lima
lima copied to clipboard
Published
20 hours ago •
lima-vm
lima-vm
Stuck on "Waiting for the essential requirement 1 of 5: "ssh"; Permission denied (publickey)
Description
I'm trying to start lima with default settings using limactl start and with default settings but I'm stuck on this error.
INFO[0003] SSH Local Port: 60022
INFO[0003] [hostagent] Waiting for the essential requirement 1 of 5: "ssh"
DEBU[0003] [hostagent] executing script "ssh"
DEBU[0003] [hostagent] executing ssh for script "ssh": /usr/bin/ssh [ssh -F /dev/null -o IdentityFile="/Users/shadow/.lima/_config/user" -o IdentityFile="/Users/shadow/.ssh/id_rsa" -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o NoHostAuthenticationForLocalhost=yes -o GSSAPIAuthentication=no -o PreferredAuthentications=publickey -o Compression=no -o BatchMode=yes -o IdentitiesOnly=yes -o Ciphers="^[email protected],[email protected]" -o User=shadow -o ControlMaster=auto -o ControlPath="/Users/shadow/.lima/default/ssh.sock" -o ControlPersist=5m -p 60022 127.0.0.1 -- /bin/bash]
DEBU[0010] [hostagent] stdout="", stderr="kex_exchange_identification: read: Connection reset by peer\r\nConnection reset by 127.0.0.1 port 60022\r\n", err=failed to execute script "ssh": stdout="", stderr="kex_exchange_identification: read: Connection reset by peer\r\nConnection reset by 127.0.0.1 port 60022\r\n": exit status 255
INFO[0020] [hostagent] Waiting for the essential requirement 1 of 5: "ssh"
DEBU[0020] [hostagent] executing script "ssh"
DEBU[0020] [hostagent] executing ssh for script "ssh": /usr/bin/ssh [ssh -F /dev/null -o IdentityFile="/Users/shadow/.lima/_config/user" -o IdentityFile="/Users/shadow/.ssh/id_rsa" -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o NoHostAuthenticationForLocalhost=yes -o GSSAPIAuthentication=no -o PreferredAuthentications=publickey -o Compression=no -o BatchMode=yes -o IdentitiesOnly=yes -o Ciphers="^[email protected],[email protected]" -o User=shadow -o ControlMaster=auto -o ControlPath="/Users/shadow/.lima/default/ssh.sock" -o ControlPersist=5m -p 60022 127.0.0.1 -- /bin/bash]
DEBU[0020] [hostagent] stdout="", stderr="[email protected]: Permission denied (publickey).\r\n", err=failed to execute script "ssh": stdout="", stderr="[email protected]: Permission denied (publickey).\r\n": exit status 255
INFO[0030] [hostagent] Waiting for the essential requirement 1 of 5: "ssh"
DEBU[0030] [hostagent] executing script "ssh"
DEBU[0030] [hostagent] executing ssh for script "ssh": /usr/bin/ssh [ssh -F /dev/null -o IdentityFile="/Users/shadow/.lima/_config/user" -o IdentityFile="/Users/shadow/.ssh/id_rsa" -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o NoHostAuthenticationForLocalhost=yes -o GSSAPIAuthentication=no -o PreferredAuthentications=publickey -o Compression=no -o BatchMode=yes -o IdentitiesOnly=yes -o Ciphers="^[email protected],[email protected]" -o User=shadow -o ControlMaster=auto -o ControlPath="/Users/shadow/.lima/default/ssh.sock" -o ControlPersist=5m -p 60022 127.0.0.1 -- /bin/bash]
DEBU[0030] [hostagent] stdout="", stderr="[email protected]: Permission denied (publickey).\r\n", err=failed to execute script "ssh": stdout="", stderr="[email protected]: Permission denied (publickey).\r\n": exit status 255
INFO[0040] [hostagent] Waiting for the essential requirement 1 of 5: "ssh"
DEBU[0040] [hostagent] executing script "ssh"
DEBU[0040] [hostagent] executing ssh for script "ssh": /usr/bin/ssh [ssh -F /dev/null -o IdentityFile="/Users/shadow/.lima/_config/user" -o IdentityFile="/Users/shadow/.ssh/id_rsa" -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o NoHostAuthenticationForLocalhost=yes -o GSSAPIAuthentication=no -o PreferredAuthentications=publickey -o Compression=no -o BatchMode=yes -o IdentitiesOnly=yes -o Ciphers="^[email protected],[email protected]" -o User=shadow -o ControlMaster=auto -o ControlPath="/Users/shadow/.lima/default/ssh.sock" -o ControlPersist=5m -p 60022 127.0.0.1 -- /bin/bash]
DEBU[0040] [hostagent] stdout="", stderr="[email protected]: Permission denied (publickey).\r\n", err=failed to execute script "ssh": stdout="", stderr="[email protected]: Permission denied (publickey).\r\n": exit status 255
limactl version 0.11.2
colima version 0.4.4
QEMU emulator version 7.0.0
System: MacOS v12.4 M1
I have already gone through other related issues (#525, #17, #745, #767, #745, #713, #503, #543) but still no luck. I even tried it with some other versions of ubuntu but all show the same error. But ya fedora works fine.
It happens only with default settings. When I try it for fedora or something else, it works fine. Btw I'm on Mac M1
Here's the log:
[2J[01;01H[=3h[2J[01;01HBdsDxe: failed to load Boot0001 "UEFI Misc Device" from VenHw(93E34C7E-B50E-11DF-9223-2443DFD72085,00): Not Found
BdsDxe: loading Boot0002 "UEFI Misc Device 2" from PciRoot(0x0)/Pci(0x4,0x0)
BdsDxe: starting Boot0002 "UEFI Misc Device 2" from PciRoot(0x0)/Pci(0x4,0x0)
EFI stub: Booting Linux Kernel...
EFI stub: Using DTB from configuration table
EFI stub: Exiting boot services...
[ 0.000000] Booting Linux on physical CPU 0x0000000000 [0x00000000]
[ 0.000000] Linux version 5.15.0-41-generic (buildd@bos02-arm64-014) (gcc (Ubuntu 11.2.0-19ubuntu1) 11.2.0, GNU ld (GNU Binutils for Ubuntu) 2.38) #44-Ubuntu SMP Thu Jun 23 11:20:13 UTC 2022 (Ubuntu 5.15.0-41.44-generic 5.15.39)
[ 0.000000] efi: EFI v2.70 by EDK II
[ 0.000000] efi: SMBIOS 3.0=0x13f700000 MEMATTR=0x13cea5018 ACPI 2.0=0x13bc70018 MOKvar=0x13ceb0000 RNG=0x13f80bc18 MEMRESERVE=0x13c371118
[ 0.000000] efi: seeding entropy pool
[ 0.000000] random: fast init done
[ 0.000000] secureboot: Secure boot disabled
[ 0.000000] ACPI: Early table checksum verification disabled
[ 0.000000] ACPI: RSDP 0x000000013BC70018 000024 (v02 BOCHS )
[ 0.000000] ACPI: XSDT 0x000000013BC7FE98 00006C (v01 BOCHS BXPC 00000001 01000013)
[ 0.000000] ACPI: FACP 0x000000013BC7FA98 00010C (v05 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.000000] ACPI: DSDT 0x000000013BC77518 001470 (v02 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.000000] ACPI: APIC 0x000000013BC7FC18 00018C (v03 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.000000] ACPI: PPTT 0x000000013BC7D898 00009C (v02 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.000000] ACPI: GTDT 0x000000013BC7E818 000060 (v02 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.000000] ACPI: MCFG 0x000000013BC7E918 00003C (v01 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.000000] ACPI: SPCR 0x000000013BC7FF98 000050 (v02 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.000000] ACPI: DBG2 0x000000013BC7E418 000057 (v00 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.000000] ACPI: IORT 0x000000013BC7E718 000080 (v03 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.000000] ACPI: BGRT 0x000000013BC7E498 000038 (v01 INTEL EDK2 00000002 01000013)
[ 0.000000] ACPI: SPCR: console: pl011,mmio,0x9000000,9600
[ 0.000000] NUMA: Failed to initialise from firmware
[ 0.000000] NUMA: Faking a node at [mem 0x0000000040000000-0x000000013fffffff]
[ 0.000000] NUMA: NODE_DATA [mem 0x13f64af80-0x13f64ffff]
[ 0.000000] Zone ranges:
[ 0.000000] DMA [mem 0x0000000040000000-0x00000000ffffffff]
[ 0.000000] DMA32 empty
[ 0.000000] Normal [mem 0x0000000100000000-0x000000013fffffff]
[ 0.000000] Device empty
[ 0.000000] Movable zone start for each node
[ 0.000000] Early memory node ranges
[ 0.000000] node 0: [mem 0x0000000040000000-0x000000013bc7ffff]
[ 0.000000] node 0: [mem 0x000000013bc80000-0x000000013bffffff]
[ 0.000000] node 0: [mem 0x000000013c000000-0x000000013c01ffff]
[ 0.000000] node 0: [mem 0x000000013c020000-0x000000013c36ffff]
[ 0.000000] node 0: [mem 0x000000013c370000-0x000000013f64ffff]
[ 0.000000] node 0: [mem 0x000000013f650000-0x000000013f6dffff]
[ 0.000000] node 0: [mem 0x000000013f6e0000-0x000000013f6effff]
[ 0.000000] node 0: [mem 0x000000013f6f0000-0x000000013f80ffff]
[ 0.000000] node 0: [mem 0x000000013f810000-0x000000013fffffff]
[ 0.000000] Initmem setup node 0 [mem 0x0000000040000000-0x000000013fffffff]
[ 0.000000] cma: Reserved 32 MiB at 0x00000000fe000000
[ 0.000000] psci: probing for conduit method from ACPI.
