VSCode Could not establish connection

rowandempster commented 2 years ago

Description

What happened:

Following the https://goteleport.com/docs/server-access/guides/vscode/ guide results in Could not establish connection from VSCode. Note that ssh is working fine, meaning I can follow Step 1 of the guide, and do ssh alice@node000.foo.example.com.

What you expected to happen:

A connection is successfully established and I am able to use the VSCode Remote - SSH extension. Note that I am able to use the VSCode Remote - SSH extension successfully with my own bastion I set up. But when I use the teleport proxy the connection fails, see the connection log below.

Reproduction Steps

Follow https://goteleport.com/docs/server-access/guides/vscode/

Server Details

Teleport version (run teleport version): Teleport v7.3.2 git:v7.3.2-0-gaa361fbc1 go1.16.2

Server OS (e.g. from /etc/os-release):

NAME="Ubuntu"
VERSION="20.04.2 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 20.04.2 LTS"
VERSION_ID="20.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal

Where are you running Teleport? (e.g. AWS, GCP, Dedicated Hardware): My own dedicated hardware. Specifically, a VM managed by Proxmox.
Additional details:

Client Details

Tsh version (tsh version): Teleport v8.0.7 git:v8.0.7-0-geb8076446 go1.17.3
Computer OS (e.g. Linux, macOS, Windows): macOS
Browser version (for UI-related issues): N/A

Installed via (e.g. apt, yum, brew, website download): https://goteleport.com/docs/installation/#macos

curl -O https://get.gravitational.com/teleport-8.0.7.pkg
sudo installer -pkg teleport-8.0.7.pkg -target / # Installs on Macintosh HD

Additional details:

Debug Logs

Please let me know if you require this information to debug.

Start Teleport with --debug flag (teleport --debug)
Run tsh with --debug flag (tsh --debug)

VSCode Connection Logs

[14:14:38.544] Log Level: 2
[14:14:38.546] remote-ssh@0.70.0
[14:14:38.546] darwin x64
[14:14:38.547] SSH Resolver called for "ssh-remote+thor-ubuntu1.watonomous.teleport.sh", attempt 1
[14:14:38.548] "remote.SSH.useLocalServer": true
[14:14:38.548] "remote.SSH.path": undefined
[14:14:38.548] "remote.SSH.configFile": undefined
[14:14:38.548] "remote.SSH.useFlock": true
[14:14:38.548] "remote.SSH.lockfilesInTmp": false
[14:14:38.548] "remote.SSH.localServerDownload": auto
[14:14:38.548] "remote.SSH.remoteServerListenOnSocket": false
[14:14:38.549] "remote.SSH.showLoginTerminal": false
[14:14:38.549] "remote.SSH.defaultExtensions": []
[14:14:38.549] "remote.SSH.loglevel": 2
[14:14:38.549] "remote.SSH.serverPickPortsFromRange": {}
[14:14:38.549] "remote.SSH.enableDynamicForwarding": true
[14:14:38.549] "remote.SSH.serverInstallPath": {}
[14:14:38.550] SSH Resolver called for host: thor-ubuntu1.watonomous.teleport.sh
[14:14:38.550] Setting up SSH remote "thor-ubuntu1.watonomous.teleport.sh"
[14:14:38.553] Acquiring local install lock: /var/folders/4b/83glk2q93l35f6b9p490m_cc0000gn/T/vscode-remote-ssh-78e07487-install.lock
[14:14:38.564] Looking for existing server data file at /Users/rowandempster/Library/Application Support/Code/User/globalStorage/ms-vscode-remote.remote-ssh/vscode-ssh-host-78e07487-899d46d82c4c95423fb7e10e68eba52050e30ba3-0.70.0/data.json
[14:14:38.565] Using commit id "899d46d82c4c95423fb7e10e68eba52050e30ba3" and quality "stable" for server
[14:14:38.567] Install and start server if needed
[14:14:38.574] PATH: /Users/rowandempster/miniconda3/bin:/Users/rowandempster/miniconda3/condabin:/Users/rowandempster/.nvm/versions/node/v17.3.0/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Applications/Racket v6.2.1/bin:/Library/TeX/texbin:/usr/local/go/bin:/opt/X11/bin:/Users/rowandempster/Desktop/android-ndk.bin:/Users/rowandempster/android-ndk-r10e
[14:14:38.574] Checking ssh with "ssh -V"
[14:14:38.583] > OpenSSH_8.1p1, LibreSSL 2.7.3

