search

jeanp413 / open-remote-ssh

VSCode Remote Development: Open any folder on a remote machine using SSH.
MIT License
269 stars 36 forks source link

Teleport proxy tunnel can not be established #151

Open C-Logemann opened 2 months ago

C-Logemann commented 2 months ago

I just started to test teleport. Installing a test cluster and connect a test vm was very easy. Direct ssh connections are working. And I also got the VS code official remote setup running via tsh tunnel as its documented here: https://goteleport.com/docs/server-access/guides/vscode/ Maybe the part where you can an need to deactivate "Use local server" is relevant.

The error console shows this error (anonymized):

[Info  - 22:52:46.266] Resolving ssh remote authority 'ssh-remote+sbridge.tptest.example.net' (attemp #1)
[Trace  - 22:52:46.282] Identity keys:
/Users/userexample/.tsh/keys/tptest.example.net/test@example.com ssh-rsa SHA256:sxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=
cl-ed@example.com ssh-ed25519 SHA256:wlxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=
[Trace  - 22:52:46.282] Spawning ProxyCommand: /usr/local/bin/tsh proxy ssh --cluster=tptest.example.net --proxy=tptest.example.net:443 example@sbridge.tptest.example.net:3022
[Error  - 22:52:46.563] Error resolving authority
Error: Handshake failed: no matching host key format
    at u (/Users/userexample/.vscode-oss/extensions/jeanp413.open-remote-ssh-0.0.45-universal/out/extension.js:1:370645)
    at doFatalError (/Users/userexample/.vscode-oss/extensions/jeanp413.open-remote-ssh-0.0.45-universal/out/extension.js:1:371272)
    at Q (/Users/userexample/.vscode-oss/extensions/jeanp413.open-remote-ssh-0.0.45-universal/out/extension.js:1:324638)
    at e.exports.j (/Users/userexample/.vscode-oss/extensions/jeanp413.open-remote-ssh-0.0.45-universal/out/extension.js:1:345317)
    at NullDecipher.decrypt (/Users/userexample/.vscode-oss/extensions/jeanp413.open-remote-ssh-0.0.45-universal/out/extension.js:1:284256)
    at e.exports.F [as _parse] (/Users/userexample/.vscode-oss/extensions/jeanp413.open-remote-ssh-0.0.45-universal/out/extension.js:1:177925)
    at e.exports.parse (/Users/userexample/.vscode-oss/extensions/jeanp413.open-remote-ssh-0.0.45-universal/out/extension.js:1:182312)
    at Duplexify.<anonymous> (/Users/userexample/.vscode-oss/extensions/jeanp413.open-remote-ssh-0.0.45-universal/out/extension.js:1:154578)
    at Duplexify.emit (node:events:517:28)
    at Duplexify.emit (node:domain:489:12)
    at addChunk (node:internal/streams/readable:335:12)
    at readableAddChunk (node:internal/streams/readable:308:9)
    at Readable.push (node:internal/streams/readable:245:10)
    at d._read (node:internal/streams/duplexify:348:16)
    at Socket.<anonymous> (node:internal/streams/duplexify:331:9)
    at Socket.emit (node:events:517:28)
    at Socket.emit (node:domain:489:12)
    at emitReadable_ (node:internal/streams/readable:601:12)
    at process.processTicksAndRejections (node:internal/process/task_queues:81:21)

(Edit: Replaced error code of a wrong proxy command based on error in a test situation with a working variant in context of direct ssh and vscode with microsoft remote plugin as described above)

C-Logemann commented 2 months ago

I forgot to mention that this is on MacOS 14.5.

Crystal-RainSlide commented 1 month ago

From the offical ssh config generated with tsh config, Teleport uses those host key algorithms:

HostKeyAlgorithms rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com

Which are certificate authentications. But ssh2 don't support that: https://github.com/mscdex/ssh2/issues/551

VS code official remote is not suffering from this, just because they don't use ssh2 at all.