[ 0.000000] psci: PSCIv1.1 detected in firmware.
[ 0.000000] psci: Using standard PSCI v0.2 function IDs
[ 0.000000] psci: Trusted OS migration not required
[ 0.000000] psci: SMC Calling Convention v1.0
[ 0.000000] ACPI: SRAT not present
[ 0.000000] percpu: Embedded 30 pages/cpu s83160 r8192 d31528 u122880
[ 0.000000] Detected PIPT I-cache on CPU0
[ 0.000000] CPU features: detected: Address authentication (IMP DEF algorithm)
[ 0.000000] CPU features: detected: Spectre-v4
[ 0.000000] alternatives: patching kernel code
[ 0.000000] Built 1 zonelists, mobility grouping on. Total pages: 1032192
[ 0.000000] Policy zone: Normal
[ 0.000000] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.15.0-41-generic root=LABEL=cloudimg-rootfs ro console=tty1 console=ttyS0
[ 0.000000] Unknown kernel command line parameters "BOOT_IMAGE=/boot/vmlinuz-5.15.0-41-generic", will be passed to user space.
[ 0.000000] Dentry cache hash table entries: 524288 (order: 10, 4194304 bytes, linear)
[ 0.000000] Inode-cache hash table entries: 262144 (order: 9, 2097152 bytes, linear)
[ 0.000000] mem auto-init: stack:off, heap alloc:on, heap free:off
[ 0.000000] software IO TLB: mapped [mem 0x00000000fa000000-0x00000000fe000000] (64MB)
[ 0.000000] Memory: 3929284K/4194304K available (17280K kernel code, 4558K rwdata, 13816K rodata, 9600K init, 1192K bss, 232252K reserved, 32768K cma-reserved)
[ 0.000000] random: get_random_u64 called from kmem_cache_open+0x30/0x390 with crng_init=1
[ 0.000000] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=4, Nodes=1
[ 0.000000] ftrace: allocating 53973 entries in 211 pages
[ 0.000000] ftrace: allocated 211 pages with 5 groups
[ 0.000000] trace event string verifier disabled
[ 0.000000] rcu: Hierarchical RCU implementation.
[ 0.000000] rcu: RCU restricting CPUs from NR_CPUS=256 to nr_cpu_ids=4.
[ 0.000000] Rude variant of Tasks RCU enabled.
[ 0.000000] Tracing variant of Tasks RCU enabled.
[ 0.000000] rcu: RCU calculated value of scheduler-enlistment delay is 25 jiffies.
[ 0.000000] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=4
[ 0.000000] NR_IRQS: 64, nr_irqs: 64, preallocated irqs: 0
[ 0.000000] Root IRQ handler: gic_handle_irq
[ 0.000000] GICv2m: ACPI overriding V2M MSI_TYPER (base:80, num:64)
[ 0.000000] GICv2m: range[mem 0x08020000-0x08020fff], SPI[80:143]
[ 0.000000] arch_timer: cp15 timer(s) running at 24.00MHz (virt).
[ 0.000000] clocksource: arch_sys_counter: mask: 0xffffffffffffff max_cycles: 0x588fe9dc0, max_idle_ns: 440795202592 ns
[ 0.000000] sched_clock: 56 bits at 24MHz, resolution 41ns, wraps every 4398046511097ns
[ 0.000016] Console: colour dummy device 80x25
[ 0.000057] printk: console [tty1] enabled
[ 0.000070] ACPI: Core revision 20210730
[ 0.000103] Calibrating delay loop (skipped), value calculated using timer frequency.. 48.00 BogoMIPS (lpj=96000)
[ 0.000105] pid_max: default: 32768 minimum: 301
[ 0.000122] LSM: Security Framework initializing
[ 0.000127] landlock: Up and running.
[ 0.000127] Yama: becoming mindful.
[ 0.000147] AppArmor: AppArmor initialized
[ 0.000178] Mount-cache hash table entries: 8192 (order: 4, 65536 bytes, linear)
[ 0.000193] Mountpoint-cache hash table entries: 8192 (order: 4, 65536 bytes, linear)
[ 0.000514] rcu: Hierarchical SRCU implementation.
[ 0.000647] Remapping and enabling EFI services.
[ 0.000825] smp: Bringing up secondary CPUs ...
[ 0.001043] Detected PIPT I-cache on CPU1
[ 0.001107] CPU1: Booted secondary processor 0x0000000001 [0x00000000]
[ 0.001369] Detected PIPT I-cache on CPU2
[ 0.001441] CPU2: Booted secondary processor 0x0000000002 [0x00000000]
[ 0.001672] Detected PIPT I-cache on CPU3
[ 0.001759] CPU3: Booted secondary processor 0x0000000003 [0x00000000]
[ 0.001834] smp: Brought up 1 node, 4 CPUs
[ 0.001841] SMP: Total of 4 processors activated.
[ 0.001842] CPU features: detected: ARMv8.4 Translation Table Level
[ 0.001844] CPU features: detected: Data cache clean to the PoU not required for I/D coherence
[ 0.001845] CPU features: detected: Common not Private translations
[ 0.001846] CPU features: detected: CRC32 instructions
[ 0.001846] CPU features: detected: Data cache clean to Point of Deep Persistence
[ 0.001847] CPU features: detected: Data cache clean to Point of Persistence
[ 0.001848] CPU features: detected: E0PD
[ 0.001849] CPU features: detected: Generic authentication (IMP DEF algorithm)
[ 0.001850] CPU features: detected: RCpc load-acquire (LDAPR)
[ 0.001850] CPU features: detected: LSE atomic instructions
[ 0.001851] CPU features: detected: Privileged Access Never
[ 0.001852] CPU features: detected: RAS Extension Support
[ 0.001853] CPU features: detected: Speculation barrier (SB)
[ 0.001853] CPU features: detected: TLB range maintenance instructions
[ 0.057532] CPU: All CPU(s) started at EL1
[ 0.058175] devtmpfs: initialized
[ 0.058638] Registered cp15_barrier emulation handler
[ 0.058641] setend instruction emulation is not supported on this system
[ 0.058643] KASLR enabled
[ 0.058667] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645041785100000 ns
[ 0.058683] futex hash table entries: 1024 (order: 4, 65536 bytes, linear)
[ 0.058757] pinctrl core: initialized pinctrl subsystem
[ 0.058827] SMBIOS 3.0.0 present.
