search

bradleyd / devops_for_the_desperate

The companion code for the book DevOps for the Desperate
111 stars 62 forks source link

Chapter 3, Page 34, Testing SSH Access #20

Open ClifRuns opened 1 year ago

ClifRuns commented 1 year ago

Book has been great until now, often verbatim identical to my output, but ... now I hit this: begin terminal quote

cpm@pop-os:~/devops_for_the_desperate/vagrant$ ssh -i ~/.ssh/dftd -p 2222 bender@localhost
The authenticity of host '[localhost]:2222 ([127.0.0.1]:2222)' can't be established.
ED25519 key fingerprint is SHA256:wueB0xyyhmfAjJ3sI46IthN9rqhBoENWQQ2aOdl0k8k.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[localhost]:2222' (ED25519) to the list of known hosts.
bender@localhost: Permission denied (publickey).
cpm@pop-os:~/devops_for_the_desperate/vagrant$ ssh -i ~/.ssh/dftd -p 2222 bender@localhost
bender@localhost: Permission denied (publickey).
cpm@pop-os:~/devops_for_the_desperate/vagrant$ ssh -i ~/.ssh/dftd -p 2222 bender@dftd
ssh: Could not resolve hostname dftd: Temporary failure in name resolution
cpm@pop-os:~/devops_for_the_desperate/vagrant$ cat /etc/hosts
127.0.0.1   localhost
::1     localhost
127.0.1.1   pop-os.localdomain  pop-os
cpm@pop-os:~/devops_for_the_desperate/vagrant$

end terminal quote My guess is that localhost is the physical host, where bender is unknown. Physical host doesn't know the VM exists (not in /etc/hosts), so how could physical host ssh to the VM? Nothing in VM:/var/log/auth.log or VM:/var/log/syslog looks significant to me. May I please request your help in getting this example to succeed? Thank you. begin terminal quote

cpm@pop-os:~/devops_for_the_desperate/vagrant$ vagrant ssh
Welcome to Ubuntu 20.04.5 LTS (GNU/Linux 5.4.0-135-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

  System information as of Fri Dec 30 23:19:34 UTC 2022

  System load:  0.0               Processes:               115
  Usage of /:   4.3% of 38.70GB   Users logged in:         0
  Memory usage: 22%               IPv4 address for enp0s3: 10.0.2.15
  Swap usage:   0%                IPv4 address for enp0s8: 192.168.56.3

 * Strictly confined Kubernetes makes edge and IoT secure. Learn how MicroK8s
   just raised the bar for easy, resilient and secure K8s cluster deployment.

   https://ubuntu.com/engage/secure-kubernetes-at-the-edge

0 updates can be applied immediately.

Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings

Last login: Fri Dec 30 22:21:55 2022 from 10.0.2.2
vagrant@dftd:~$ less /var/log/auth.log
/var/log/auth.log: Permission denied
vagrant@dftd:~$ sudo less /var/log/auth.log
vagrant@dftd:~$ sudo less /var/log/syslog
vagrant@dftd:~$

end terminal quote

bradleyd commented 1 year ago

@ClifRuns, sorry you hit a snag. Is your key created correctly and in your ~/.ssh directory? Also, what is the permissions on your public private key pair in ~/.ssh/

localhost is fine as Vagrant should create a forward port 2222 to the VM running.

When you are on the VM from vagrant ssh, I see you showed trying to access the auth.log. There should be entries in there from your successful ssh session. Are you saying from your terminal output that there isn't any?

You could try adding debug to your vagrant ssh command to see what IP it is using.

wbhm commented 1 year ago

Can't connect via SSH bender@localhost: ssh -i ~/.ssh/dftd bender@localhost ssh: connect to host localhost port 22: Connection refused Confirmed SSH is up and running on PORT 22. Can't find anything on port 2222. (using apple-silicon Vagrantfile ala vagrant up --provider=parallels) Any suggestions?

wbhm commented 1 year ago

Got it 'working':

$: vagrant ssh-config Host default HostName VM IP ADDRESS User vagrant Port 22 UserKnownHostsFile /dev/null StrictHostKeyChecking no PasswordAuthentication no IdentityFile /Users/wbhm/.vagrant.d/insecure_private_key IdentitiesOnly yes LogLevel FATAL

$: ssh -i ~/.ssh/dftd -p 2222 bender@VM IP ADDRESS ssh: connect to host VM IP ADDRESS port 2222: Connection refused

$:ssh -i ~/.ssh/dftd bender@VM IP ADDRESS The authenticity of host 'VM IP ADDRESS (VM IP ADDRESS)' can't be established. ED25519 key fingerprint is SHA256: FINGERPRINT_REMOVED This key is not known by any other names Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added 'VM IP ADDRESS' (ED25519) to the list of known hosts. Enter passphrase for key '/Users/wbhm/.ssh/dftd': (bender@VM IP ADDRESS) Verification code: Welcome to Ubuntu 20.04.5 LTS (GNU/Linux 5.4.0-137-generic aarch64)

This system is built by the Bento project by Chef Software More information can be found at https://github.com/chef/bento

The programs included with the Ubuntu system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law.

bender@vagrant:~$

Any comment? Suggestions on updating the VM FingerPrint Vagrant PORT forwarding ??

bradleyd commented 1 year ago

By first glance, it seems that vagrant and parallels does not bind SSH port to 2222 outside the VM. I also have a silicon Mac and Parallels. Let me try it over the weekend and see.

bradleyd commented 1 year ago

OK, going through the exercise again it seems that vagrant and parallels does not use port 2222 as it does with VirtualBox by default. I will make a note in the README on this. Thanks for digging around :)

wbhm commented 1 year ago

You're welcome.

I'm curious - what's 'special' about the apple-silicon folder? I tried running Vagrant from a different location and am unable to bring any arm-64 box 'up'? Is there something unique in the .vagrant folder?

Jarmo2 commented 10 months ago

Hi @bradleyd Are you still planning to update the readme file? I am not getting yet what I need to change in the vagrant file to get it running with parallels on an M1. Thanks

bradleyd commented 10 months ago

@Jarmo2 I plan on doing it this weekend. Thanks for the reminder.

bradleyd commented 10 months ago

Readme is updated for apple silicon

Jarmo2 commented 9 months ago

Thanks a lot that. That helps me a lot.

storenth commented 3 months ago

@bradleyd btw, didn't get why we use virtualbox with all hacks but not docker for provider?

bradleyd commented 3 months ago

@storenth I wanted to show the differences for infrastructure as code. Vagrant launching a VM has a lot in common with using a tool like Terraform or CloudFormation. This was meant to give people, that are not familiar with Docker and still use VMs, a nice build up before introducing the concept IMO.