Vagrant SSH permission issue

[Will Seaford]

Hi, I am currently trying to demonstrate SELinux on a centOS/7 virtual machine and in order for policy changes to take effect I have to log on as the user itself rather than su'ing over to it. This has created a difficult issue with me and accessing the box via any other user than 'vagrant'. 

I have tried the following methods:

-> vagrant ssh -- -l <user> 

-> ssh -i <route/to/private_key> -p 2222 <user>@localhost 

-> configuring VagrantFile to include config.ssh.{username, password} 

-> actually placing the public key on the box via the vagrant user into known_hosts and/or authorised_keys. 

All methods work if the vagrant user is specified. 

All methods tried have returned the following error - "Permission denied (publickey,gssapi-keyex,gssapi-with-mic.)" if a user other than 'vagrant' is specified.

I have made a paste of my error log - http://pastebin.com/CEWkGgAF

Can anybody spot the problem I am facing and any possible solutions I can do to rectify it?

Many thanks,

William

[Alvaro Miranda Aguilera]

Hello, I see 2 options.

A. 

create a new user

set the public known key there

package the box if you are on virtualbox

vagrant package

     package         packages a running vagrant environment into a box

Then you should be able to overwrite the user with

config.ssh.username in the Vagrantfile

B.

Set a private or public ip, and ssh to that ip using the user/pass you want to test.

Alvaro.

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/vagrant/issues
IRC: #vagrant on Freenode
---
You received this message because you are subscribed to the Google Groups "Vagrant" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vagrant-up+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/vagrant-up/004396a2-5589-42eb-8f62-5c0027ef8ba9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Alvaro

[Will Seaford]

Hi Alvaro thanks for your reply, much appreciated,

Unfortunately the second option I had tried before posting and forgot to list it aside the other methods I tried. 

I am trying the first method now but a colleague has advised me this probably won't work. 

Many thanks,

William

To unsubscribe from this group and stop receiving emails from it, send an email to vagrant-up+...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/vagrant-up/004396a2-5589-42eb-8f62-5c0027ef8ba9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Alvaro

[Will Seaford]

Hello all, I was able to finally find out how to ssh on to a user other than vagrant with help from a colleague. Here are the steps outlined that I took, for future reference of those also experiencing the same problem:

1. vagrant ssh on to the user vagrant

2. create/su user you wish to ssh into

3. create .ssh with 700 permission and cd into .ssh

4. ssh-keygen, and create you id_rsa private and public key

5. cat your public key into your authorized_keys and chmod it to 600 permission

6. ssh into the user from the users own .ssh directory (ssh -i id_rsa <user@>localhost/private_network/public_network) so it is added to the known_hosts

7. copy the id_rsa and put it into a .pem file on your localhost side (outside of the box) with chmod 600. 

You should now be able to ssh onto a specified user other than vagrant.