[ 0.058829] DMI: QEMU QEMU Virtual Machine, BIOS 0.0.0 02/06/2015
[ 0.058963] NET: Registered PF_NETLINK/PF_ROUTE protocol family
[ 0.062842] DMA: preallocated 512 KiB GFP_KERNEL pool for atomic allocations
[ 0.063042] DMA: preallocated 512 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations
[ 0.063156] DMA: preallocated 512 KiB GFP_KERNEL|GFP_DMA32 pool for atomic allocations
[ 0.063165] audit: initializing netlink subsys (disabled)
[ 0.063301] audit: type=2000 audit(0.060:1): state=initialized audit_enabled=0 res=1
[ 0.063361] thermal_sys: Registered thermal governor 'fair_share'
[ 0.063362] thermal_sys: Registered thermal governor 'bang_bang'
[ 0.063363] thermal_sys: Registered thermal governor 'step_wise'
[ 0.063364] thermal_sys: Registered thermal governor 'user_space'
[ 0.063364] thermal_sys: Registered thermal governor 'power_allocator'
[ 0.063370] cpuidle: using governor ladder
[ 0.063373] cpuidle: using governor menu
[ 0.063386] hw-breakpoint: found 6 breakpoint and 4 watchpoint registers.
[ 0.063546] ASID allocator initialised with 256 entries
[ 0.063591] ACPI: bus type PCI registered
[ 0.063592] acpiphp: ACPI Hot Plug PCI Controller Driver version: 0.5
[ 0.063630] Serial: AMBA PL011 UART driver
[ 0.064452] HugeTLB registered 1.00 GiB page size, pre-allocated 0 pages
[ 0.064454] HugeTLB registered 32.0 MiB page size, pre-allocated 0 pages
[ 0.064455] HugeTLB registered 2.00 MiB page size, pre-allocated 0 pages
[ 0.064456] HugeTLB registered 64.0 KiB page size, pre-allocated 0 pages
[ 0.071072] fbcon: Taking over console
[ 0.071080] ACPI: Added _OSI(Module Device)
[ 0.071082] ACPI: Added _OSI(Processor Device)
[ 0.071082] ACPI: Added _OSI(3.0 _SCP Extensions)
[ 0.071083] ACPI: Added _OSI(Processor Aggregator Device)
[ 0.071084] ACPI: Added _OSI(Linux-Dell-Video)
[ 0.071085] ACPI: Added _OSI(Linux-Lenovo-NV-HDMI-Audio)
[ 0.071086] ACPI: Added _OSI(Linux-HPI-Hybrid-Graphics)
[ 0.071374] ACPI: 1 ACPI AML tables successfully acquired and loaded
[ 0.071469] ACPI: Interpreter enabled
[ 0.071470] ACPI: Using GIC for interrupt routing
[ 0.071473] ACPI: MCFG table detected, 1 entries
[ 0.072154] ARMH0011:00: ttyAMA0 at MMIO 0x9000000 (irq = 12, base_baud = 0) is a SBSA
[ 0.112025] printk: console [ttyAMA0] enabled
[ 0.112647] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-0f])
[ 0.112938] acpi PNP0A08:00: _OSC: OS supports [ExtendedConfig ASPM ClockPM Segments MSI HPX-Type3]
[ 0.113383] acpi PNP0A08:00: _OSC: platform does not support [LTR]
[ 0.113703] acpi PNP0A08:00: _OSC: OS now controls [PCIeHotplug SHPCHotplug PME AER PCIeCapability]
[ 0.114275] acpi PNP0A08:00: ECAM area [mem 0x3f000000-0x3fffffff] reserved by PNP0C02:00
[ 0.114613] acpi PNP0A08:00: ECAM at [mem 0x3f000000-0x3fffffff] for [bus 00-0f]
[ 0.114890] ACPI: Remapped I/O 0x000000003eff0000 to [io 0x0000-0xffff window]
[ 0.115177] PCI host bridge to bus 0000:00
[ 0.115361] pci_bus 0000:00: root bus resource [bus 00-0f]
[ 0.115556] pci_bus 0000:00: root bus resource [io 0x0000-0xffff window]
[ 0.115796] pci_bus 0000:00: root bus resource [mem 0x10000000-0x3efeffff window]
[ 0.116081] pci 0000:00:00.0: [1b36:0008] type 00 class 0x060000
[ 0.116380] pci 0000:00:01.0: [1af4:1000] type 00 class 0x020000
[ 0.116704] pci 0000:00:01.0: reg 0x10: [io 0x0120-0x013f]
[ 0.116979] pci 0000:00:01.0: reg 0x14: [mem 0x10056000-0x10056fff]
[ 0.117426] pci 0000:00:01.0: reg 0x20: [mem 0x1004c000-0x1004ffff 64bit pref]
[ 0.117755] pci 0000:00:01.0: reg 0x30: [mem 0xfffc0000-0xffffffff pref]
[ 0.118076] pci 0000:00:02.0: [1af4:1005] type 00 class 0x00ff00
[ 0.118407] pci 0000:00:02.0: reg 0x10: [io 0x0100-0x011f]
[ 0.118915] pci 0000:00:02.0: reg 0x20: [mem 0x10048000-0x1004bfff 64bit pref]
[ 0.119401] pci 0000:00:03.0: [1b36:000d] type 00 class 0x0c0330
[ 0.119634] pci 0000:00:03.0: reg 0x10: [mem 0x10050000-0x10053fff 64bit]
[ 0.119983] pci 0000:00:04.0: [1af4:1001] type 00 class 0x010000
[ 0.120318] pci 0000:00:04.0: reg 0x10: [io 0x0080-0x00ff]
[ 0.120590] pci 0000:00:04.0: reg 0x14: [mem 0x10055000-0x10055fff]
[ 0.121039] pci 0000:00:04.0: reg 0x20: [mem 0x10044000-0x10047fff 64bit pref]
[ 0.121455] pci 0000:00:05.0: [1af4:1001] type 00 class 0x010000
[ 0.121750] pci 0000:00:05.0: reg 0x10: [io 0x0000-0x007f]
[ 0.122023] pci 0000:00:05.0: reg 0x14: [mem 0x10054000-0x10054fff]
[ 0.122475] pci 0000:00:05.0: reg 0x20: [mem 0x10040000-0x10043fff 64bit pref]
[ 0.122906] pci 0000:00:01.0: BAR 6: assigned [mem 0x10000000-0x1003ffff pref]
[ 0.123164] pci 0000:00:01.0: BAR 4: assigned [mem 0x10040000-0x10043fff 64bit pref]
[ 0.123445] pci 0000:00:02.0: BAR 4: assigned [mem 0x10044000-0x10047fff 64bit pref]
[ 0.123725] pci 0000:00:03.0: BAR 0: assigned [mem 0x10048000-0x1004bfff 64bit]
[ 0.123991] pci 0000:00:04.0: BAR 4: assigned [mem 0x1004c000-0x1004ffff 64bit pref]
[ 0.124347] pci 0000:00:05.0: BAR 4: assigned [mem 0x10050000-0x10053fff 64bit pref]
[ 0.124629] pci 0000:00:01.0: BAR 1: assigned [mem 0x10054000-0x10054fff]
[ 0.124871] pci 0000:00:04.0: BAR 1: assigned [mem 0x10055000-0x10055fff]
[ 0.125112] pci 0000:00:05.0: BAR 1: assigned [mem 0x10056000-0x10056fff]
[ 0.125354] pci 0000:00:04.0: BAR 0: assigned [io 0x1000-0x107f]
[ 0.125644] pci 0000:00:05.0: BAR 0: assigned [io 0x1080-0x10ff]
[ 0.125938] pci 0000:00:01.0: BAR 0: assigned [io 0x1100-0x111f]
[ 0.126233] pci 0000:00:02.0: BAR 0: assigned [io 0x1120-0x113f]
[ 0.126564] pci_bus 0000:00: resource 4 [io 0x0000-0xffff window]
[ 0.126785] pci_bus 0000:00: resource 5 [mem 0x10000000-0x3efeffff window]
[ 0.127038] ACPI: PCI: Interrupt link GSI0 configured for IRQ 35
[ 0.127253] ACPI: PCI: Interrupt link GSI1 configured for IRQ 36
[ 0.127467] ACPI: PCI: Interrupt link GSI2 configured for IRQ 37
[ 0.127681] ACPI: PCI: Interrupt link GSI3 configured for IRQ 38
[ 0.128102] iommu: Default domain type: Translated
[ 0.128378] iommu: DMA domain TLB invalidation policy: strict mode
[ 0.128685] SCSI subsystem initialized
[ 0.128971] vgaarb: loaded
[ 0.129086] ACPI: bus type USB registered
[ 0.129845] usbcore: registered new interface driver usbfs
[ 0.130043] usbcore: registered new interface driver hub
[ 0.130233] usbcore: registered new device driver usb
[ 0.130426] pps_core: LinuxPPS API ver. 1 registered
[ 0.130644] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti <[email protected]>
[ 0.130967] PTP clock support registered
[ 0.131229] EDAC MC: Ver: 3.0.0
[ 0.131633] Registered efivars operations
[ 0.132487] NetLabel: Initializing
[ 0.132655] NetLabel: domain hash size = 128
[ 0.132869] NetLabel: protocols = UNLABELED CIPSOv4 CALIPSO
[ 0.133137] NetLabel: unlabeled traffic allowed by default
[ 0.133568] clocksource: Switched to clocksource arch_sys_counter
[ 0.139158] VFS: Disk quotas dquot_6.6.0
[ 0.139418] VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes)
[ 0.139749] AppArmor: AppArmor Filesystem Enabled
[ 0.139930] pnp: PnP ACPI init
[ 0.140090] system 00:00: [mem 0x3f000000-0x3fffffff window] could not be reserved
[ 0.140373] pnp: PnP ACPI: found 1 devices
[ 0.143916] NET: Registered PF_INET protocol family
[ 0.144204] IP idents hash table entries: 65536 (order: 7, 524288 bytes, linear)
[ 0.145081] tcp_listen_portaddr_hash hash table entries: 2048 (order: 3, 32768 bytes, linear)
[ 0.145440] TCP established hash table entries: 32768 (order: 6, 262144 bytes, linear)
[ 0.145910] TCP bind hash table entries: 32768 (order: 7, 524288 bytes, linear)
[ 0.146185] TCP: Hash tables configured (established 32768 bind 32768)
[ 0.146487] MPTCP token hash table entries: 4096 (order: 4, 98304 bytes, linear)
[ 0.146768] UDP hash table entries: 2048 (order: 4, 65536 bytes, linear)
[ 0.147021] UDP-Lite hash table entries: 2048 (order: 4, 65536 bytes, linear)
[ 0.147290] NET: Registered PF_UNIX/PF_LOCAL protocol family
[ 0.147494] NET: Registered PF_XDP protocol family
[ 0.147681] pci 0000:00:03.0: enabling device (0000 -> 0002)
[ 0.147980] PCI: CLS 0 bytes, default 64
[ 0.148210] Trying to unpack rootfs image as initramfs...
[ 0.153841] kvm [1]: HYP mode not available
[ 0.154103] Initialise system trusted keyrings
[ 0.154277] Key type blacklist registered
[ 0.154507] workingset: timestamp_bits=40 max_order=20 bucket_order=0
[ 0.155243] zbud: loaded
[ 0.155460] squashfs: version 4.0 (2009/01/31) Phillip Lougher
[ 0.155908] fuse: init (API version 7.34)
[ 0.156203] integrity: Platform Keyring initialized
[ 0.165949] Key type asymmetric registered
[ 0.166117] Asymmetric key parser 'x509' registered
[ 0.166316] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 242)
[ 0.166666] io scheduler mq-deadline registered
[ 0.167256] shpchp: Standard Hot Plug PCI Controller Driver version: 0.4
[ 0.167883] input: Power Button as /devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0C:00/input/input0
[ 0.168427] ACPI: button: Power Button [PWRB]
[ 0.169926] ACPI: \_SB_.PCI0.GSI1: Enabled at IRQ 36
[ 0.170129] virtio-pci 0000:00:01.0: enabling device (0005 -> 0007)
[ 0.170691] ACPI: \_SB_.PCI0.GSI2: Enabled at IRQ 37
[ 0.170885] virtio-pci 0000:00:02.0: enabling device (0005 -> 0007)
[ 0.171338] ACPI: \_SB_.PCI0.GSI0: Enabled at IRQ 35
[ 0.171531] virtio-pci 0000:00:04.0: enabling device (0005 -> 0007)
[ 0.172069] virtio-pci 0000:00:05.0: enabling device (0005 -> 0007)
[ 0.172671] Serial: 8250/16550 driver, 32 ports, IRQ sharing enabled
[ 0.174920] msm_serial: driver initialized
[ 0.176506] loop: module loaded
[ 0.176699] SPI driver altr_a10sr has no spi_device_id for altr,a10sr
[ 0.177235] tun: Universal TUN/TAP device driver, 1.6
[ 0.177603] PPP generic driver version 2.4.2
[ 0.177912] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[ 0.178202] ehci-pci: EHCI PCI platform driver
[ 0.178375] ehci-orion: EHCI orion driver
[ 0.178534] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
[ 0.178771] ohci-pci: OHCI PCI platform driver
[ 0.178942] uhci_hcd: USB Universal Host Controller Interface driver
[ 0.179292] mousedev: PS/2 mouse device common for all mice
[ 0.179853] rtc-efi rtc-efi.0: registered as rtc0
[ 0.180264] rtc-efi rtc-efi.0: setting system clock to 2022-07-21T09:35:48 UTC (1658396148)
[ 0.180781] i2c_dev: i2c /dev entries driver
[ 0.181104] device-mapper: core: CONFIG_IMA_DISABLE_HTABLE is disabled. Duplicate IMA measurements will not be recorded in the IMA log.
[ 0.181927] device-mapper: uevent: version 1.0.3
[ 0.182160] device-mapper: ioctl: 4.45.0-ioctl (2021-03-22) initialised: [email protected]
[ 0.182745] ledtrig-cpu: registered to indicate activity on CPUs
[ 0.183099] drop_monitor: Initializing network drop monitor service
[ 0.183424] NET: Registered PF_INET6 protocol family
[ 0.263260] Freeing initrd memory: 30032K
[ 0.268846] Segment Routing with IPv6
[ 0.269207] In-situ OAM (IOAM) with IPv6
[ 0.269474] NET: Registered PF_PACKET protocol family
[ 0.269928] Key type dns_resolver registered
[ 0.270203] registered taskstats version 1
[ 0.270484] Loading compiled-in X.509 certificates
[ 0.271194] Loaded X.509 cert 'Build time autogenerated kernel key: 36ae7a811d1c8811658ff9b094e2119b6d894072'
[ 0.271880] Loaded X.509 cert 'Canonical Ltd. Live Patch Signing: 14df34d1a87cf37625abec039ef2bf521249b969'
[ 0.272555] Loaded X.509 cert 'Canonical Ltd. Kernel Module Signing: 88f752e560a1e0737e31163a466ad7b70a850c19'
[ 0.272909] blacklist: Loading compiled-in revocation X.509 certificates
[ 0.273154] Loaded X.509 cert 'Canonical Ltd. Secure Boot Signing: 61482aa2830d0ab2ad5af10b7250da9033ddcef0'
[ 0.273722] zswap: loaded using pool lzo/zbud
[ 0.274195] Key type ._fscrypt registered
[ 0.274361] Key type .fscrypt registered
[ 0.274500] Key type fscrypt-provisioning registered
[ 0.285166] cryptd: max_cpu_qlen set to 1000
[ 0.295535] Key type encrypted registered
[ 0.295692] AppArmor: AppArmor sha1 policy hashing enabled
[ 0.296070] integrity: Loading X.509 certificate: UEFI:MokListRT (MOKvar table)
[ 0.296848] integrity: Loaded X.509 cert 'Canonical Ltd. Master Certificate Authority: ad91990bc22ab1f517048c23b6655a268e345a63'
[ 0.297707] ima: No TPM chip found, activating TPM-bypass!
