- VMware Technology Network
- :
- Cloud & SDDC
- :
- vCenter
- :
- Converter Standalone Discussions
- :
- P2V Linux secured with privatekey and passphrase
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
I am attempting to P2V a Linux server using the VMWare Standalore Converter v6.
The Linux server is a DMZ server secured with PrivateKey and passphrase. The SSH is listening on port 33001 instead of 22.
Few things to mention about the environment is that,
- the physical linux server is in DMZ subnet 172.16.0.x. with port 33001 opened to it for ssh.
- Converter is ran from a Windows server in a 10.1.106.x subnet using privatekey and passphrase.
- vCenter is on 10.1.109.x subnet.
- VM is being created on the 10.1.105.x subnet
When I stat the P2V, it proceeds with the initial VM creation in VMWare and loads the temp OS. The job fails at 3% with the below error in the log file:
It seems to me that after the helperVM OS is loaded it is trying to access the source server and fails as the HelperVM doesn't have the private key or passphrase.
| converter-gui-7.log |
|---|
2017-03-23T18:23:23.163Z verbose converter-gui[06944] [Originator@6876 sub=ConverterDataProviderImpl] Converter::Client::Gui::Wizard::ConverterDataProviderImpl::PropertyCollectorThread[135] - (vmodl.query.PropertyCollector.UpdateSet) { --> version = "135", --> filterSet = (vmodl.query.PropertyCollector.FilterUpdate) [ --> (vmodl.query.PropertyCollector.FilterUpdate) { --> filter = 'vmodl.query.PropertyCollector.Filter:session[52b34711-17f0-f8c5-32fd-78f92b9fddfa]525198f0-828b-a0b3-718c-010b9b21a975', --> objectSet = (vmodl.query.PropertyCollector.ObjectUpdate) [ --> (vmodl.query.PropertyCollector.ObjectUpdate) { --> kind = "modify", --> obj = 'converter.task.Task:task-8', --> changeSet = (vmodl.query.PropertyCollector.Change) [ --> (vmodl.query.PropertyCollector.Change) { --> name = "event[89]", --> op = "add", --> val = (converter.event.UnixP2VVolumeCloneFailedEvent) { --> key = 89, --> chainId = 79, --> type = "error", --> createdTime = "2017-03-23T18:23:23.116526Z", --> userName = "Administrator", --> fullMessage = "Unable to clone the volume mounted on '/boot' from 'server12.london.comp.local'.", --> job = <unset>, --> hostName = "server12.london.comp.local", --> sourceMountPoint = "/boot", --> reason = (converter.fault.CloneFault) { --> faultCause = (vmodl.MethodFault) null, --> description = "Warning: Permanently added the ECDSA host key for IP address '[172.16.0.66]:33001' to the list of known hosts. --> Permission denied (publickey,gssapi-keyex,gssapi-with-mic). --> /bin/tar_1.28: This does not look like a tar archive --> /bin/tar_1.28: Exiting with failure status due to previous errors --> --> /usr/lib/vmware-converter/bin/ssh -z -F /usr/lib/vmware-converter/ssh.conf john@server12.london.comp.local -i /usr/lib/vmware-converter/helper.pem -p 33001 "sudo tar --one-file-system --sparse -C '/boot' -cf - ." | /bin/tar_1.28 --numeric-owner --delay-directory-restore -C '/mnt/p2v-src-root/boot' -y -xf - --> (return code 2)", --> msg = "An error occurred during the conversion: 'Warning: Permanently added the ECDSA host key for IP address '[172.16.0.66]:33001' to the list of known hosts. --> Permission denied (publickey,gssapi-keyex,gssapi-with-mic). --> /bin/tar_1.28: This does not look like a tar archive --> /bin/tar_1.28: Exiting with failure status due to previous errors --> --> /usr/lib/vmware-converter/bin/ssh -z -F /usr/lib/vmware-converter/ssh.conf john@server12.london.comp.local -i /usr/lib/vmware-converter/helper.pem -p 33001 "sudo tar --one-file-system --sparse -C '/boot' -cf - ." | /bin/tar_1.28 --numeric-owner --delay-directory-restore -C '/mnt/p2v-src-root/boot' -y -xf - --> (return code 2)'" --> } --> } --> } --> ], --> } --> ], --> } --> ], --> truncated = <unset> --> } 2017-03-23T18:23:36.350Z verbose converter-gui[06944] [Originator@6876 sub=ConverterDataProviderImpl] Converter::Client::Gui::Wizard::ConverterDataProviderImpl::PropertyCollectorThread[136] - (vmodl.query.PropertyCollector.UpdateSet) { --> version = "136", --> filterSet = (vmodl.query.PropertyCollector.FilterUpdate) [ --> (vmodl.query.PropertyCollector.FilterUpdate) { --> filter = 'vmodl.query.PropertyCollector.Filter:session[52b34711-17f0-f8c5-32fd-78f92b9fddfa]525198f0-828b-a0b3-718c-010b9b21a975', --> objectSet = (vmodl.query.PropertyCollector.ObjectUpdate) [ --> (vmodl.query.PropertyCollector.ObjectUpdate) { --> kind = "modify", --> obj = 'converter.task.Task:task-8', --> changeSet = (vmodl.query.PropertyCollector.Change) [ --> (vmodl.query.PropertyCollector.Change) { --> name = "info.estimatedTimeRemaining", --> op = "assign", --> val = 0 --> } --> ], --> } --> ], --> } --> ], --> truncated = <unset> --> } 2017-03-23T18:23:37.772Z verbose converter-gui[06944] [Originator@6876 sub=ConverterDataProviderImpl] Converter::Client::Gui::Wizard::ConverterDataProviderImpl::PropertyCollectorThread[137] - (vmodl.query.PropertyCollector.UpdateSet) { --> version = "137", --> filterSet = (vmodl.query.PropertyCollector.FilterUpdate) [ --> (vmodl.query.PropertyCollector.FilterUpdate) { --> filter = 'vmodl.query.PropertyCollector.Filter:session[52b34711-17f0-f8c5-32fd-78f92b9fddfa]525198f0-828b-a0b3-718c-010b9b21a975', --> objectSet = (vmodl.query.PropertyCollector.ObjectUpdate) [ --> (vmodl.query.PropertyCollector.ObjectUpdate) { --> kind = "modify", --> obj = 'converter.task.Task:task-8', --> changeSet = (vmodl.query.PropertyCollector.Change) [ --> (vmodl.query.PropertyCollector.Change) { --> name = "info.completeTime", --> op = "assign", --> val = "2017-03-23T18:23:37.77278Z" --> }, --> (vmodl.query.PropertyCollector.Change) { --> name = "info.error", --> op = "assign", --> val = (converter.fault.CloneFault) { --> faultCause = (vmodl.MethodFault) null, --> description = "Warning: Permanently added the ECDSA host key for IP address '[172.16.0.66]:33001' to the list of known hosts. --> Permission denied (publickey,gssapi-keyex,gssapi-with-mic). --> /bin/tar_1.28: This does not look like a tar archive --> /bin/tar_1.28: Exiting with failure status due to previous errors --> --> /usr/lib/vmware-converter/bin/ssh -z -F /usr/lib/vmware-converter/ssh.conf john@server12.london.comp.local -i /usr/lib/vmware-converter/helper.pem -p 33001 "sudo tar --one-file-system --sparse -C '/boot' -cf - ." | /bin/tar_1.28 --numeric-owner --delay-directory-restore -C '/mnt/p2v-src-root/boot' -y -xf - --> (return code 2)", --> msg = "An error occurred during the conversion: 'Warning: Permanently added the ECDSA host key for IP address '[172.16.0.66]:33001' to the list of known hosts. --> Permission denied (publickey,gssapi-keyex,gssapi-with-mic). --> /bin/tar_1.28: This does not look like a tar archive --> /bin/tar_1.28: Exiting with failure status due to previous errors --> --> /usr/lib/vmware-converter/bin/ssh -z -F /usr/lib/vmware-converter/ssh.conf john@server12.london.comp.local -i /usr/lib/vmware-converter/helper.pem -p 33001 "sudo tar --one-file-system --sparse -C '/boot' -cf - ." | /bin/tar_1.28 --numeric-owner --delay-directory-restore -C '/mnt/p2v-src-root/boot' -y -xf - --> (return code 2)'" --> } --> }, --> (vmodl.query.PropertyCollector.Change) { --> name = "info.state", --> op = "assign", --> val = "error" --> }, --> (vmodl.query.PropertyCollector.Change) { --> name = "info.transferRate", --> op = "assign", --> val = <unset> --> } --> ], --> } --> ], --> } --> ], --> truncated = <unset> --> } 2017-03-23T18:23:37.897Z verbose converter-gui[06944] [Originator@6876 sub=ConverterDataProviderImpl] Converter::Client::Gui::Wizard::ConverterDataProviderImpl::PropertyCollectorThread[138] - (vmodl.query.PropertyCollector.UpdateSet) { --> version = "138", --> filterSet = (vmodl.query.PropertyCollector.FilterUpdate) [ --> (vmodl.query.PropertyCollector.FilterUpdate) { --> filter = 'vmodl.query.PropertyCollector.Filter:session[52b34711-17f0-f8c5-32fd-78f92b9fddfa]529419b5-c025-98e3-aa90-4c02e62315d9', --> objectSet = (vmodl.query.PropertyCollector.ObjectUpdate) [ --> (vmodl.query.PropertyCollector.ObjectUpdate) { --> kind = "modify", --> obj = 'converter.server.conversion.ConversionJobHistoryCollector:session[52b34711-17f0-f8c5-32fd-78f92b9fddfa]52900437-ca19-0369-94db-655228a72359', --> changeSet = (vmodl.query.PropertyCollector.Change) [ --> (vmodl.query.PropertyCollector.Change) { --> name = "latestPage["job-8"].activeTask", --> op = "assign", --> val = <unset> --> }, --> (vmodl.query.PropertyCollector.Change) { --> name = "latestPage["job-8"].lastRunCompleteTime", --> op = "assign", --> val = "2017-03-23T18:23:37.804029Z" --> }, --> (vmodl.query.PropertyCollector.Change) { --> name = "latestPage["job-8"].mostRecentError", --> op = "assign", --> val = (converter.fault.CloneFault) { --> faultCause = (vmodl.MethodFault) null, --> description = "Warning: Permanently added the ECDSA host key for IP address '[172.16.0.66]:33001' to the list of known hosts. --> Permission denied (publickey,gssapi-keyex,gssapi-with-mic). --> /bin/tar_1.28: This does not look like a tar archive --> /bin/tar_1.28: Exiting with failure status due to previous errors --> --> /usr/lib/vmware-converter/bin/ssh -z -F /usr/lib/vmware-converter/ssh.conf john@server12.london.comp.local -i /usr/lib/vmware-converter/helper.pem -p 33001 "sudo tar --one-file-system --sparse -C '/boot' -cf - ." | /bin/tar_1.28 --numeric-owner --delay-directory-restore -C '/mnt/p2v-src-root/boot' -y -xf - --> (return code 2)", --> msg = "An error occurred during the conversion: 'Warning: Permanently added the ECDSA host key for IP address '[172.16.0.66]:33001' to the list of known hosts. --> Permission denied (publickey,gssapi-keyex,gssapi-with-mic). --> /bin/tar_1.28: This does not look like a tar archive --> /bin/tar_1.28: Exiting with failure status due to previous errors --> --> /usr/lib/vmware-converter/bin/ssh -z -F /usr/lib/vmware-converter/ssh.conf john@server12.london.comp.local -i /usr/lib/vmware-converter/helper.pem -p 33001 "sudo tar --one-file-system --sparse -C '/boot' -cf - ." | /bin/tar_1.28 --numeric-owner --delay-directory-restore -C '/mnt/p2v-src-root/boot' -y -xf - --> (return code 2)'" --> } --> }, --> (vmodl.query.PropertyCollector.Change) { --> name = "latestPage["job-8"].numConsecutiveErrors", --> op = "assign", --> val = 1 --> }, --> (vmodl.query.PropertyCollector.Change) { --> name = "latestPage["job-8"].state", --> op = "assign", --> val = "deactivated" --> } --> ], --> } --> ], --> } --> ], --> truncated = <unset> --> } |
