[SOLVED] SSH Permission denied for a container but not for the baremetal

sanjibukai

New Member
Nov 10, 2016
11
1
1
43
Hello,

I'm excited to start working with ProxMox..
I'm actually trying to host a multi purpose server at home.

So I managed to install ProxMox (baremetal) and I'm able to access it via SSH from a laptop.

Then I installed and run my first LXC container (debian 8) and I'm pretty amazed about how fast and quick it seems to start and shutdown (yes.. It's not so complex tasks, but I'm starting ;))

But I'm unable to connect to this container by SSH neither from the ProxMox shell nor from my laptop.

For testing purpose I do not create any user yet, and all the password I use are exactly the same.
And I tried all the connections for the root user.
So I guessed about some root SSH login prohibition so I checked the ssh_config file for both (the ProxMox baremetal and the first container).

The two ssh_config files are exactly the same and except the last 4 lines all the lines are commented.
Here are the 4 lines that both ssh_config have :
SendEnv LANG LC_*
HashKnownHosts yes
GSSAPIAuthentication yes
GSSAPIDelegateCredentials no


I even tried with adding the following parameter PermitRootLogin yes but it had no effect.

BTW, I'm able to ping both "machines" from my laptop.

Can anyone could figure out what's going on ?

Thank you and sorry for my bad english...
 
Last edited:
how did you create the container?

on the GUI/web interface you have to provide a root password or public SSH key which is used. if you setup using pct or the API, those are optional and you can create a container that is only accessible with "pct enter ID".

"pct enter ID" should always work, so from the CLI you should be able to reset the password of the root user in the container.
 
how did you create the container?

on the GUI/web interface you have to provide a root password or public SSH key which is used. if you setup using pct or the API, those are optional and you can create a container that is only accessible with "pct enter ID".

"pct enter ID" should always work, so from the CLI you should be able to reset the password of the root user in the container.
Thank you for your reply...
I used the GUI of the web interface.. And indeed I provided a password which work when I'm login in in the container from the console (the shell of the container I use from the web interface).
But I tried using the "pct enter ID" and I was able to use the CLI of the container.
However changing the password did not change anything ?
It's weird o_O
 
you can check /etc/ssh/sshd_config in the container for further clues , but I would say this is not a PVE issue but something wrong with your distro/SSH setup in the container
 
you can check /etc/ssh/sshd_config in the container for further clues , but I would say this is not a PVE issue but something wrong with your distro/SSH setup in the container
Yes I think so..
The LXC container is a debian 8 template without any modification.
And as I said before the content of the ssh_config file is exactly the same that the one I have in the PVE.
The content of the file (which are only 4 lines uncommented) is shown in the first post..
 
Yes I think so..
The LXC container is a debian 8 template without any modification.
And as I said before the content of the ssh_config file is exactly the same that the one I have in the PVE.
The content of the file (which are only 4 lines uncommented) is shown in the first post..

ssh_config is the client configuration, you need to look at sshd_config (in /etc/ssh/)
 
  • Like
Reactions: zuluromeo
ssh_config is the client configuration, you need to look at sshd_config (in /etc/ssh/)
My bad..
I didn't notice the sshd_config..
And indeed, there was this line for my container :
PermitRootLogin without-password
And this one in the one from the PVE :
PermitRootLogin yes
So I changed this line and everything worked..

Many thanks and sorry for my inattention !
 
  • Like
Reactions: Zaman
I have the same issue and it doesn't matter which container you deploy its the same for all of them. I tried CentOS 7, Ubuntu Server 16.04, Ubuntu Server 17.04 and OpenSuse 42.2 So it's not the container at all. I use those same oses and Windows Server in VMs no problems what so ever so it is not the container that is the problem, it is definitely something with Promox.

And i change the line in LXC Container's sshd_config from PermitRootLogin without-password to PermitRootLogin yes and restarted the service still did not work, I also rebooted the container and it still did not work. So I am at a loss.
 
  • Like
Reactions: akvlad and frq6692
I'm having the same issue with PVE 7.3, and while I can connect to my LXC containers from each other or from the PVE host, I cannot connect from my Windows 11 client. I've even tried creating a non-root user, same issue. Won't accept the password, SSH does respond, however.
 
Please create a new thread and don't resurrect an unrelated, 6 year old one.
Make sure you share your VM config (qm config <VMID>) and your network config in that new thread
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!