[ 0.297932] Loading compiled-in module X.509 certificates
[ 0.298507] Loaded X.509 cert 'Build time autogenerated kernel key: 36ae7a811d1c8811658ff9b094e2119b6d894072'
[ 0.298859] ima: Allocated hash algorithm: sha1
[ 0.299025] ima: No architecture policies found
[ 0.299191] evm: Initialising EVM extended attributes:
[ 0.299373] evm: security.selinux
[ 0.299491] evm: security.SMACK64
[ 0.299609] evm: security.SMACK64EXEC
[ 0.299738] evm: security.SMACK64TRANSMUTE
[ 0.299884] evm: security.SMACK64MMAP
[ 0.300014] evm: security.apparmor
[ 0.300134] evm: security.ima
[ 0.300239] evm: security.capability
[ 0.300366] evm: HMAC attrs: 0x1
[ 0.301975] Freeing unused kernel memory: 9600K
[ 0.343042] Checked W+X mappings: passed, no W+X pages found
[ 0.343306] Run /init as init process
[ 0.390620] ACPI: \_SB_.PCI0.GSI3: Enabled at IRQ 38
[ 0.391021] xhci_hcd 0000:00:03.0: xHCI Host Controller
[ 0.391351] xhci_hcd 0000:00:03.0: new USB bus registered, assigned bus number 1
[ 0.392049] xhci_hcd 0000:00:03.0: hcc params 0x00087001 hci version 0x100 quirks 0x0000000000000010
[ 0.393127] usb usb1: New USB device found, idVendor=1d6b, idProduct=0002, bcdDevice= 5.15
[ 0.393812] usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1
[ 0.394165] usb usb1: Product: xHCI Host Controller
[ 0.394346] usb usb1: Manufacturer: Linux 5.15.0-41-generic xhci-hcd
[ 0.394579] usb usb1: SerialNumber: 0000:00:03.0
[ 0.394848] hub 1-0:1.0: USB hub found
[ 0.395076] hub 1-0:1.0: 4 ports detected
[ 0.395566] xhci_hcd 0000:00:03.0: xHCI Host Controller
[ 0.395884] xhci_hcd 0000:00:03.0: new USB bus registered, assigned bus number 2
[ 0.396487] xhci_hcd 0000:00:03.0: Host supports USB 3.0 SuperSpeed
[ 0.396956] usb usb2: We don't know the algorithms for LPM for this host, disabling LPM.
[ 0.398049] usb usb2: New USB device found, idVendor=1d6b, idProduct=0003, bcdDevice= 5.15
[ 0.398779] usb usb2: New USB device strings: Mfr=3, Product=2, SerialNumber=1
[ 0.399183] usb usb2: Product: xHCI Host Controller
[ 0.399370] usb usb2: Manufacturer: Linux 5.15.0-41-generic xhci-hcd
[ 0.399694] usb usb2: SerialNumber: 0000:00:03.0
[ 0.400081] hub 2-0:1.0: USB hub found
[ 0.400354] hub 2-0:1.0: 4 ports detected
[ 0.402630] virtio_blk virtio2: [vda] 209715200 512-byte logical blocks (107 GB/100 GiB)
[ 0.406434] GPT:Primary header thinks Alt. header is not at the end of the disk.
[ 0.406792] GPT:4612095 != 209715199
[ 0.406974] GPT:Alternate GPT header not at the end of the disk.
[ 0.407234] GPT:4612095 != 209715199
[ 0.407407] GPT: Use GNU Parted to correct GPT errors.
[ 0.407652] vda: vda1 vda15
[ 0.410719] virtio_net virtio0 enp0s1: renamed from eth0
[ 0.412183] virtio_blk virtio3: [vdb] 371120 512-byte logical blocks (190 MB/181 MiB)
[ 0.741801] usb 1-1: new high-speed USB device number 2 using xhci_hcd
[ 0.901863] usb 1-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[ 0.903474] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=11
[ 0.904272] usb 1-1: Product: QEMU USB Keyboard
[ 0.904761] usb 1-1: Manufacturer: QEMU
[ 0.905178] usb 1-1: SerialNumber: 68284-0000:00:03.0-1
[ 0.913492] hid: raw HID events driver (C) Jiri Kosina
[ 0.918839] usbcore: registered new interface driver usbhid
[ 0.919528] usbhid: USB HID core driver
[ 0.922543] input: QEMU QEMU USB Keyboard as /devices/pci0000:00/0000:00:03.0/usb1/1-1/1-1:1.0/0003:0627:0001.0001/input/input1
[ 0.985478] hid-generic 0003:0627:0001.0001: input,hidraw0: USB HID v1.11 Keyboard [QEMU QEMU USB Keyboard] on usb-0000:00:03.0-1/input0
[ 1.038259] usb 1-2: new high-speed USB device number 3 using xhci_hcd
[ 1.195448] usb 1-2: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[ 1.196754] usb 1-2: New USB device strings: Mfr=1, Product=2, SerialNumber=9
[ 1.197951] usb 1-2: Product: QEMU USB Mouse
[ 1.198348] usb 1-2: Manufacturer: QEMU
[ 1.198691] usb 1-2: SerialNumber: 89126-0000:00:03.0-2
[ 1.201699] input: QEMU QEMU USB Mouse as /devices/pci0000:00/0000:00:03.0/usb1/1-2/1-2:1.0/0003:0627:0001.0002/input/input2
[ 1.202702] hid-generic 0003:0627:0001.0002: input,hidraw1: USB HID v0.01 Mouse [QEMU QEMU USB Mouse] on usb-0000:00:03.0-2/input0
[ 1.694359] raid6: neonx8 gen() 32624 MB/s
[ 1.762310] raid6: neonx8 xor() 27252 MB/s
[ 1.830326] raid6: neonx4 gen() 36332 MB/s
[ 1.898332] raid6: neonx4 xor() 29292 MB/s
[ 1.966315] raid6: neonx2 gen() 37067 MB/s
[ 2.034333] raid6: neonx2 xor() 29339 MB/s
[ 2.102314] raid6: neonx1 gen() 33948 MB/s
[ 2.170342] raid6: neonx1 xor() 22829 MB/s
[ 2.238335] raid6: int64x8 gen() 14553 MB/s
[ 2.306330] raid6: int64x8 xor() 7714 MB/s
[ 2.374320] raid6: int64x4 gen() 13094 MB/s
[ 2.442325] raid6: int64x4 xor() 7023 MB/s
[ 2.510350] raid6: int64x2 gen() 11747 MB/s
[ 2.578333] raid6: int64x2 xor() 6274 MB/s
[ 2.646347] raid6: int64x1 gen() 10283 MB/s
[ 2.714354] raid6: int64x1 xor() 5377 MB/s
[ 2.714531] raid6: using algorithm neonx2 gen() 37067 MB/s
[ 2.714726] raid6: .... xor() 29339 MB/s, rmw enabled
[ 2.714924] raid6: using neon recovery algorithm
[ 2.716398] xor: measuring software checksum speed
[ 2.717055] 8regs : 33912 MB/sec
[ 2.717784] 32regs : 29279 MB/sec
[ 2.718119] arm64_neon : 56013 MB/sec
[ 2.718294] xor: using function: arm64_neon (56013 MB/sec)
[ 2.719067] async_tx: api initialized (async)
[ 2.762662] Btrfs loaded, crc32c=crc32c-generic, zoned=yes, fsverity=yes
[ 2.783535] EXT4-fs (vda1): mounted filesystem with ordered data mode. Opts: (null). Quota mode: none.
[ 2.904493] systemd[1]: Inserted module 'autofs4'
[ 2.910546] random: crng init done
[ 2.918839] systemd[1]: systemd 249.11-0ubuntu3.4 running in system mode (+PAM +AUDIT +SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT +GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP -LIBFDISK +PCRE2 -PWQUALITY -P11KIT -QRENCODE +BZIP2 +LZ4 +XZ +ZLIB +ZSTD -XKBCOMMON +UTMP +SYSVINIT default-hierarchy=unified)
[ 2.919976] systemd[1]: Detected virtualization qemu.
[ 2.920159] systemd[1]: Detected architecture arm64.
[ 2.920909] systemd[1]: Hostname set to <ubuntu>.
[ 2.922150] systemd[1]: Initializing machine ID from random generator.
[ 2.922429] systemd[1]: Installed transient /etc/machine-id file.
[ 3.041449] systemd[1]: Queued start job for default target Graphical Interface.
[ 3.042251] systemd[1]: Created slice Slice /system/modprobe.
[ 3.042604] systemd[1]: Created slice Slice /system/serial-getty.
[ 3.042966] systemd[1]: Created slice Slice /system/systemd-fsck.
[ 3.043259] systemd[1]: Created slice User and Session Slice.
[ 3.043502] systemd[1]: Started Forward Password Requests to Wall Directory Watch.
[ 3.043863] systemd[1]: Set up automount Arbitrary Executable File Formats File System Automount Point.
[ 3.044247] systemd[1]: Reached target Slice Units.
