vagrant ssh: permission denied (publickey)

[Jason Hsu]

Thanks for your help with my "vagrant up" problem, which I have since resolved.  To prepare my virtual machine for Vagrant, I now download and run my script at https://raw.githubusercontent.com/jhsu802701/vagrant_prep/master/deb1.sh in the virtual machine.

While the "vagrant up" command works, the "vagrant ssh" command does not, and I get a "permission denied (publickey)" message when I enter "vagrant ssh".  What exactly am I missing in my ssh configuration?

My Vagrantfile is at https://github.com/jhsu802701/vagrant_debian_wheezy_rvm .  The scripts dedicated to preparing the virtual machine for Vagrant are at https://github.com/jhsu802701/vagrant_prep .

[Alvaro Miranda Aguilera]

Test is the keys are the issue

open the gui of virtualbox, or do ssh to port 2222 on localhost

enter as root and the password you set on the install

I think the problem is here:

mkdir /home/vagrant/.ssh
cd /home/vagrant/.ssh
wget https://raw.github.com/mitchellh/vagrant/master/keys/vagrant.pub
mv vagrant.pub authorized_keys
chmod -R 600 /home/vagrant/.ssh

chmod 700 /home/vagrant/.ssh

chown -R vagrant:vagrant /home/vagrant/.ssh

But looks you are missing also sudo, vagrant should be able to do sudo to root without paswords.

here is what I use:

   useradd vagrant 
   cp /etc/sudoers /etc/sudoers.orig 
   sed -i -e 's/Defaults\\s*requiretty$/#Defaults\trequiretty/' /etc/sudoers   
   sed -i -e '/# %wheel\tALL=(ALL)\tNOPASSWD: ALL/a %vagrant\tALL=(ALL)\tNOPASSWD: ALL' /etc/sudoers   
   mkdir ~vagrant/.ssh   
   chmod 700 ~vagrant/.ssh  
   echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp
4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key' > ~vagrant/.ssh/authorized_keys  
   chmod 600 ~vagrant/.ssh/authorized_keys 
   chown -R vagrant: ~vagrant/.ssh   
   cp /etc/ssh/sshd_config /etc/ssh/sshd_config.ori 
   sed -i -e '/#UseDNS yes/a UseDNS no' /etc/ssh/sshd_config 
   for nic in /etc/sysconfig/network-scripts/ifcfg-eth*; do sed -i /HWADDR/d $nic; done 
   rm /etc/udev/rules.d/70-persistent-net.rules   

--
You received this message because you are subscribed to the Google Groups "Vagrant" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vagrant-up+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Jason Hsu]

After I successfully execute "vagrant up", the output of "vagrant ssh-config" is:
Host default
  HostName 127.0.0.1
  User vagrant
  Port 2222
  UserKnownHostsFile /dev/null
  StrictHostKeyChecking no
  PasswordAuthentication no
  IdentityFile /home/jhsu/.vagrant.d/insecure_private_key
  IdentitiesOnly yes
  LogLevel FATAL

Then again, I get the same output from "vagrant ssh-config" from an outdated but working Ubuntu-based Vagrant box built from https://github.com/railsmn/railsmn-dev-box:
Host default
  HostName 127.0.0.1
  User vagrant
  Port 2222
  UserKnownHostsFile /dev/null
  StrictHostKeyChecking no
  PasswordAuthentication no
  IdentityFile /home/jhsu/.vagrant.d/insecure_private_key
  IdentitiesOnly yes
  LogLevel FATAL

[Alvaro Miranda Aguilera]

you need to ssh as root and fix the permissions on the key

ssh -p 2222 root@localhost

[Jason Hsu]

The last part of the output of "VAGRANT_LOG=INFO vagrant ssh" is:

 INFO ssh: Invoking SSH: ["vag...@127.0.0.1", "-p", "2222", "-o", "Compression=yes", "-o", "DSAAuthentication=yes", "-o", "LogLevel=FATAL", "-o", "StrictHostKeyChecking=no", "-o", "UserKnownHostsFile=/dev/null", "-o", "IdentitiesOnly=yes", "-i", "/home/jhsu/.vagrant.d/insecure_private_key"]
Permission denied (publickey).

For rails-dev-box (the outdated Ubuntu-based setup), the analogous part of the output is the exact same thing except that it works:

INFO ssh: Invoking SSH: ["vag...@127.0.0.1", "-p", "2222", "-o", "Compression=yes", "-o", "DSAAuthentication=yes", "-o", "LogLevel=FATAL", "-o", "StrictHostKeyChecking=no", "-o", "UserKnownHostsFile=/dev/null", "-o", "IdentitiesOnly=yes", "-i", "/home/jhsu/.vagrant.d/insecure_private_key"]

[Alvaro Miranda Aguilera]

I think the problem is on the authorized_keys permissions on the vm inside the vagrant user.

that is what I tried to tell you with the commands

you have chmod 0700 for the directory, but seems you are missing chmod 0600 to ~vagrant/.ssh/authorized_keys

[Jason Hsu]

OK, I changed the permission of /home/vagrant/.ssh to 700, and the permission of /home/vagrant/.ssh/authorized_keys to 600.  That wasn't enough.  (Maybe 640 is OK, and maybe it isn't.  I'll stick with 700 and 600.)

I was able to get the "vagrant ssh" command to work by setting "config.ssh.forward_agent = true" in the Vagrant file.

Unfortunately, "vagrant ssh" no longer works when I add guest additions.  Yet when I go back to the old VirtualBox snapshot from before I added guest additions, "vagrant ssh" works again.  Is there ANY reason adding guest additions would disable the ssh server?

And what does it take for file syncing to work?  I installed the guest additions for this purpose.

So far, I've been able to get "vagrant up" and "vagrant ssh" to work, but when I try to get file syncing to work as well, I lose "vagrant ssh".