[14:14:38.589] askpass server listening on /var/folders/4b/83glk2q93l35f6b9p490m_cc0000gn/T/vscode-ssh-askpass-f6fc735ca9deacb8a67bfb812b05ca6387647309.sock
[14:14:38.590] Spawning local server with {"serverId":1,"ipcHandlePath":"/var/folders/4b/83glk2q93l35f6b9p490m_cc0000gn/T/vscode-ssh-askpass-a9a0dbba1d2d6416029795406ab45260f91d0bdf.sock","sshCommand":"ssh","sshArgs":["-v","-T","-D","57315","-o","ConnectTimeout=60","thor-ubuntu1.watonomous.teleport.sh"],"dataFilePath":"/Users/rowandempster/Library/Application Support/Code/User/globalStorage/ms-vscode-remote.remote-ssh/vscode-ssh-host-78e07487-899d46d82c4c95423fb7e10e68eba52050e30ba3-0.70.0/data.json"}
[14:14:38.590] Local server env: {"DISPLAY":"/private/tmp/com.apple.launchd.HvipTTl7dB/org.macosforge.xquartz:0","ELECTRON_RUN_AS_NODE":"1","SSH_ASKPASS":"/Users/rowandempster/.vscode/extensions/ms-vscode-remote.remote-ssh-0.70.0/out/local-server/askpass.sh","VSCODE_SSH_ASKPASS_NODE":"/Applications/Visual Studio Code.app/Contents/MacOS/Electron","VSCODE_SSH_ASKPASS_EXTRA_ARGS":"--ms-enable-electron-run-as-node","VSCODE_SSH_ASKPASS_MAIN":"/Users/rowandempster/.vscode/extensions/ms-vscode-remote.remote-ssh-0.70.0/out/askpass-main.js","VSCODE_SSH_ASKPASS_HANDLE":"/var/folders/4b/83glk2q93l35f6b9p490m_cc0000gn/T/vscode-ssh-askpass-f6fc735ca9deacb8a67bfb812b05ca6387647309.sock"}
[14:14:38.591] Spawned 73547
[14:14:38.726] > local-server-1> Spawned ssh, pid=73552
[14:14:38.732] stderr> OpenSSH_8.1p1, LibreSSL 2.7.3
[14:14:41.230] stderr> Authenticated to thor-ubuntu1.watonomous.teleport.sh (via proxy).
[14:14:41.738] > echo 'ready: 2900721cffe6'
[14:14:41.797] > rowan@thor-ubuntu1:~$ echo 'ready: 2900721cffe6'
> ready: 2900721cffe6
> rowan@thor-ubuntu1:~$ 
[14:14:41.942] > uname -rsv
[14:14:41.945] > Linux 5.4.0-91-generic #102-Ubuntu SMP Fri Nov 5 16:31:28 UTC 2021
[14:14:41.945] Platform: linux
[14:14:41.946] > rowan@thor-ubuntu1:~$ 
[14:14:42.151] > bash
> libc 
[14:14:42.174] > rowan@thor-ubuntu1:~$ function mainScriptWrapper {
> >  
> > echo "2900721cffe6: running"
> > 
> v> #
> > # Setup
> > #
> > VSC_TMP="${XDG_RUNTIME_DIR:-`echo /tmp`}"
> ibc == 0 || > COMMIT_ID="899d46d82c4c95423fb7e10e68eba52050e30ba3"
> > EXTENSIONS=""
> > TELEMETRY=""
> nst> 
[14:14:42.175] > export VSCODE_AGENT_FOLDER=$HOME/.vscode-server
> 99
> CLEANUP_LOCKFD=98
> 
> 
>   u> ALLOW_CLIENT_DOWNLOAD="1"
> > FORCE_CLIENT_DOWNLOAD="0"
> > now=`date +%s`
> > 
>   > PORT_FLAG=--port=0
> > 
> > SERVER_LISTEN_FLAG=
> 09 Przemyslaw Pawelcz> UNPACK_RESULT=
> > DID_LOCAL_DOWNLOAD=0
> il.com>
>   ## This scri> DOWNLOAD_TIME=
> pt is licensed > INSTALL_TIME=
> > EXT_INSTALL_TIME=
>  licen> SERVER_START_TIME=
> > 
[14:14:42.180] > CONNECTION_TOKEN=
> ens> 
> > VSCH_DIR="$VSCODE_AGENT_FOLDER/bin/$COMMIT_ID"
>   > VSCH_LOGFILE="$VSCODE_AGENT_FOLDER/.$COMMIT_ID.log"
> [ $> VSCH_PIDFILE="$VSCODE_AGENT_FOLDER/.$COMMIT_ID.pid"
