dmacvicar / terraform-provider-libvirt

Terraform provider to provision infrastructure with Linux's KVM using libvirt
Apache License 2.0
1.6k stars 458 forks source link

no check for id_ed25519 ssh key (only id_rsa is checked) #1108

Open korncola opened 1 month ago

korncola commented 1 month ago

Linux distribution

Arch Linux

Terraform version

1.9.7

Provider and libvirt versions

provider: 0.8.0

Description of Issue/Question

module only checks for id_rsa ssh key, not for other types like the recommend state of the art key typeid_ed25519

Steps to Reproduce Issue

memetb commented 1 month ago

@korncola can you confirm that the latest release v0.8.1 in PR #1112 solves your problem.

mhtr commented 1 month ago

@memetb hi I have the same issue on Debian 12 with v.0.8.1 provider version.

2024-10-24T09:08:15.008Z [INFO]  provider.terraform-provider-libvirt_v0.8.1: 2024/10/24 09:08:15 [DEBUG] Reading ssh key '/home/username/.ssh/id_rsa': timestamp=2024-10-24T09:08:15.008Z
2024-10-24T09:08:15.008Z [INFO]  provider.terraform-provider-libvirt_v0.8.1: 2024/10/24 09:08:15 [INFO] SSH connecting to '<libvirt_host_ip>' (<libvirt_host_ip>): timestamp=2024-10-24T09:08:15.008Z
2024-10-24T09:08:15.050Z [ERROR] provider.terraform-provider-libvirt_v0.8.1: Response contains error diagnostic: @caller=/home/username/go/pkg/mod/github.com/hashicorp/terraform-plugin-go@v0.24.0/tfprotov5/internal/diag/diagnostics.go:58 @module=sdk.proto tf_proto_version=5.6 tf_provider_addr=provider tf_req_id=01fb2630-12dc-657a-23a6-7767d8f7e822 tf_rpc=Configure diagnostic_detail="" diagnostic_severity=ERROR diagnostic_summary="failed to connect: failed to connect to remote host '<libvirt_host_ip>': ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain" timestamp=2024-10-24T09:08:15.050Z
2024-10-24T09:08:15.051Z [ERROR] vertex "provider[\"terraform.local/local/libvirt\"]" error: failed to connect: failed to connect to remote host '<libvirt_host_ip>': ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
2024-10-24T09:08:15.052Z [WARN]  Planning encountered errors, so plan is not applyable
2024-10-24T09:08:15.052Z [INFO]  backend/local: plan operation completed

Planning failed. Terraform encountered an error while generating this plan.

╷
│ Error: failed to connect: failed to connect to remote host '<libvirt_host_ip>': ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
│ 
mhtr commented 1 month ago

it seems the problem occurs when you do not specify the user in the uri line if you specify the user like this

provider "libvirt" {
    uri = "qemu+ssh://username@<ip>/system"
}

then the connection is via ssh

memetb commented 1 month ago

@mhtr the error message is stating the problem:

ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

This means that it failed to authenticate. If you are seeing that setting the username in the query string works, then either set it in your ~/.ssh/config as per man page (using User attribute), or specify it in the query string as part of your TF plan.