I tried re-adding my key on the remote and ensuring that it has the correct ownership and permissions. It does. I also tried deleting the the .vagrant directory to make sure all vagrant files are re-created in case there was some cruft there but that didn't help either. Bottom line is that I just can't find a way to make SSH for an account other than the vagrant account to work. I've scoured the Internet and can't find a solution. I'm just giving up on trying to do this. I'm going to see if I can at least figure out how to run my Ansible playbooks using the vagrant account and then I can just "sudo su jones" whenever I log into a server to get to my own account. It's ridiculous that something that's so essential should be so hard to configure. I wish the people who manage Vagrantup would weigh in and provide some guidance on how to do this correctly. Thanks again for your help.
On Thursday, May 16, 2019 at 10:38:48 AM UTC-7, Brian Cain wrote: > > > > On Thu, May 16, 2019 at 10:28 AM Robert <[email protected] > <javascript:>> wrote: > >> If I add these lines to my Vagrantfile: >> >> Vagrant.configure(...) do |config| >> ... >> config.ssh.username = "jone" >> config.ssh.private_key_path = "~/.ssh/id_rsa" >> >> >> >> When I bring up the VM I get this message: >> >> fs: SSH username: jones >> fs: SSH auth method: private key >> FS: Warning: Authentication failure. Retrying... >> FS: Warning: Authentication failure. Retrying... >> >> This warning goes on continuously. >> >> I'm not sure what you mean by passing my keyfile in directly. If you >> mean issuing this command... >> >> ssh -i ~/.ssh/id_rsa [email protected] >> >> I get the same Permission denied error as before. >> > > So, if you can't ssh like this with the keyfile, then Vagrant won't be > able to either. Maybe it would be worth erasing the line and trying to > re-add your public key? Also make sure the file is readable with the right > permissions? You said you were provisioning this file with ansible, is > there a chance that you used the root user for writing or creating the > authorized_keys file and it isn't readable by your jones account? It would > be good to see the permissions just in case, it's possible by default the > ansbile provisioner runs as root. > > >> >> The authorized_keys file on the guest host is identical to my public key >> ~/.ssh/id_rsa.pub on my local machine. It starts out like "ssh-rsa >> ABzC2E.... == [email protected] <javascript:>". Is there a way I can >> write the output of the command to a file? I tried using tee and that >> didn't work. If I could show the SSH debug commands, this might be easier >> to troubleshoot. >> > > https://www.vagrantup.com/docs/other/debugging.html > > You should be able to redirect the output into a text file: > > vagrant up --debug &> vagrant.log > > Is the default insecure key still in the authorized_keys file? Can you ssh > using the Vagrant user at all? > > >> >> Thanks very much for your help. >> >> On Thursday, May 16, 2019 at 9:41:35 AM UTC-7, Brian Cain wrote: >>> >>> Hey there - >>> >>> On Thu, May 16, 2019 at 8:54 AM Robert <[email protected]> wrote: >>> >>>> I'm sure everyone here gets tired of people like me posting questions >>>> about this error but for some of us, vagrant is terribly difficult to use >>>> because of SSH. I've just built a simple Vagrant VM that I need to >>>> connect >>>> to the outside world so that I can install Python packages from >>>> pypi.org onto it. When I create it, I have an Ansible provisioner >>>> that creates my user account 'jones' and then uploads my public key >>>> ~/.ssh/id_rsa.pub into ~/.ssh/authorized_keys on the VM. The permissions >>>> for my remote .ssh directory and the authorized keys file are all correct >>>> (they are set to the same permissions I've used on numerous other real >>>> Unix >>>> servers I manage). The problem is that no matter why I've tried, when I >>>> try to log in, I get an error: >>>> >>>> ssh [email protected] -vvvv | tee error.txt >>>> Permission denied (publickey). >>>> >>>> >>>> Here is the Vagrantfile: >>>> >>>> VAGRANTFILE_API_VERSION = "2" >>>> Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| >>>> config.vm.box = "debian/stretch64" >>>> config.vm.synced_folder "./shared", "/vagrant", type: "virtualbox" >>>> config.vm.provider :virtualbox do |v| >>>> v.memory = 256 >>>> v.linked_clone = true >>>> end >>>> ENV['ANSIBLE_ROLES_PATH'] = "/Users/jones/playbooks/roles" >>>> >>>> >>>> config.vm.define "fs" do |fs| >>>> fs.vm.hostname = "fs00.example.com" >>>> fs.vm.network "public_network", bridge: "en4: Apple USB Ethernet >>>> Adapter" >>>> >>>> >>>> config.vm.provision "ansible" do |ansible| >>>> ansible.playbook = "provision.yml" >>>> ansible.compatibility_mode = "2.0" >>>> ansible.vault_password_file = "vault_pass" >>>> ansible.become = true >>>> end >>>> end >>>> end >>>> >>>> >>>> Here is my local ~/.ssh/config file: >>>> >>>> Host * >>>> ServerAliveInterval 60 >>>> StrictHostKeyChecking no >>>> >>>> >>>> >>>> This is the output from ssh-config: >>>> >>>> Host fs >>>> HostName 127.0.0.1 >>>> User vagrant >>>> Port 2204 >>>> UserKnownHostsFile /dev/null >>>> StrictHostKeyChecking no >>>> PasswordAuthentication no >>>> IdentityFile /Users/jones/playbooks/swingerpixels-vm/.vagrant/ >>>> machines/fs/virtualbox/private_key >>>> IdentitiesOnly yes >>>> LogLevel FATAL >>>> >>>> >>>> I tried to run the ssh command with the "-vvvv" option and then tee the >>>> output to a file to display here but nothing gets written to the file. >>>> >>>> Can anyone see what I'm doing wrong? >>>> >>> >>> First, if you're wanting to use your own custom user account and key you >>> need to set those options in your Vagrantfile: >>> >>> >>> https://www.vagrantup.com/docs/vagrantfile/ssh_settings.html#config-ssh-private_key_path >>> >>> >>> https://www.vagrantup.com/docs/vagrantfile/ssh_settings.html#config-ssh-username >>> >>> Second, if you are trying to ssh into the box outside of Vagrant, does >>> it work if you pass in your keyfile directly rather than trying to use an >>> ssh config? What does your authorized_keys file look like on the guest? >>> >>> >>>> >>>> -- >>>> This mailing list is governed under the HashiCorp Community Guidelines >>>> - https://www.hashicorp.com/community-guidelines.html. Behavior in >>>> violation of those guidelines may result in your removal from this mailing >>>> list. >>>> >>>> GitHub Issues: https://github.com/mitchellh/vagrant/issues >>>> IRC: #vagrant on Freenode >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "Vagrant" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/d/msgid/vagrant-up/39ca59d3-1aa8-4d90-85df-17b306712eed%40googlegroups.com >>>> >>>> <https://groups.google.com/d/msgid/vagrant-up/39ca59d3-1aa8-4d90-85df-17b306712eed%40googlegroups.com?utm_medium=email&utm_source=footer> >>>> . >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> >>> >>> -- >>> Brian Cain >>> >> -- >> This mailing list is governed under the HashiCorp Community Guidelines - >> https://www.hashicorp.com/community-guidelines.html. Behavior in >> violation of those guidelines may result in your removal from this mailing >> list. >> >> GitHub Issues: https://github.com/mitchellh/vagrant/issues >> IRC: #vagrant on Freenode >> --- >> You received this message because you are subscribed to the Google Groups >> "Vagrant" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/vagrant-up/b72dcb20-2121-4498-b9d8-f89de067400a%40googlegroups.com >> >> <https://groups.google.com/d/msgid/vagrant-up/b72dcb20-2121-4498-b9d8-f89de067400a%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > > > -- > Brian Cain > -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/mitchellh/vagrant/issues IRC: #vagrant on Freenode --- You received this message because you are subscribed to the Google Groups "Vagrant" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/vagrant-up/0f3ddd87-e377-40d8-bfc3-40717d4399e7%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
