ssh authorized key changes after vagrant post-processor?
320 views
Skip to first unread message
Kevin Clarke
Nov 14, 2016, 7:02:48 PM11/14/16
to Packer
Hi,
"post-processors": [
{
"output": "builds/{{.Provider}}-centos6.box",
"type": "vagrant",
"keep_input_artifact": true
}
]
I'm wanting to use the insecure SSH key but when I try to `vagrant up` on the finished product the key authentication fails. Looking at the ~/.ssh/authorized_keys files I see they are different between the vmdk that's bundled up in the final .box versus the vmdk working file. The working files vmdk's authorized_keys file has the public key that I've downloaded and configured as a part of my provisioning, but after the Vagrant post-processor runs, the key in authorized_keys has been changed. I've tried setting the config.ssh.private_key_path in my Vagrantfile to my personal private key and the private key at ~/.vagrant.d/insecure_private_key but neither seems to correspond to key in the vagrant output (or at least I get an authentication failure when I try to vagrant up).
I want to use the insecure SSH in the vagrant box but I don't see an option in the vagrant post-processor to not do whatever it's doing to rewrite the value in the authorized_keys file. Any tips?
Thanks,
Kevin
Rickard von Essen
Nov 15, 2016, 12:27:32 AM11/15/16
to packe...@googlegroups.com
Could you attach your template and scripts or link to a repo with them in?
--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/267c96fe-4ed3-4a70-8549-a7bdd71e7a78%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Kevin S. Clarke
Nov 15, 2016, 11:15:42 AM11/15/16
to packe...@googlegroups.com
Hi Richard,
This is my first time using Ansible. My previous Packer builds have used Bash scripts. The Bash script builds are still working. I check the contents of the Ansible provisioned /home/vagrant/.ssh/authorized_keys in the last clean.sh and it looks okay to me there but perhaps I'm missing something?
Thanks,
Kevin
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALz9Rt-bnYp1XQgdRVNMwvABmXBygizFO_V0NMDz%3DTfJREH1hQ%40mail.gmail.com.
"There are two kinds of people in this world: those who believe there are two kinds of people in this world and those who know better."
Rickard von Essen
Nov 15, 2016, 2:21:31 PM11/15/16
to packe...@googlegroups.com
So which commands do you run and what's the output of them? From one look it seems that everything is correct but I haven't had any computer to test it on yet.
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CAE6YT8R4nEX1G7O-guo-RDmUaCOCdN1ZAsRCgU_u8s4bQ9OrDQ%40mail.gmail.com.
Rickard von Essen
Nov 15, 2016, 3:16:16 PM11/15/16
to packe...@googlegroups.com
Your build works as expected for me. I think you are missing some command in your workflow or something like that.
Kevin Clarke
Nov 15, 2016, 4:02:26 PM11/15/16
to Packer
Hmm, I'm running:
packer build --only=virtualbox-iso kakadu.json
vagrant up virtualbox --provider=virtualbox
I get a long list of "virtualbox: Warning: Authentication failure. Retrying..." and then it gives up. My other packer projects are building VMs that can be started though.
I get a long list of "virtualbox: Warning: Authentication failure. Retrying..." and then it gives up. My other packer projects are building VMs that can be started though.
Puzzled,
Kevin
To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/267c96fe-4ed3-4a70-8549-a7bdd71e7a78%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALz9Rt-bnYp1XQgdRVNMwvABmXBygizFO_V0NMDz%3DTfJREH1hQ%40mail.gmail.com.
--"There are two kinds of people in this world: those who believe there are two kinds of people in this world and those who know better."
--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool...@googlegroups.com.
Kevin Clarke
Nov 15, 2016, 4:09:43 PM11/15/16
to Packer
When I login with username/password after the login via `vagrant up` has failed, I do not see a .ssh directory in the vagrant user's home directory (though it is in the box's vmdk file before I run `vagrant up`, just not with the insecure key).
Kevin
Rickard von Essen
Nov 15, 2016, 5:15:35 PM11/15/16
to packe...@googlegroups.com
Attach the output of the packer build. And be sure you have destroyed the vagrant machine (vagrant destroy -f) before starting it so you are sure you don't have an old.
What's your VirtualBox version?
If you run vagrant ssh-config and check which port ssh is mapped to and then run:
ssh -p <port> -l vagrant 127.0.0.1 cat .ssh/authorized_keys
What's the output of that?
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/9b06c8b2-7dec-4d6b-9088-adc42f3da649%40googlegroups.com.To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.
Kevin Clarke
Nov 15, 2016, 5:56:01 PM11/15/16
to Packer
Well, now it's working. I did three things, but I'm not sure which was the change that mattered.
1) I did `vagrant destroy -f` instead of just `vagrant destroy` (which I was doing before)
2) I did `vagrant box remove <boxname>`
3) I cleared out the entry in known_hosts on my machine
I'm not sure which of those fixed it for me, but it's now logging in with the key.
Thanks for your help,
Kevin
Reply all
Reply to author
Forward
0 new messages