private key permissions broken
22 views
Skip to first unread message
Joaquin Menchaca
Dec 5, 2015, 2:33:06 PM12/5/15
to Vagrant
I have a multi-system setup (node, work, chefserver) with their own private network. Each system is provisioned with a hosts file and /etc/ssh/ssh_config, so I can just automatically ssh into the system. The private key in that config file will be <code>/vagrant/.vagrant/machines/$SYSTEM/virtualbox/private_key</code> where $SYSTEM is either node, work, or chefserver.
The problem is that the VirtualBox mounted /vagrant directory has mangled permissions.
For example, from one of the systems:
]$ ls -l /vagrant/.vagrant/machines/node/virtualbox/private_key
-rwxrwxrwx. 1 vagrant vagrant 1706 Dec 5 19:17 /vagrant/.vagrant/machines/node/virtu
This prevents me from logging into the various systems.
Outside of the guest, the permissions are set appropriately:
$ ls -l .vagrant/machines/node/virtualbox/private_key
-rw-r--r-- 1 joaquin197609 1706 Dec 5 11:17 .vagrant/machines/node/virtualbox/private_key
Any idea how to fix this?
The problem is that the VirtualBox mounted /vagrant directory has mangled permissions.
For example, from one of the systems:
]$ ls -l /vagrant/.vagrant/machines/node/virtualbox/private_key
-rwxrwxrwx. 1 vagrant vagrant 1706 Dec 5 19:17 /vagrant/.vagrant/machines/node/virtu
This prevents me from logging into the various systems.
Outside of the guest, the permissions are set appropriately:
$ ls -l .vagrant/machines/node/virtualbox/private_key
-rw-r--r-- 1 joaquin197609 1706 Dec 5 11:17 .vagrant/machines/node/virtualbox/private_key
Any idea how to fix this?
Alvaro Miranda Aguilera
Dec 5, 2015, 7:46:54 PM12/5/15
to vagra...@googlegroups.com
Hello,
I think will be easiest you provision files and set permissions
outside /vagrant since that is not a real filesystem and it's using
virtualbox file system.
You can try to get a proper mount point of the default vagrant (a more
restricted one),
Have a look at mount options
https://docs.vagrantup.com/v2/synced-folders/basic_usage.html
Alvaro
> --
> This mailing list is governed under the HashiCorp Community Guidelines -
> https://www.hashicorp.com/community-guidelines.html. Behavior in violation
> of those guidelines may result in your removal from this mailing list.
>
> GitHub Issues: https://github.com/mitchellh/vagrant/issues
> IRC: #vagrant on Freenode
> ---
> You received this message because you are subscribed to the Google Groups
> "Vagrant" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to vagrant-up+...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/vagrant-up/45a1f22a-fdb3-439a-8c8a-a7fe368fe70f%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
I think will be easiest you provision files and set permissions
outside /vagrant since that is not a real filesystem and it's using
virtualbox file system.
You can try to get a proper mount point of the default vagrant (a more
restricted one),
Have a look at mount options
https://docs.vagrantup.com/v2/synced-folders/basic_usage.html
Alvaro
> This mailing list is governed under the HashiCorp Community Guidelines -
> https://www.hashicorp.com/community-guidelines.html. Behavior in violation
> of those guidelines may result in your removal from this mailing list.
>
> GitHub Issues: https://github.com/mitchellh/vagrant/issues
> IRC: #vagrant on Freenode
> ---
> You received this message because you are subscribed to the Google Groups
> "Vagrant" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to vagrant-up+...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/vagrant-up/45a1f22a-fdb3-439a-8c8a-a7fe368fe70f%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
Joaquin Menchaca
Dec 6, 2015, 3:54:09 PM12/6/15
to Vagrant
I ended up copying them to /etc/ssh and doing chmod.
for SYSTEM in $SYSTEMS; do
cp -v /vagrant/.vagrant/machines/${SYSTEM}/virtualbox/private_key /etc/ssh/${SYSTEM}_key
chmod 644 /etc/ssh/${SYSTEM}_key
...
...
done
for SYSTEM in $SYSTEMS; do
cp -v /vagrant/.vagrant/machines/${SYSTEM}/virtualbox/private_key /etc/ssh/${SYSTEM}_key
chmod 644 /etc/ssh/${SYSTEM}_key
...
...
done
Reply all
Reply to author
Forward
0 new messages