On Tue, Sep 24, 2019 at 12:02:44PM +0200, Andrea Bolognani wrote:
On Tue, 2019-09-24 at 08:27 +0200, Erik Skultety wrote:
On Mon, Sep 23, 2019 at 04:47:06PM -0400, Laine Stump wrote:
On 9/23/19 1:27 PM, Erik Skultety wrote:
The nwfilter 220-no-ip-spoofing.t test relies on an SSH connection to the test VM. However, because the domain definition passed to libvirt lacks an RNG device, the SSH server isn't started inside the guest (even though that is the default on virt-builder images) and therefore:
"ssh: connect to host 192.168.122.227 port 22: Connection refused"
Strange that this has never happened to me. Is it perhaps because I'm using a very old cached image from virt-builder, and had started it up manually at some time in the past (thus giving it a long enough time to generate the keys, which are now stored away for posterity)?
Btw I always thought that the keys are generated during the package installation rather than first execution of the daemon, clearly I was wrong.
I'm going to go out on a limb and assume virt-builder templates get their keys ripped out explicitly as part of the building process, because of course you wouldn't want all guests created from the same virt-builder template to share a single set of SSH keys, now would you? :)
That makes a lot of sense, they do sanitize the images indeed. (btw I read somewhere that under some circumstances you'd want to share the server keys in a cluster environment, unfortunately the author of the article didn't bother explaining, so I'm taking that information with a grain of salt) Thanks, Erik