When checking the logs on the Linux server I get these logs:
| Header 1 |
|---|
[root@server12 john]# tail /var/log/secure Mar 23 18:20:26 server12 sshd[4895]: pam_unix(sshd:session): session opened for user john by (uid=0) Mar 23 18:20:26 server12 sshd[4895]: pam_unix(sshd:session): session closed for user john Mar 23 18:20:27 server12 sshd[4909]: Accepted publickey for john from 10.1.106.182 port 61617 ssh2: RSA d3:b9:c6:e5:3b:ee:06:28:e6:49:70:f2:3b:e4:ae:3b Mar 23 18:20:27 server12 sshd[4909]: pam_unix(sshd:session): session opened for user john by (uid=0) Mar 23 18:20:27 server12 sshd[4909]: pam_unix(sshd:session): session closed for user john Mar 23 18:22:31 server12 sshd[5374]: fatal: no hostkey alg [preauth] Mar 23 18:22:31 server12 sshd[5375]: Connection closed by 10.1.105.240 [preauth] Mar 23 18:22:31 server12 sshd[5376]: Connection closed by 10.1.105.240 [preauth] Mar 23 18:22:31 server12 sshd[5380]: Connection closed by 10.1.105.240 [preauth] Mar 23 18:22:31 server12 sshd[5382]: Did not receive identification string from 10.1.105.240 |
I did come across linux p2v conversion with wmware converter 6.1.1 where the user disabled the private key and switched to user name and password authentication. However, I wanted to know if its possible to P2V with PrivateKey and passphrase.
Any help will be much appreciated.
Kind regards,
mjt.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Found that the issue was down to me not using the correct format of the certificate.
I created a new .PEM file from the server that needs to be P2Ved.
login as: john
Authenticating with public key "imported-openssh-key"
Passphrase for key "imported-openssh-key":
Last login: Thu Mar 23 16:48:30 2017 from 172.16.1.10
[john@server12 ~]$ sudo -i
[root@server12 ~]# cd /home/john/.ssh/
[root@server12 .ssh]# ls -l
total 12
-r-------- 1 john john 423 Jan 20 12:22 authorized_keys
-rw------- 1 john john 1766 Jan 20 12:20 id_rsa
-rw-r--r-- 1 john john 423 Jan 20 12:20 id_rsa.pub
[root@server12 .ssh]# openssl rsa -in id_rsa -outform pem > id_rsa.pem
Enter pass phrase for id_rsa:
writing RSA key
[root@server12 .ssh]# ls -l
total 16
-r-------- 1 john john 423 Jan 20 12:22 authorized_keys
-rw------- 1 john john 1766 Jan 20 12:20 id_rsa
-rw-r--r-- 1 root root 675 Mar 27 12:53 id_rsa.pem
-rw-r--r-- 1 john john 423 Jan 20 12:20 id_rsa.pub
[root@server12 .ssh]#
I then used the id_rsa.pem and the P2V was successful.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Found that the issue was down to me not using the correct format of the certificate.
I created a new .PEM file from the server that needs to be P2Ved.
login as: john
Authenticating with public key "imported-openssh-key"
Passphrase for key "imported-openssh-key":
Last login: Thu Mar 23 16:48:30 2017 from 172.16.1.10
[john@server12 ~]$ sudo -i
[root@server12 ~]# cd /home/john/.ssh/
[root@server12 .ssh]# ls -l
total 12
-r-------- 1 john john 423 Jan 20 12:22 authorized_keys
-rw------- 1 john john 1766 Jan 20 12:20 id_rsa
-rw-r--r-- 1 john john 423 Jan 20 12:20 id_rsa.pub
[root@server12 .ssh]# openssl rsa -in id_rsa -outform pem > id_rsa.pem
Enter pass phrase for id_rsa:
writing RSA key
[root@server12 .ssh]# ls -l
total 16
-r-------- 1 john john 423 Jan 20 12:22 authorized_keys
-rw------- 1 john john 1766 Jan 20 12:20 id_rsa
-rw-r--r-- 1 root root 675 Mar 27 12:53 id_rsa.pem
-rw-r--r-- 1 john john 423 Jan 20 12:20 id_rsa.pub
[root@server12 .ssh]#
I then used the id_rsa.pem and the P2V was successful.