[ 3.044439] systemd[1]: Reached target Swaps.
[ 3.044614] systemd[1]: Reached target Local Verity Protected Volumes.
[ 3.044889] systemd[1]: Listening on Device-mapper event daemon FIFOs.
[ 3.045169] systemd[1]: Listening on LVM2 poll daemon socket.
[ 3.045418] systemd[1]: Listening on multipathd control socket.
[ 3.045701] systemd[1]: Listening on Syslog Socket.
[ 3.045915] systemd[1]: Listening on fsck to fsckd communication Socket.
[ 3.046180] systemd[1]: Listening on initctl Compatibility Named Pipe.
[ 3.046492] systemd[1]: Listening on Journal Audit Socket.
[ 3.046730] systemd[1]: Listening on Journal Socket (/dev/log).
[ 3.046991] systemd[1]: Listening on Journal Socket.
[ 3.047298] systemd[1]: Listening on Network Service Netlink Socket.
[ 3.047591] systemd[1]: Listening on udev Control Socket.
[ 3.047835] systemd[1]: Listening on udev Kernel Socket.
[ 3.048327] systemd[1]: Mounting Huge Pages File System...
[ 3.048827] systemd[1]: Mounting POSIX Message Queue File System...
[ 3.049675] systemd[1]: Mounting Kernel Debug File System...
[ 3.050289] systemd[1]: Mounting Kernel Trace File System...
[ 3.051226] systemd[1]: Starting Journal Service...
[ 3.052127] systemd[1]: Starting Set the console keyboard layout...
[ 3.053495] systemd[1]: Starting Create List of Static Device Nodes...
[ 3.054604] systemd[1]: Starting Monitoring of LVM2 mirrors, snapshots etc. using dmeventd or progress polling...
[ 3.055396] systemd[1]: Condition check resulted in LXD - agent being skipped.
[ 3.056228] systemd[1]: Starting Load Kernel Module chromeos_pstore...
[ 3.057020] systemd[1]: Starting Load Kernel Module configfs...
[ 3.058727] systemd[1]: Starting Load Kernel Module drm...
[ 3.059558] systemd[1]: Starting Load Kernel Module efi_pstore...
[ 3.060284] systemd[1]: Starting Load Kernel Module fuse...
[ 3.061030] systemd[1]: Starting Load Kernel Module mtdpstore...
[ 3.062206] systemd[1]: Starting Load Kernel Module pstore_blk...
[ 3.063283] systemd[1]: Starting Load Kernel Module pstore_zone...
[ 3.063933] systemd[1]: Starting Load Kernel Module ramoops...
[ 3.064199] systemd[1]: Condition check resulted in OpenVSwitch configuration for cleanup being skipped.
[ 3.066802] systemd[1]: Starting File System Check on Root Device...
[ 3.068290] pstore: Using crash dump compression: deflate
[ 3.068508] pstore: Registered efi as persistent store backend
[ 3.069231] systemd[1]: Starting Load Kernel Modules...
[ 3.069886] systemd[1]: Starting Coldplug All udev Devices...
[ 3.070991] systemd[1]: Started Journal Service.
[ 3.078568] IPMI message handler: version 39.2
[ 3.086450] ipmi device interface
[ 3.095464] EXT4-fs (vda1): re-mounted. Opts: discard,errors=remount-ro. Quota mode: none.
Ubuntu 22.04 LTS lima-default ttyAMA0
lima-default login:
There might be more details in the sshd log, why it is rejecting the key. You can also run ssh with some more -v options.
This is the error which I keep getting. Initially I thought it might be coz the ssh key has a passphrase but even after I removed it the issue persists.
{"level":"debug","msg":"Creating iso file /Users/shadow/.lima/default/cidata.iso","time":"2022-08-04T14:18:19+05:30"}
{"level":"debug","msg":"Using /var/folders/8c/0cmpb48d4klb3v93jbcsn00h0000gp/T/diskfs_iso840991425 as workspace","time":"2022-08-04T14:18:19+05:30"}
{"level":"debug","msg":"firmware candidates = [/Users/shadow/.local/share/qemu/edk2-aarch64-code.fd /opt/homebrew/share/qemu/edk2-aarch64-code.fd /usr/share/AAVMF/AAVMF_CODE.fd /usr/share/qemu-efi-aarch64/QEMU_EFI.fd]","time":"2022-08-04T14:18:20+05:30"}
{"level":"debug","msg":"OpenSSH version 8.6.1 detected","time":"2022-08-04T14:18:20+05:30"}
{"level":"debug","msg":"AES accelerator seems available, prioritizing [email protected] and [email protected]","time":"2022-08-04T14:18:20+05:30"}
{"level":"info","msg":"Starting QEMU (hint: to watch the boot progress, see \"/Users/shadow/.lima/default/serial.log\")","time":"2022-08-04T14:18:20+05:30"}
{"level":"debug","msg":"Start udp server listening on: 127.0.0.1:53381","time":"2022-08-04T14:18:20+05:30"}
{"level":"debug","msg":"qCmd.Args: [/opt/homebrew/bin/qemu-system-aarch64 -m 4096 -cpu host -machine virt,accel=hvf -smp 4,sockets=1,cores=4,threads=1 -drive if=pflash,format=raw,readonly=on,file=/opt/homebrew/share/qemu/edk2-aarch64-code.fd -boot order=c,splash-time=0,menu=on -drive file=/Users/shadow/.lima/default/diffdisk,if=virtio -cdrom /Users/shadow/.lima/default/cidata.iso -netdev user,id=net0,net=192.168.5.0/24,dhcpstart=192.168.5.15,hostfwd=tcp:127.0.0.1:60022-:22 -device virtio-net-pci,netdev=net0,mac=xx:xx:xx:xx:xx:xx -device virtio-rng-pci -display none -vga none -device ramfb -device qemu-xhci,id=usb-bus -device usb-kbd,bus=usb-bus.0 -device usb-mouse,bus=usb-bus.0 -parallel none -chardev socket,id=char-serial,path=/Users/shadow/.lima/default/serial.sock,server=on,wait=off,logfile=/Users/shadow/.lima/default/serial.log -serial chardev:char-serial -chardev socket,id=char-qmp,path=/Users/shadow/.lima/default/qmp.sock,server=on,wait=off -qmp chardev:char-qmp -name lima-default -pidfile /Users/shadow/.lima/default/qemu.pid]","time":"2022-08-04T14:18:20+05:30"}
{"level":"debug","msg":"Start tcp server listening on: 127.0.0.1:51370","time":"2022-08-04T14:18:20+05:30"}
{"level":"info","msg":"Waiting for the essential requirement 1 of 5: \"ssh\"","time":"2022-08-04T14:18:20+05:30"}
{"level":"debug","msg":"executing script \"ssh\"","time":"2022-08-04T14:18:20+05:30"}
{"level":"debug","msg":"executing ssh for script \"ssh\": /usr/bin/ssh [ssh -F /dev/null -o IdentityFile=\"/Users/shadow/.lima/_config/user\" -o IdentityFile=\"/Users/shadow/.ssh/id_rsa\" -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o NoHostAuthenticationForLocalhost=yes -o GSSAPIAuthentication=no -o PreferredAuthentications=publickey -o Compression=no -o BatchMode=yes -o IdentitiesOnly=yes -o Ciphers=\"^[email protected],[email protected]\" -o User=shadow -o ControlMaster=auto -o ControlPath=\"/Users/shadow/.lima/default/ssh.sock\" -o ControlPersist=5m -p 60022 127.0.0.1 -- /bin/bash]","time":"2022-08-04T14:18:20+05:30"}
{"level":"debug","msg":"stdout=\"\", stderr=\"kex_exchange_identification: read: Connection reset by peer\\r\\nConnection reset by 127.0.0.1 port 60022\\r\\n\", err=failed to execute script \"ssh\": stdout=\"\", stderr=\"kex_exchange_identification: read: Connection reset by peer\\r\\nConnection reset by 127.0.0.1 port 60022\\r\\n\": exit status 255","time":"2022-08-04T14:18:28+05:30"}
{"level":"debug","msg":"handleQuery received DNS query: ;; opcode: QUERY, status: NOERROR, id: 6196\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags: ; udp: 1472\n\n;; QUESTION SECTION:\n;api.snapcraft.io.\tIN\t AAAA\n","time":"2022-08-04T14:18:32+05:30"}
{"level":"debug","msg":"handleQuery received DNS query: ;; opcode: QUERY, status: NOERROR, id: 18018\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0\n\n;; QUESTION SECTION:\n;api.snapcraft.io.\tIN\t AAAA\n","time":"2022-08-04T14:18:32+05:30"}
