[
https://issues.apache.org/jira/browse/GUACAMOLE-1930?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Tomas updated GUACAMOLE-1930:
-----------------------------
Description:
I've installed guacamole - your docker version, but I've got problems logging
into ssh sessions with any kind of host verification.
docker config:
{code:java}
docker run \
-d \
--net brig \
--ip 10.0.0.6 \
-p 4822:4822 \
--name guacamole-guacd \
--restart always \
guacamole/guacd
docker run \
-d \
--net brig \
--ip 10.0.0.7 \
-p 8001:8080 \
--name apache-guacamole \
--restart always \
-e TZ=Europe/Prague \
-e GUACD_HOSTNAME=10.0.0.6 \
-e GUACD_PORT=4822 \
-e MYSQL_HOSTNAME=10.0.0.5 \
-e MYSQL_PORT=3306 \
-e MYSQL_DATABASE=aguacamole \
-e MYSQL_USER=aguacamole \
-e MYSQL_PASSWORD=mypw \
-v
/media/AppData/volumes/aguacamole_volume/_data/home-guacamole:/home/guacamole \
guacamole/guacamole
{code}
I followed your documentation, how to put a known_hosts record into the
connection profile (Public host key (Base64)), tried following:
{code:java}
testpc.test.com ssh-ed25519 XXXABCDEFGHNVjaOK+MgqlZSHPoNHHpuptJAOxYW6o
ssh-ed25519 XXXABCDEFGHNVjaOK+MgqlZSHPoNHHpuptJAOxYW6o{code}
however the result has been always:
{code:java}
guacd[1531]: INFO: User "@03827a1f-b013-4d5c-afdb-6cb08f19e56b" joined
connection "$2df823fa-d766-40e8-8f1f-f7dae923dc2d" (1 users now present)
guacd[1531]: ERROR: Host key not found for testpc.test.com.
guacd[1531]: ERROR: Host key did not match any provided known host keys.
guacd[1531]: INFO: User "@03827a1f-b013-4d5c-afdb-6cb08f19e56b" disconnected (0
users remain)
guacd[1531]: INFO: Last user of connection
"$2df823fa-d766-40e8-8f1f-f7dae923dc2d" disconnected{code}
I tried to put also "ssh_known_hosts" file into GUACAMOLE_HOME with the same
records, however, the file gets ignored... and it's same as if I don't setup
any key. They connection establishes, but without any verification.
{code:java}
guacd[72]: INFO: User "@ba02fef7-0ba5-4871-a7a9-2cd1964b580d" joined connection
"$addd82d3-df83-4485-9baa-8af059817a4d" (1 users now present)
guacd[72]: WARNING: No known host keys provided, host identity will not be
verified.
guacd[72]: WARNING: Unable to set the timezone: SSH server refused to set "TZ"
variable.
guacd[72]: WARNING: No known host keys provided, host identity will not be
verified.
guacd[72]: INFO: SSH connection successful.{code}
Is there a way to fix this please? I also tried increasing log verbosity with
{code:java}
-e LOGBACK_LEVEL=DEBUG
{code}
on guacd container, but it did not make what it was supposed to do. Thank you,
any advice apreciated.
was:
I've installed guacamole - your docker version, but I've got problems logging
into ssh sessions with any kind of host verification.
docker config:
{code:java}
docker run \
-d \
--net brig \
--ip 10.0.0.6 \
-p 4822:4822 \
--name guacamole-guacd \
--restart always \
guacamole/guacd
docker run \
-d \
--net brig \
--ip 10.0.0.7 \
-p 8001:8080 \
--name apache-guacamole \
--restart always \
-e TZ=Europe/Prague \
-e GUACD_HOSTNAME=10.0.0.6 \
-e GUACD_PORT=4822 \
-e MYSQL_HOSTNAME=10.0.0.5 \
-e MYSQL_PORT=3306 \
-e MYSQL_DATABASE=aguacamole \
-e MYSQL_USER=aguacamole \
-e MYSQL_PASSWORD=mypw \
-v
/media/AppData/volumes/aguacamole_volume/_data/home-guacamole:/home/guacamole \
guacamole/guacamole
{code}
I followed your documentation, how to put a known_hosts record into the
connection profile (Public host key (Base64)), tried following:
{code:java}
testpc.test.com ssh-ed25519 XXXABCDEFGHNVjaOK+MgqlZSHPoNHHpuptJAOxYW6o
ssh-ed25519 XXXABCDEFGHNVjaOK+MgqlZSHPoNHHpuptJAOxYW6o{code}
however the result has been always:
{code:java}
guacd[1531]: INFO: User "@03827a1f-b013-4d5c-afdb-6cb08f19e56b" joined
connection "$2df823fa-d766-40e8-8f1f-f7dae923dc2d" (1 users now present)
guacd[1531]: ERROR: Host key not found for testpc.test.com.
guacd[1531]: ERROR: Host key did not match any provided known host keys.
guacd[1531]: INFO: User "@03827a1f-b013-4d5c-afdb-6cb08f19e56b" disconnected (0
users remain)
guacd[1531]: INFO: Last user of connection
"$2df823fa-d766-40e8-8f1f-f7dae923dc2d" disconnected{code}
I tried to put also "ssh_known_hosts" file into GUACAMOLE_HOME with the same
records, however, the file gets ignored... and it's same as if I don't setup
any key. They connection establishes, but without any verification.
