-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Handshake failed #28
Comments
Hi, the private_key = file("/home/${var.user}/.ssh/key") Also make sure the key does not have a passphrase as the provider will not be able to read it in that case |
Thanks for the reply just tried it didn't work: sh_resource.init: Creating... Also the key is passphrase-less |
Can you set a provider "ssh" {
debug_log = "/tmp/ssh.log"
} Also when trying the |
I made sure agent was true and key loaded. Then I tested manually that I can ssh into the server using key from ssh-agent. Then I tried to provide the key directly, also didn't work This is what I get in log: "Copied /home/alpha1138/Projects/sabik/config/haproxy.cfg to remote file 10.2.1.120:/var/data/haproxy/haproxy.cfg: 906 bytes `resource "ssh_resource" "init" { private_key = file("/home/alpha1138/.ssh/key") file { timeout = "15m" provider "ssh" { |
@loafoe Hi, thank you for your assistance. After a ton of investigating I arrived at the conclusion the problem has to do with ssh-rsa and this deprecation. I still don't understand why I could log in with my ssh-rsa key to Fedora CoreOS 35 via ssh application. And at the same time I could provision container resources via kreuzwerker/docker. But clearly there is some kind of blunder somwhere related to Go language. This is what I found. Exactly the issue I have. Let me add another link maybe search engines will pick it up coreos/fedora-coreos-docs#220 God the HOURS I spent on this, I can't believe it. Ok so a maintainer of fedora coreos docs says . So this is related to this issue. Terraform uses Go lang or smth? So then this on go. Someone tried to implement a fix but it's not merged here |
Ok, looks like changing the cipher to ecdsa-key didn't solve anything. Before when using ssh-rsa I couldn't use the default terraform provisioners. Now they work. But your provider doesn't work. So clearly there is something wrong. This is what I get in /tmp/ssh.log: Copied /home/alpha1138/Projects/sabik/config/haproxy.cfg to remote file 10.2.1.120:/var/data/haproxy/haproxy.cfg: 906 bytes Again, this is the code `resource "ssh_resource" "init" { agent = true file { timeout = "15m" |
@adriangabura hi, yes first the files are copied and then the commands are executed. You could split this in 2 resources and create a |
Hi I have the following config:
`resource "ssh_resource" "init" {
host = "${var.host}"
user = "${var.user}"
host_user = "${var.user}"
private_key = "/home/${var.user}/.ssh/key"
agent = false
file {
source = "${var.haproxy_cfg_path}"
destination = "/home/${var.user}/haproxy/haproxy.cfg"
permissions = "0644"
owner = "${var.user}"
group = "${var.user}"
}
timeout = "15m"
commands = [
"mkdir -p /var/home/${var.user}/haproxy}"
]
}`
I get ssh_resource.init: Creating...
docker_container.haproxy: Destroying... [id=0e0d0589e1c133f8fd7ef7037362941b35e19b97e4b1249d684d145a50412e56]
docker_container.haproxy: Destruction complete after 0s
docker_container.haproxy: Creating...
docker_container.haproxy: Creation complete after 1s [id=a8c0035f20e6bd37343495f42f0d6cc968afdb29b3743b0f8e8823e0ec777911]
╷
│ Error: copying files to remote: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
│
│ with ssh_resource.init,
│ on sabik.tf line 15, in resource "ssh_resource" "init":
│ 15: resource "ssh_resource" "init" {
│
.ssh is 700
key is 600
I tried both loading via ssh-agent and directly via private key arg Nothing works.
This is Fedora 35 workstation
The text was updated successfully, but these errors were encountered: