search

gravitational / teleport

The easiest, and most secure way to access and protect all of your infrastructure.
https://goteleport.com
GNU Affero General Public License v3.0
17.6k stars 1.76k forks source link

repeated errors on ssh attempts #45256

Closed stevenGravy closed 1 month ago

stevenGravy commented 3 months ago

Expected behavior:

The error messages wouldn't repeat.

Current behavior:

In the CLI or web ui you get the same error messages repeated when a SSH connection isn't available.

disconnected
Teleport proxy failed to connect to "node" agent "@local-node" over reverse tunnel:

  no tunnel connection found: no node reverse tunnel for 44444-b3ce-4efb-444-a77130b076f5.example.teleport.sh found, error dialing peer proxies [44444-a1b1-449b-4444-ca54d4552c6e 7ed20621-d038-4c90-8948-28fddbfaf06b]: error receiving dial response: Teleport proxy failed to connect to "node" agent "@local-node" over reverse tunnel:

  no tunnel connection found: no node reverse tunnel for 4444-4444-4efb-a6ad-a77130b076f5.example.teleport.sh found

This usually means that the agent is offline or has disconnected. Check the
agent logs and, if the issue persists, try restarting it or re-registering it
with the cluster., error receiving dial response: Teleport proxy failed to connect to "node" agent "@local-node" over reverse tunnel:

  no tunnel connection found: no node reverse tunnel for 4444-b3ce-4efb-444-a77130b076f5.example.teleport.sh found

This usually means that the agent is offline or has disconnected. Check the
agent logs and, if the issue persists, try restarting it or re-registering it
with the cluster.

This usually means that the agent is offline or has disconnected. Check the
agent logs and, if the issue persists, try restarting it or re-registering it
with the cluster.

Bug details:

rosstimothy commented 3 months ago

Related to https://github.com/gravitational/teleport/issues/31517

zmb3 commented 1 month ago

@rosstimothy is this fixed?

rosstimothy commented 1 month ago

I closed https://github.com/gravitational/teleport/issues/31517 because I was never able to reproduce. @stevenGravy if you have a reliable way to reproduce this can you please share it so we can investigate?

stevenGravy commented 1 month ago

I closed #31517 because I was never able to reproduce. @stevenGravy if you have a reliable way to reproduce this can you please share it so we can investigate?

Yes, it's happening with a cloud instance that's on 16.4.2 with a Teleport SSH service on 16.4.2. Same behavior. I started the SSH service connected to the cloud. Stopped it. Attempted to connect and you get the double errors.

rosstimothy commented 1 month ago

The source of the duplicate message seems to stem from Proxy Peering. I've been able to repro and should be able to clean up some of the duplicate information being presented.

rosstimothy commented 1 month ago

As suspected, we are combining errors from attempting to connect to the host directly via a reverse tunnel, and via a peers reverse tunnel: https://github.com/gravitational/teleport/blob/master/lib/reversetunnel/localsite.go#L613.