On Sat, Jun 6, 2020 at 8:42 PM Michael Thomas <wart(a)caltech.edu> wrote:
After a week of iterations, I finally found the problem. I was setting
'PermitRootLogin no' in the global section of the bare metal OS sshd_config, as we
do on all of our servers. Instead, PermitRootLogin is set to 'without-password'
in a match block to allow root logins only from a well-known set of hosts.
Thanks for the report!
Can someone explain why setting 'PermitRootLogin no' in the sshd_config on the
hypervisor OS would affect the hosted engine deployment?
Because the engine (running inside a VM) uses ssh as root to connect
to the host (in which the engine vm is running).