{"level":"info","msg":"Waiting for the essential requirement 1 of 5: \"ssh\"","time":"2022-08-04T14:18:38+05:30"}
{"level":"debug","msg":"executing script \"ssh\"","time":"2022-08-04T14:18:38+05:30"}
{"level":"debug","msg":"executing ssh for script \"ssh\": /usr/bin/ssh [ssh -F /dev/null -o IdentityFile=\"/Users/shadow/.lima/_config/user\" -o IdentityFile=\"/Users/shadow/.ssh/id_rsa\" -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o NoHostAuthenticationForLocalhost=yes -o GSSAPIAuthentication=no -o PreferredAuthentications=publickey -o Compression=no -o BatchMode=yes -o IdentitiesOnly=yes -o Ciphers=\"^[email protected],[email protected]\" -o User=shadow -o ControlMaster=auto -o ControlPath=\"/Users/shadow/.lima/default/ssh.sock\" -o ControlPersist=5m -p 60022 127.0.0.1 -- /bin/bash]","time":"2022-08-04T14:18:38+05:30"}
{"level":"debug","msg":"stdout=\"\", stderr=\"[email protected]: Permission denied (publickey).\\r\\n\", err=failed to execute script \"ssh\": stdout=\"\", stderr=\"[email protected]: Permission denied (publickey).\\r\\n\": exit status 255","time":"2022-08-04T14:18:38+05:30"}
{"level":"info","msg":"Waiting for the essential requirement 1 of 5: \"ssh\"","time":"2022-08-04T14:18:48+05:30"}
{"level":"debug","msg":"executing script \"ssh\"","time":"2022-08-04T14:18:48+05:30"}
{"level":"debug","msg":"executing ssh for script \"ssh\": /usr/bin/ssh [ssh -F /dev/null -o IdentityFile=\"/Users/shadow/.lima/_config/user\" -o IdentityFile=\"/Users/shadow/.ssh/id_rsa\" -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o NoHostAuthenticationForLocalhost=yes -o GSSAPIAuthentication=no -o PreferredAuthentications=publickey -o Compression=no -o BatchMode=yes -o IdentitiesOnly=yes -o Ciphers=\"^[email protected],[email protected]\" -o User=shadow -o ControlMaster=auto -o ControlPath=\"/Users/shadow/.lima/default/ssh.sock\" -o ControlPersist=5m -p 60022 127.0.0.1 -- /bin/bash]","time":"2022-08-04T14:18:48+05:30"}
{"level":"debug","msg":"stdout=\"\", stderr=\"[email protected]: Permission denied (publickey).\\r\\n\", err=failed to execute script \"ssh\": stdout=\"\", stderr=\"[email protected]: Permission denied (publickey).\\r\\n\": exit status 255","time":"2022-08-04T14:18:48+05:30"}
{"level":"info","msg":"Waiting for the essential requirement 1 of 5: \"ssh\"","time":"2022-08-04T14:18:58+05:30"}
{"level":"debug","msg":"executing script \"ssh\"","time":"2022-08-04T14:18:58+05:30"}
{"level":"debug","msg":"executing ssh for script \"ssh\": /usr/bin/ssh [ssh -F /dev/null -o IdentityFile=\"/Users/shadow/.lima/_config/user\" -o IdentityFile=\"/Users/shadow/.ssh/id_rsa\" -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o NoHostAuthenticationForLocalhost=yes -o GSSAPIAuthentication=no -o PreferredAuthentications=publickey -o Compression=no -o BatchMode=yes -o IdentitiesOnly=yes -o Ciphers=\"^[email protected],[email protected]\" -o User=shadow -o ControlMaster=auto -o ControlPath=\"/Users/shadow/.lima/default/ssh.sock\" -o ControlPersist=5m -p 60022 127.0.0.1 -- /bin/bash]","time":"2022-08-04T14:18:58+05:30"}
{"level":"debug","msg":"stdout=\"\", stderr=\"[email protected]: Permission denied (publickey).\\r\\n\", err=failed to execute script \"ssh\": stdout=\"\", stderr=\"[email protected]: Permission denied (publickey).\\r\\n\": exit status 255","time":"2022-08-04T14:18:58+05:30"}
{"level":"debug","msg":"handleQuery received DNS query: ;; opcode: QUERY, status: NOERROR, id: 8964\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0\n\n;; QUESTION SECTION:\n;ntp.ubuntu.com.\tIN\t A\n","time":"2022-08-04T14:19:00+05:30"}
{"level":"debug","msg":"handleQuery received DNS query: ;; opcode: QUERY, status: NOERROR, id: 12952\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0\n\n;; QUESTION SECTION:\n;ntp.ubuntu.com.\tIN\t AAAA\n","time":"2022-08-04T14:19:00+05:30"}
{"level":"info","msg":"Waiting for the essential requirement 1 of 5: \"ssh\"","time":"2022-08-04T14:19:08+05:30"}
{"level":"debug","msg":"executing script \"ssh\"","time":"2022-08-04T14:19:08+05:30"}
{"level":"debug","msg":"executing ssh for script \"ssh\": /usr/bin/ssh [ssh -F /dev/null -o IdentityFile=\"/Users/shadow/.lima/_config/user\" -o IdentityFile=\"/Users/shadow/.ssh/id_rsa\" -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o NoHostAuthenticationForLocalhost=yes -o GSSAPIAuthentication=no -o PreferredAuthentications=publickey -o Compression=no -o BatchMode=yes -o IdentitiesOnly=yes -o Ciphers=\"^[email protected],[email protected]\" -o User=shadow -o ControlMaster=auto -o ControlPath=\"/Users/shadow/.lima/default/ssh.sock\" -o ControlPersist=5m -p 60022 127.0.0.1 -- /bin/bash]","time":"2022-08-04T14:19:08+05:30"}
{"level":"debug","msg":"stdout=\"\", stderr=\"[email protected]: Permission denied (publickey).\\r\\n\", err=failed to execute script \"ssh\": stdout=\"\", stderr=\"[email protected]: Permission denied (publickey).\\r\\n\": exit status 255","time":"2022-08-04T14:19:09+05:30"}
Any update?? Also, fedora works fine; the issue is only with ubuntu and a few others. I haven't tested all.
Same issue here, problem with permissions for public key. Colima version: 0.6.7 Lima version: 0.19.1 macOS: Sonoma 14.2.1 Processor: M1, 2020
Cleaning ~/.colima and ~/.lima directories did not help.
There should be some logs in systemctl status ssh
The pubkey itself should be in ~/.ssh/authorized_keys
There should be some logs in
systemctl status ssh
I assume this should be done inside VM. How can I get in to run this?
The pubkey itself should be in ~/.ssh/authorized_keys
On host or in VM?
Both the logs and the ssh files are in the VM*, since ssh seems to be broken you probably have to use the console.
* The host/client uses ~/.lima/_config/user.pub or something similar (under $LIMA_HOME) for storing the public key
Hmm, authenticating might be an issue. I think the boot will dump you at a login prompt on the console.
So not sure you will be able to get at the logs by using the serial.sock, probably needs a single-user boot.
@afbjorklund here's the line from ha.stderr.log:
{"level":"debug","msg":"executing ssh for script \"ssh\": /usr/bin/ssh [ssh -F /dev/null -o IdentityFile=\"/Users/admin/.lima/_config/user\" -o IdentityFile=\"/Users/admin/.ssh/id_rsa\" -o IdentityFile=\"/Users/admin/.ssh/iron-proxy\" -o IdentityFile=\"/Users/admin/.ssh/its-admins\" -o IdentityFile=\"/Users/admin/.ssh/its-shared\" -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o NoHostAuthenticationForLocalhost=yes -o GSSAPIAuthentication=no -o PreferredAuthentications=publickey -o Compression=no -o BatchMode=yes -o IdentitiesOnly=yes -o Ciphers=\"^[email protected],[email protected]\" -o User=admin -o ControlMaster=auto -o ControlPath=\"/Users/admin/.lima/default/ssh.sock\" -o ControlPersist=yes -p 60022 127.0.0.1 -- /bin/bash]","time":"2024-01-06T15:28:04+03:00"}
As you can see, it lists identities both from lima config and from my local ~/.ssh folder.
