virt-manager is like webvirtcloud but only works desktop env.
  2. https://www.poftut.com/use-virt-manager-libvirt-normal-user-without-root-privileges-without-asking-password/
<!-- gh-comment-id:1226780951 --> @catborise commented on GitHub (Aug 25, 2022): yes you can/should manage with a user other than root. To make this, you must configure host libvirt.conf. there are many resources how you can do that; 1. https://computingforgeeks.com/use-virt-manager-as-non-root-user/ (virt-manager is like webvirtcloud but only works desktop env. 2. https://www.poftut.com/use-virt-manager-libvirt-normal-user-without-root-privileges-without-asking-password/
kerem commented 2026-02-27 15:58:13 +03:00
Author
Owner
Copy link

@cairoapcampos commented on GitHub (Aug 25, 2022):

Thank you again for your help.

<!-- gh-comment-id:1227082829 --> @cairoapcampos commented on GitHub (Aug 25, 2022): Thank you again for your help.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
v1.0
Labels
Clear labels   
bug

   
enhancement

   
pull-request

Mirrored from GitHub Pull Request

No labels
bug
enhancement
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/webvirtcloud#312
No description provided.