> > VSCH_TOKENFILE="$VSCODE_AGENT_FOLDER/.$COMMIT_ID.token"
> ER/bin/> 
> > fail_with_exitcode() {
> fi
> > 
[14:14:42.224] > echo "2900721cffe6: start"
> > 
[14:14:42.240] > echo "exitCode==$1=="
> > 
[14:14:42.258] > echo_common_results
> > 
[14:14:42.274] > echo "2900721cffe6: end"
> $use_flock == "1" ]]; the> 
[14:14:42.274] Received install output: "
> echo "exitCode==$1=="
> echo_common_results
> echo "
[14:14:42.275] Failed to parse remote port from server output
[14:14:42.275] Terminating local server
[14:14:42.276] Resolver error: Error: 
    at Function.Create (/Users/rowandempster/.vscode/extensions/ms-vscode-remote.remote-ssh-0.70.0/out/extension.js:1:430425)
    at Object.t.handleInstallOutput (/Users/rowandempster/.vscode/extensions/ms-vscode-remote.remote-ssh-0.70.0/out/extension.js:1:429068)
    at Object.e [as tryInstallWithLocalServer] (/Users/rowandempster/.vscode/extensions/ms-vscode-remote.remote-ssh-0.70.0/out/extension.js:1:469079)
    at processTicksAndRejections (internal/process/task_queues.js:93:5)
    at async /Users/rowandempster/.vscode/extensions/ms-vscode-remote.remote-ssh-0.70.0/out/extension.js:1:486771
    at async Object.t.withShowDetailsEvent (/Users/rowandempster/.vscode/extensions/ms-vscode-remote.remote-ssh-0.70.0/out/extension.js:1:490561)
    at async /Users/rowandempster/.vscode/extensions/ms-vscode-remote.remote-ssh-0.70.0/out/extension.js:1:467603
    at async E (/Users/rowandempster/.vscode/extensions/ms-vscode-remote.remote-ssh-0.70.0/out/extension.js:1:464111)
    at async Object.t.resolveWithLocalServer (/Users/rowandempster/.vscode/extensions/ms-vscode-remote.remote-ssh-0.70.0/out/extension.js:1:467218)
    at async Object.t.resolve (/Users/rowandempster/.vscode/extensions/ms-vscode-remote.remote-ssh-0.70.0/out/extension.js:1:488171)
    at async /Users/rowandempster/.vscode/extensions/ms-vscode-remote.remote-ssh-0.70.0/out/extension.js:1:564197
[14:14:42.281] Local server exit: 15
[14:14:42.285] ------

rowandempster commented 2 years ago

Resolved with https://github.com/microsoft/vscode-remote-release/issues/6101 :

seemed to get it working with useLocalServer: false just once, and it now works without that setting.

Leaving this ticket open to address the issue which cause the need for useLocalServer: false, or please update the documentation on https://goteleport.com/docs/server-access/guides/vscode/ to include this requirement.

jakule commented 2 years ago

What needs to be fixed:

VSCode uses ssh command similar to this: ssh -v -T -D 58596 -o ConnectTimeout=15 node.example.com. Currently, Teleport doesn't support -T switch causing VSCode to fail. -D flags seem to be supported in tsh, but not when using ssh. Lastly, ssh key forwarding is not implemented in Teleport ssh -A. This feature is not needed to get the basic VSCode functionality, but VSCode also uses it in some cases.

gravitational / teleport