tsh login fails from MobaXterm terminal

[Joerger]

Expected behavior:

Successfully tsh login in MobaXterm terminal.

Current behavior:

Request fails with underlying reader is not a terminal error.

Workaround:

Instead, you have to login with Command Prompt or another terminal. Then you can use MobaXterm for other tsh commands.

This method requires that your Command Prompt and MobaXterm terminals both have access to ~/.tsh, either by sharing a home directory or setting $TELEPORT_HOME.

Bug details:

• Teleport version - v11.0.0-dev
• Recreation steps
  1. tsh login from MobaXterm terminal
• Debug logs

> ./tsh-unsigned.exe -d login --user=bjoerger --proxy=proxy.example.com
DEBU [KEYSTORE]  Returning Teleport TLS certificate "C:\\Users\\IEUser\\.tsh\\keys\\proxy.example.com\\dev-x509.pem" valid until "2022-06-22 00:33:39 +0000 UTC". client\keystore.go:306
DEBU [KEYSTORE]  Reading certificates from path "C:\\Users\\IEUser\\.tsh\\keys\\proxy.example.com\\dev-ssh\\example.com-cert.pub". client\keystore.go:329
INFO [CLIENT]    no host login given. defaulting to IEUser client\api.go:1404
ERRO [CLIENT]    [KEY AGENT] Unable to connect to SSH agent on socket: "/tmp/ssh-y1jzg8/agent.1299". client\api.go:3933
ERRO [KEYSTORE]  open C:\Users\IEUser\.tsh\keys\proxy.example.com\bjoerger: The system cannot find the file specified. client\keystore.go:268
DEBU [TSH]       open C:\Users\IEUser\.tsh\keys\proxy.example.com\bjoerger: The system cannot find the file specified. tsh\tsh.go:2951
DEBU [CLIENT]    not using loopback pool for remote proxy addr: proxy.example.com:3080 client\api.go:3892
DEBU             Attempting GET proxy.example.com:3080/webapi/ping webclient\webclient.go:115
Enter password for Teleport user bjoerger:

ERROR REPORT:
Original Error: *errors.errorString underlying reader is not a terminal
Stack Trace:
        /go/src/github.com/gravitational/teleport/lib/utils/prompt/confirmation.go:107 github.com/gravitational/teleport/lib/utils/prompt.Password
        /go/src/github.com/gravitational/teleport/lib/client/api.go:3968 github.com/gravitational/teleport/lib/client.(*TeleportClient).AskPassword
        /go/src/github.com/gravitational/teleport/lib/client/api.go:3352 github.com/gravitational/teleport/lib/client.(*TeleportClient).directLogin
        /go/src/github.com/gravitational/teleport/lib/client/api.go:3334 github.com/gravitational/teleport/lib/client.(*TeleportClient).localLogin
        /go/src/github.com/gravitational/teleport/lib/client/api.go:3202 github.com/gravitational/teleport/lib/client.(*TeleportClient).Login
        /go/src/github.com/gravitational/teleport/tool/tsh/tsh.go:1310 main.onLogin
        /go/src/github.com/gravitational/teleport/tool/tsh/tsh.go:869 main.Run
        /go/src/github.com/gravitational/teleport/tool/tsh/tsh.go:396 main.main
        /opt/go/src/runtime/proc.go:250 runtime.main
        /opt/go/src/runtime/asm_amd64.s:1571 runtime.goexit
User Message: failed reading prompt response
        underlying reader is not a terminal

[BrianGrug]

I'm getting this on macOS 13.1, using tsh version 11.2.3. Using tsh ssh works fine, but using ssh does not

[ConorDaly-met]

I see this also on Rocky Linux 8 with teleport 10.1.4. Command:

tsh login --proxy=my.proxy.net --user=myuser

works from a terminal but errors when called from a bash script.

tsh login --proxy=my.proxy.net --user=myuser
Welcome to SERVER. All activity will be logged.
Press [ENTER] to continue.
ERROR: underlying reader is not a terminal

This effect is seen where tsh is expecting to read input from a yubikey.
If the remote proxy triggers a URL-based auth, the process works fine.

tsh login --proxy=other.proxy.int --user=otheruser
If browser window does not open automatically, open it by clicking on the link:
 http://127.0.0.1:39159/3a026c04-6b6d-441e-b03b-a9facfeb4e6d

[shreychen]

+1

[philip-teleport]

MobaXterm Version 23.2 (2023-06-25) resolves this issue.

• Improvement: improved compatibility of the terminal with the “tsh” Teleport client