On 2/10/22 09:02, Daniel P. Berrangé wrote:
On Thu, Feb 10, 2022 at 09:52:52AM +0800, Yalan Zhang wrote:
> Hi there,
>
> I have a system configured with ssh login banner like as below:
> # cat ~/.bashrc
> ...
> echo
>
"================================================================================="
> echo "====== This machine is occupied by xxx for testing now. If you are
> about to use it, contact xxx first ======"
> echo
>
"================================================================================="
>
> It works as expected that whenever someone logs into this system by ssh,
> he/she will see this warning message.
> But it seems such settings will impact a virsh client connection with ssh,
> when I try to connect the libvirt daemon on this system, it will error out :
> # virsh -c qemu+ssh://${my_host}/system list --all
> root@${my_host}'s password:
> error: failed to connect to the hypervisor
> error: packet 1027423545 bytes received from server too large, want 33554432
Libvirt is tunnelling an RPC protocol over the SSH connection.
Your bashrc is printing this text onto the SSH conmnection and
that corrupts the libvirt RPC protocol.
If you want to print something whjen people login use the
/etc/motd file which is designed for this pupose, don't
print stuff from a .bashrc. Libvirt gives the options to
SSH that prevent display of /etc/motd contents, so that
its RPC protocol doesn't get corrupted.
One more thing, I wasn't able to reproduce when virt-ssh-helper was
used. But maybe I wasn't trying hard enough.
Michal