{code:java}
guacd[72]: INFO: User "@ba02fef7-0ba5-4871-a7a9-2cd1964b580d" joined connection
"$addd82d3-df83-4485-9baa-8af059817a4d" (1 users now present)
guacd[72]: WARNING: No known host keys provided, host identity will not be
verified.
guacd[72]: WARNING: Unable to set the timezone: SSH server refused to set "TZ"
variable.
guacd[72]: WARNING: No known host keys provided, host identity will not be
verified.
guacd[72]: INFO: SSH connection successful.{code}
Is there a way to fix this please? I also tried increasing log verbosity with
{code:java}
-e LOGBACK_LEVEL=DEBUG \{code}
on guacd container, but it did not make what it was supposed to do. Thank you,
any advice apreciated.
> ssh host verification not working | docker
> ------------------------------------------
>
> Key: GUACAMOLE-1930
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1930
> Project: Guacamole
> Issue Type: Bug
> Components: guacamole
> Affects Versions: 1.5.4
> Environment: host os: Debian GNU/Linux 12 (bookworm)
> Docker version 25.0.3, build 4debf41
> Containers:
> guacamole/guacd
> guacamole/guacamole
> Reporter: Tomas
> Priority: Major
>
> I've installed guacamole - your docker version, but I've got problems logging
> into ssh sessions with any kind of host verification.
> docker config:
> {code:java}
> docker run \
> -d \
> --net brig \
> --ip 10.0.0.6 \
> -p 4822:4822 \
> --name guacamole-guacd \
> --restart always \
> guacamole/guacd
> docker run \
> -d \
> --net brig \
> --ip 10.0.0.7 \
> -p 8001:8080 \
> --name apache-guacamole \
> --restart always \
> -e TZ=Europe/Prague \
> -e GUACD_HOSTNAME=10.0.0.6 \
> -e GUACD_PORT=4822 \
> -e MYSQL_HOSTNAME=10.0.0.5 \
> -e MYSQL_PORT=3306 \
> -e MYSQL_DATABASE=aguacamole \
> -e MYSQL_USER=aguacamole \
> -e MYSQL_PASSWORD=mypw \
> -v
> /media/AppData/volumes/aguacamole_volume/_data/home-guacamole:/home/guacamole
> \
> guacamole/guacamole
> {code}
> I followed your documentation, how to put a known_hosts record into the
> connection profile (Public host key (Base64)), tried following:
> {code:java}
> testpc.test.com ssh-ed25519 XXXABCDEFGHNVjaOK+MgqlZSHPoNHHpuptJAOxYW6o
> ssh-ed25519 XXXABCDEFGHNVjaOK+MgqlZSHPoNHHpuptJAOxYW6o{code}
> however the result has been always:
> {code:java}
> guacd[1531]: INFO: User "@03827a1f-b013-4d5c-afdb-6cb08f19e56b" joined
> connection "$2df823fa-d766-40e8-8f1f-f7dae923dc2d" (1 users now present)
> guacd[1531]: ERROR: Host key not found for testpc.test.com.
> guacd[1531]: ERROR: Host key did not match any provided known host keys.
> guacd[1531]: INFO: User "@03827a1f-b013-4d5c-afdb-6cb08f19e56b" disconnected
> (0 users remain)
> guacd[1531]: INFO: Last user of connection
> "$2df823fa-d766-40e8-8f1f-f7dae923dc2d" disconnected{code}
> I tried to put also "ssh_known_hosts" file into GUACAMOLE_HOME with the same
> records, however, the file gets ignored... and it's same as if I don't setup
> any key. They connection establishes, but without any verification.
> {code:java}
> guacd[72]: INFO: User "@ba02fef7-0ba5-4871-a7a9-2cd1964b580d" joined
> connection "$addd82d3-df83-4485-9baa-8af059817a4d" (1 users now present)
> guacd[72]: WARNING: No known host keys provided, host identity will not be
> verified.
> guacd[72]: WARNING: Unable to set the timezone: SSH server refused to set
> "TZ" variable.
> guacd[72]: WARNING: No known host keys provided, host identity will not be
> verified.
> guacd[72]: INFO: SSH connection successful.{code}
> Is there a way to fix this please? I also tried increasing log verbosity with
> {code:java}
> -e LOGBACK_LEVEL=DEBUG
> {code}
> on guacd container, but it did not make what it was supposed to do. Thank
> you, any advice apreciated.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
