search

hetznercloud / packer-plugin-hcloud

Packer plugin for Hetzner Cloud Builder
https://developer.hashicorp.com/packer/integrations/hetznercloud/hcloud
Mozilla Public License 2.0
22 stars 21 forks source link

userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth] #43

Closed devurandom closed 1 year ago

devurandom commented 2 years ago

Overview of the Issue

Packer with the Hetzner Cloud plugin is unable to connect to the server via SSH.

Reproduction Steps

env PACKER_LOG=1 packer build -debug .

Plugin and Packer version

v1.7.10

Simplified Packer Buildfile

packer {
  required_plugins {
    digitalocean = {
      version = ">= 1.0.0"
      source  = "github.com/hashicorp/hcloud"
    }
  }
}

source "hcloud" "TEST" {
  image         = "centos-stream-9"
  location      = "fsn1"
  server_type   = "cpx21"
  ssh_username  = "root"
  snapshot_name = "TEST"
}

build {
  name = "TEST"
  sources = [
    "source.hcloud.TEST"
  ]
  provisioner "file" {
    source = "some.service"
    destination = "/tmp/some.service"
  }
  provisioner "shell" {
    script = "build.sh"
  }
}

Operating system and Environment details

Gentoo/Linux, Linux 5.18.12, x86-64

Log Fragments and crash.log files

[...] packer-builder-hcloud plugin: [INFO] Attempting SSH connection to [...]:22...
[...] packer-builder-hcloud plugin: [DEBUG] reconnecting to TCP connection for SSH
[...] packer-builder-hcloud plugin: [DEBUG] handshaking with SSH
[...] packer-builder-hcloud plugin: [DEBUG] SSH handshake err: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
[...] packer-builder-hcloud plugin: [DEBUG] Detected authentication error. Increasing handshake attempts.
==> minecraft.hcloud.TEST: Error waiting for SSH: Packer experienced an authentication error when trying to connect via SSH. This can happen if your username/password are wrong. You may want to double-check your credentials as part of your debugging process. original error: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]
devurandom commented 2 years ago

When I change the source to:

source "hcloud" "TEST" {
  image         = "centos-stream-9"
  location      = "fsn1"
  server_type   = "cpx21"
  snapshot_name = "TEST"
  ssh_username  = "root"
  temporary_key_pair_type = "ed25519"
}

then in stepCreateSSHKey packer says "Saving key for debug purposes: ssh_key_TEST.pem", but:

❯ head -n1 ssh_key_TEST.pem
-----BEGIN RSA PRIVATE KEY-----

Also, using invalid values for temporary_key_pair_type does not cause an error. When I misspell temporary_key_pair_type itself, I get an error though.

It appears that the hcloud Packer plugin does the creation of the SSH key itself and that is not something done by the SDK. Does https://github.com/hashicorp/packer-plugin-hcloud/blob/main/builder/hcloud/step_create_sshkey.go have to be adjusted to support ed25519 keys and the temporary_key_pair_type option?

marco-m commented 1 year ago

Hello @devurandom, could you please confirm wether version 1.0.5 fixes this issue? See PR #39. FYI @nywilken

garry-t commented 1 year ago

Hello @devurandom, could you please confirm wether version 1.0.5 fixes this issue? See PR #39. FYI @nywilken

I can confirm. fixed in 1.0.5

nywilken commented 1 year ago

Thank you for confirming @garry-t