All these have -rw------- permission as per security recommendations.
You can disable the adding of your regular keys. It is probably going to be the default soon.
ssh:
# Load ~/.ssh/*.pub in addition to $LIMA_HOME/_config/user.pub .
# This option is useful when you want to use other SSH-based
# applications such as rsync with the Lima instance.
# If you have an insecure key under ~/.ssh, do not use this option.
# 🟢 Builtin default: true
loadDotSSHPubKeys: null
The comment (about usefulness) is mostly obsolete, now that there is -F .../ssh.config
The curious part is what happens on the server, if there is anything in serial.log or sshd log...
Booting single user is "hard", probably should be documented under the internal/developers
Currently you have to set up some special files, and then qemu will pick those up during boot.
kernel:
kernel: the kernelkernel.cmdline: the kernel cmdline (<--- this is wheresinglegoes)initrd: the initrd
Not something that you would normally have to resort to, but only for debugging/resolving this.
anders@lima-default:/home/anders$ sudo cp /boot/vmlinuz /tmp/lima/kernel
anders@lima-default:/home/anders$ sudo cp /boot/initrd.img /tmp/lima/initrd
anders@lima-default:/home/anders$ cat /proc/cmdline > /tmp/lima/kernel.cmdline
socat - unix-connect:$HOME/.lima/default/serial.sock
You are in rescue mode. After logging in, type "journalctl -xb" to view
system logs, "systemctl reboot" to reboot, "systemctl default" or "exit"
to boot into default mode.
Press Enter for maintenance
(or press Control-D to continue):
root@lima-default:~#
I'll be glad to debug and help. But regarding to (co)lima I'm just a user who wants his images to run. If there's somewhat meaningful description exists then I'll try to follow it.
Please note that I'm using macOS on M1.
That is OK, and not expected.
Do you get the regular output from cloud-init (in serial.log), where it prints out the authorized keys and the host keys?
ci-info: +++++++++++++++++++++++++++++++Authorized keys from /home/anders.linux/.ssh/authorized_keys for user anders++++++++++++++++++++++++++++++++
ci-info: +-------------+-------------------------------------------------------------------------------------------------+---------+---------------+
ci-info: | Keytype | Fingerprint (sha256) | Options | Comment |
ci-info: +-------------+-------------------------------------------------------------------------------------------------+---------+---------------+
ci-info: | ssh-ed25519 | 62:49:b4:0b:2d:da:9f:7d:e3:1d:3c:15:99:59:d0:e2:b5:52:73:fd:4c:6b:ab:81:3b:67:50:87:9c:4c:03:c3 | - | anders@ubuntu |
ci-info: +-------------+-------------------------------------------------------------------------------------------------+---------+---------------+
<14>Jan 6 14:01:05 cloud-init: #############################################################
<14>Jan 6 14:01:05 cloud-init: -----BEGIN SSH HOST KEY FINGERPRINTS-----
<14>Jan 6 14:01:05 cloud-init: 1024 SHA256:R/VZpJMEFwQZHg2dNEOJkOBlv6uOE2x9tb+vKDkirls root@lima-default (DSA)
<14>Jan 6 14:01:05 cloud-init: 256 SHA256:juQhkjN2pthhgRyuMsElojI4sq86nQS11kITO8moJ60 root@lima-default (ECDSA)
<14>Jan 6 14:01:05 cloud-init: 256 SHA256:o/FiOTjLAZRFaaEZoxPpSOtiZczvf3gz28H4uHLlOQ8 root@lima-default (ED25519)
<14>Jan 6 14:01:05 cloud-init: 3072 SHA256:luqbyEmRnph59hSu7yR66pfS47DRY58vmh7NbFHT5Mo root@lima-default (RSA)
<14>Jan 6 14:01:05 cloud-init: -----END SSH HOST KEY FINGERPRINTS-----
<14>Jan 6 14:01:05 cloud-init: #############################################################
(they all start with ci-info)
There should also be the regular systemd output for the service itself.
Starting ssh.service - OpenBSD Secure Shell server...
[ OK ] Started ssh.service - OpenBSD Secure Shell server.
But we can't really see the login happening from the "outside".
It requires something like journalctl -u ssh, to see the sshd logs.
Here's something suspicious I see in serialp.log:
lima-default login: [ 26.388197] cloud-init[2359]: + '[' '!' -f /usr/local/bin/nerdctl ']'
[ 26.389247] cloud-init[2359]: + '[' -f /usr/local/bin/nerdctl ']'
[ 26.389426] cloud-init[2359]: + tar Cxzf /usr/local /mnt/lima-cidata/nerdctl-full.tgz
[ 29.428937] cloud-init[2359]: + mkdir -p /etc/bash_completion.d
[ 29.452918] cloud-init[2359]: + nerdctl completion bash
[ 29.473242] cloud-init[2359]: + rm -rf /tmp/tmp.yhotkxLurZ
[ 29.475320] cloud-init[2359]: + : default
[ 29.475371] cloud-init[2359]: + : overlayfs
[ 29.475414] cloud-init[2359]: + '[' '' = 1 ']'
[ 29.475598] cloud-init[2359]: + '[' 1 = 1 ']'
[ 29.475955] cloud-init[2359]: + '[' '!' -e /home/admin.linux/.config/containerd/config.toml ']'
[ 29.476442] cloud-init[2359]: + mkdir -p /home/admin.linux/.config/containerd
[ 29.478436] cloud-init[2359]: + cat
[ 29.480865] cloud-init[2359]: + chown -R admin /home/admin.linux/.config
[ 29.482122] cloud-init[2359]: chown: invalid user: ‘admin’
[ 29.483055] cloud-init[2359]: LIMA| WARNING: Failed to execute /mnt/lima-cidata/boot/40-install-containerd.sh
[ 29.484671] cloud-init[2359]: LIMA| Exiting with code 1
[ 29.485475] cloud-init[2359]: 2024-01-06 12:27:55,630 - cc_scripts_per_boot.py[WARNING]: Failed to run module scripts_per_boot (per-boot in /var/lib/cloud/scripts/per-boot)
[ 29.487775] cloud-init[2359]: 2024-01-06 12:27:55,631 - util.py[WARNING]: Running module scripts_per_boot (<module 'cloudinit.config.cc_scripts_per_boot' from '/usr/lib/python3/dist-packages/cloudinit/config/cc_scripts_per_boot.py'>) failed
[ 29.491134] cloud-init[2359]: 2024-01-06 12:27:55,636 - util.py[WARNING]: Running module ssh_authkey_fingerprints (<module 'cloudinit.config.cc_ssh_authkey_fingerprints' from '/usr/lib/python3/dist-packages/cloudinit/config/cc_ssh_authkey_fingerprints.py'>) failed
admin is a my user on host machine.
Oh, you can't use the name "admin".
We should probably look for some names...
Like "bobby tables": https://xkcd.com/327/
Or for the error from cloud-init, where it tries to add an existing groupname (this one is reserved by the Ubuntu OS)
By default each new user will create a group with the same name, so it can't use any of the existing groups (or users)
The same reason for the original: "shadow"
shadow:x:42:
admin:x:114:
But there should have been a warning:
[WARNING]: Failed to create user admin
Bummer. Looks like it explains everything. Yes, there is such warning in logs.
@afbjorklund case is closed for me, thanks a lot.
I've created another user, su'd to it and lima starts successfully.
For the history, here's my solution to a problem:
Create new user on behalf of whom '[co]lima` will work:
# Create new user and put its home dir under /var
sudo sysadminctl -addUser lima -fullName "Lima Colima" -password procedure -admin
# Hide user's home
dscl . create /Users/lima IsHidden 1
# Create alternative user's home under /var
sudo dscl . -create /Users/lima NFSHomeDirectory /var/lima
mv /Users/lima /var/lima
From this point it's possible to run [co]lima after su-ing to lima user.
Alternatively, create new docker context and point it to /var/lima/.colima/docker.sock (adjusting this file permissions, of course).
In the future it should be possible to choose a different name.
- https://github.com/lima-vm/lima/issues/1015