Arch Linux

Icarus_Radio

Member

Registered: 2017-02-28

Posts: 45

Failed to connect to QEMU guest via SSH

I am using QEMU to emulate an ARM64 architecture machine. I followed the guide here to get the machine start running. However, when I add port forwarding parameters, I cannot connect to the machine via SSH.
When I try

$ ssh -p 10022 root@localhost

I get error message like

ssh_exchange_identification: read: Connection reset by peer

Commands to run the machine:

qemu-system-aarch64 -m 1024 -cpu cortex-a57 -nographic -machine virt \
-kernel Image -append 'root=/dev/vda2 rw rootwait mem=1024M console=ttyAMA0,38400n8' \
-netdev user,id=user0 -device virtio-net-device,netdev=user0  -device virtio-blk-device,drive=disk \
-drive if=none,id=disk,file=vexpress64-openembedded_IMAGENAME-armv8_IMAGEDATE-XYZ.img \
-net nic -net user,hostfwd=tcp::10022-:22

The /etc/ssh/sshd_config on VM guest:

#	$OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options change a
# default value.

#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

# The default requires explicit activation of protocol 1
Protocol 2

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024

# Ciphers and keying
#RekeyLimit default none

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

#RSAAuthentication yes
#PubkeyAuthentication yes

# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile .ssh/authorized_keys

#AuthorizedPrincipalsFile none

#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
PermitEmptyPasswords yes

# Change to no to disable s/key passwords
ChallengeResponseAuthentication no

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes

#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
UsePrivilegeSeparation sandbox # Default for new installations.
#PermitUserEnvironment no
Compression no
ClientAliveInterval 15
ClientAliveCountMax 4
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none

# no default banner path
#Banner none

# override default of no subsystems
Subsystem	sftp	/usr/libexec/sftp-server

# Example of overriding settings on a per-user basis
#Match User anoncvs
#	X11Forwarding no
#	AllowTcpForwarding no
#	PermitTTY no
#	ForceCommand cvs server

bugsmanagement

Member

Registered: 2017-04-21

Posts: 201

Re: Failed to connect to QEMU guest via SSH

Hello there,

Is vanilla ArchLinux is the host?

Cheers

Icarus_Radio

Member

Registered: 2017-02-28

Posts: 45

Re: Failed to connect to QEMU guest via SSH

Hello there,

Is vanilla ArchLinux is the host?

Cheers

Yes, I am using vanilla Archlinux.

bugsmanagement

Member

Registered: 2017-04-21

Posts: 201

Re: Failed to connect to QEMU guest via SSH

Hi,  connection rest can happen for several  reasons, though I never used QEMU command line, but looking at this '-net nic -net user,hostfwd=tcp::10022-:22'? Is that suppose to be some type of proxy?

cheers

Icarus_Radio

Member

Registered: 2017-02-28

Posts: 45

Re: Failed to connect to QEMU guest via SSH

Hi,  connection rest can happen for several reasons, though I never used QEMU command line, but looking at this '-net nic -net user,hostfwd=tcp::10022-:22'? Is that suppose to be some type of proxy?

cheers

It's port forwarding. References.

bugsmanagement

Member

Registered: 2017-04-21

Posts: 201

Re: Failed to connect to QEMU guest via SSH

The default user-mode networking allows the guest to access the host OS at the IP address 10.0.2.2. ...  It will not be possible for the host OS to access servers running on the guest OS

Libvirt?

Icarus_Radio

Member

Registered: 2017-02-28

Posts: 45

Re: Failed to connect to QEMU guest via SSH

The default user-mode networking allows the guest to access the host OS at the IP address 10.0.2.2. ...  It will not be possible for the host OS to access servers running on the guest OS

Libvirt?

Thanks, I will try that later

ngoonee

Forum Fellow

From: Between Thailand and Singapore

Registered: 2009-03-17

Posts: 7,356

Re: Failed to connect to QEMU guest via SSH

What port do you expect SSH to be on, for the VM guest? You're trying to connect to it on 10022, but sshd doesn't seem to set that as the SSH port in the guest.

---

Allan-Volunteer on the (topic being discussed) mailn lists. You never get the people who matters attention on the forums.
jasonwryan-Installing Arch is a measure of your literacy. Maintaining Arch is a measure of your diligence. Contributing to Arch is a measure of your competence.
Griemak-Bleeding edge, not bleeding flat. Edge denotes falls will occur from time to time. Bring your own parachute.

Icarus_Radio

Member

Registered: 2017-02-28

Posts: 45

Re: Failed to connect to QEMU guest via SSH

What port do you expect SSH to be on, for the VM guest? You're trying to connect to it on 10022, but sshd doesn't seem to set that as the SSH port in the guest.

However, in the ArchWiki I referenced, it just tells me to connect to the guest VM in this way.

ewaller

Administrator

From: Pasadena, CA

Registered: 2009-07-13

Posts: 19,791

Re: Failed to connect to QEMU guest via SSH

What port do you expect SSH to be on, for the VM guest? You're trying to connect to it on 10022, but sshd doesn't seem to set that as the SSH port in the guest.

However, in the ArchWiki I referenced, it just tells me to connect to the guest VM in this way.

The presupposes you started qemu with port 10022 on the host forwarded to port 22 on the guest. The example given in the wiki:
qemu-system-x86_64 disk_image -net nic -net user,hostfwd=tcp::10022-:22

Last edited by ewaller (2019-04-23 14:24:42)

---

Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way