cloudfoundry / bosh-google-cpi-release

BOSH Google CPI
Apache License 2.0
63 stars 96 forks source link

sshgen #214

Closed phopper-pivotal closed 7 years ago

phopper-pivotal commented 7 years ago

can docs be updated to indicate for user to not set a passphrase when running

$ ssh-keygen -t rsa -f ~/.ssh/bosh -C bosh

otherwise this error occurs


  Creating VM for instance 'bosh/0' from stemcell 'stemcell-38b9970b-01a6-4ea0-60e4-8ab781375a4b'... Finished (00:00:53)
  Waiting for the agent on VM 'vm-b4cc23d5-9f2a-427c-76f9-0050fb2d395e' to be ready... Failed (00:00:00)
Failed deploying (00:00:53)

Stopping registry... Finished (00:00:00)
Cleaning up rendered CPI jobs... Finished (00:00:00)

Command 'deploy' failed:
  Deploying:
    Creating instance 'bosh/0':
      Waiting until instance is ready:
        Starting SSH tunnel:
          Parsing private key file '/home/phopper/.ssh/bosh':
            asn1: structure error: tags don't match (16 vs {class:3 tag:28 length:107 isCompound:false}) {optional:false explicit:false application:false defaultValue:<nil> tag:<nil> stringType:0 timeType:0 set:false omitEmpty:false} pkcs1PrivateKey @2```
dpb587-pivotal commented 7 years ago

Hi - can you be more specific about which docs you're referring to? The docs I see in the repo do call out that a password-less SSH key is needed (example).

phopper-pivotal commented 7 years ago

https://github.com/cloudfoundry-incubator/bosh-google-cpi-release/blob/master/docs/bosh/README.md

ok maybe change both links to be passphrase less. on sshkey-gen its a passphrase. with little sleep it does equate directly;

Enter passphrase (empty for no passphrase): Enter same passphrase again:

johnsonj commented 7 years ago

any idea on how to make a 1-liner that doesn't prompt for a password? it's problematic for sure

dpb587-pivotal commented 7 years ago

ssh-keygen accepts an empty -P (passphrase) option, so something like the following if you want to recommend it...

ssh-keygen -t rsa -P '' -C bosh -f ~/.ssh/bosh
evandbrown commented 7 years ago

I think -P is for the old passphrase. This should silence the whole thing: ssh-keygen -t rsa -f ~/.ssh/bosh -C bosh -q -N ""

I'll update the doc...

phopper-pivotal commented 7 years ago

thank you @evandbrown @dpb587-pivotal

destroyed 2 environments last night thinking wth

finally got smart with sleep and set as ""

dpb587-pivotal commented 7 years ago

Interesting - I've always used -P, but you're right, -N is more correct. Thanks for updating the docs.