@stormi OK, thanks. I will try your solution on a small lab.
@stormi I tried to do it but I don't think I succeeded. Could you send me a more specific doc of what you are doing?
I think these are the steps that worked for me:
yum install xscontainer yum install python2-pip --enablerepo=epel pip2 install --upgrade "pip < 21" pip2 install --upgrade "cryptography == 2.5" pip2 install --upgrade "paramiko < 3"
As this is done outside a virtualenv (I've tried inside a virtualenv, but I think xscontainer runs stuff outside of it, so it didn't work), this will overwrite the contents of RPMs you installed, so, again, only for testing.
I also had to remove the former host key from the VM metadata:
xe vm-param-remove uuid=... param-name=other-config param-key=xscontainer-sshhostkey
@stormi Thanks, I just tried that and it still doesn't work
Well, I tried it myself on a freshly installed pool, and this worked. Can you elaborate on what doesn't work?
@stormi I still have the same problem, the key does not want to install and asks me if I want to try again.
What's the exact error message?
Would you like to push a pool-specific public SSH key into the ~/.ssh/authorized_keys file of the specified VM and therefore authorize hosts in the pool to interact with the containers inside the VM? Answer y/n: y Attempting to push the public xscontainer key to USER@IP. ID@IP's password: Success. Attempting to refresh the state of the VM Failure diagnosis: Unable to find ncat inside the VM. Please install ncat. Do you wish to retry? Answer y/n:
My server is up to date
It's not the same error. Your VM is missing a required package : ncat, as the error message says.
@stormi My bad. Ok I installed the nmap-ncat package under rockylinux and works perfectly now Thank you
Is there any solution for this, I'm researching how to use xcp-ng + XO to build and manage docker.
When I read about Xscontainer I was excited because it seemed like the best option.
I have a small server and would like to know what would be a clean and transparent solution to achieve this.
I've read a lot and I'm still confused.
Below is everything I researched and read on the subject:
I found another workaround (one-step solution) for the "Unable to verify key-based authentication error" without having to mess with any of the python packaging.
To your /etc/ssh/sshd_config file will make the VM accept the older authentication
@codycrypto this worked! thank you so much!
@johnnyorange Glad I could help! Took me weeks to figure that out lol....I would caution using that in production though, not sure the security implications for accepting the older key type.