Open ponchofiesta opened 4 years ago
When using password auth, it works. Can't imagine how PKI card auth breaks the process.
When it's in this state, can you check whether there is a second terminal window waiting for your key? Or if you click "details" in the progress notification, does it appear?
Also can you tell me whether this is the verbatim prompt you got or whether you modified it
Enter PIN for 'XXX PKI Card (Card PIN)':
because I want to parse that so it will pop up a nice login prompt like it should be doing for your password
It's the prompt from OpenSSH: https://github.com/openssh/openssh-portable/blob/049297de975b92adcc2db77e3fb7046c0e3c695d/ssh-pkcs11.c#L263
For other terminals I have to check later today. But I think there was nothing else. I tried several times and opened different tabs.
I just tested scp command to verify it's working. And it does:
λ c:\users\XXX\bin\scp index.html vm:
Enter PIN for 'XXX PKI Card (Card PIN)':
index.html 100% 15KB 4.9MB/s 00:00
I notced that there is another OpenSSH instance installed from WIndows (C:\windows\system32\openssh). It's in %PATH% and if I use ssh
or scp
it would be used and will fail as it doesn't support PKCS11Provider
. Not sure if this might cause problems(?):
λ scp index.html vm:
C:\\Users\\XXX/.ssh/config line 9: Unsupported option "pkcs11provider"
C:\\Users\\XXX/.ssh/config line 27: Unsupported option "pkcs11provider"
XXX@127.0.0.1: Permission denied (publickey,password).
lost connection
Also if I use password auth, it works (as I told above) and if the vscode server is installed this way, I can use it with PKI card auth too. Thus only the install process of vscode server fails.
And to answer your question: There is no new terminal window anywhere.
Can you share the full log from the Remote-SSH output channel? We should be finding scp next to your downloaded ssh.exe but I wonder if we are finding the wrong one.
[12:47:20.812] Log Level: 2
[12:47:20.812] remote-ssh@0.51.0
[12:47:20.812] win32 x64
[12:47:20.813] SSH Resolver called for "ssh-remote+ubuntu-vm", attempt 1
[12:47:20.813] SSH Resolver called for host: ubuntu-vm
[12:47:20.814] Setting up SSH remote "ubuntu-vm"
[12:47:20.819] Using commit id "91899dcef7b8110878ea59626991a18c8a6a1b3e" and quality "stable" for server
[12:47:20.819] Install and start server if needed
[12:47:20.822] Checking ssh with "C:\Users\XXX\bin\ssh.exe -V"
[12:47:20.880] > OpenSSH_for_Windows_8.1p1, LibreSSL 2.9.2
[12:47:20.881] Running script with connection command: "C:\Users\XXX\bin\ssh.exe" -T -D 49662 ubuntu-vm bash
[12:47:20.883] Terminal shell path: C:\WINDOWS\System32\cmd.exe
[12:47:21.029] >
[12:47:21.030] Got some output, clearing connection timeout
[12:47:42.811] > Enter PIN for 'XXX PKI Card (Card PIN)':
[12:47:46.058] >
>
[12:47:46.975] > 9dfdb74a2081: running
>
[12:47:47.006] > Acquiring lock on /home/XXX/.vscode-server/bin/91899dcef7b8110878ea59626991a18c8a6a1b3e/vscode-remote-lock.XXX.91899dcef7b811
> 0878ea59626991a18c8a6a1b3e
> \ln /home/XXX/.vscode-server/bin/91899dcef7b8110878ea59626991a18c8a6a1b3e/vscode-remote-lock.XXX.91899dcef7b8110878ea59626991
> a18c8a6a1b3e.target /home/XXX/.vscode-server/bin/91899dcef7b8110878ea59626991a18c8a6a1b3e/vscode-remote-lock.XXX.91899dcef7b8
> 110878ea59626991a18c8a6a1b3e
> Installing to /home/XXX/.vscode-server/bin/91899dcef7b8110878ea59626991a18c8a6a1b3e...
> 9dfdb74a2081%%1%%
> Downloading with wget
>
[12:47:47.163] > wget download failed
> wget: unable to resolve host address ‘update.code.visualstudio.com’
> SHELL=/bin/bash
> LC_ADDRESS=de_DE.UTF-8
> LC_NAME=de_DE.UTF-8
> LC_MONETARY=de_DE.UTF-8
> PWD=/home/XXX/.vscode-server/bin/91899dcef7b8110878ea59626991a18c8a6a1b3e
> LOGNAME=XXX
> XDG_SESSION_TYPE=tty
> MOTD_SHOWN=pam
> HOME=/home/XXX
> LANG=en_US.UTF-8
> LC_PAPER=de_DE.UTF-8
> VSCODE_AGENT_FOLDER=/home/XXX/.vscode-server
> SSH_CONNECTION=10.0.2.2 49663 10.0.2.15 22
> XDG_SESSION_CLASS=user
> LC_IDENTIFICATION=de_DE.UTF-8
> USER=XXX
> SHLVL=1
> LC_TELEPHONE=de_DE.UTF-8
> LC_MEASUREMENT=de_DE.UTF-8
> XDG_SESSION_ID=15
> XDG_RUNTIME_DIR=/run/user/1000
> SSH_CLIENT=10.0.2.2 49663 22
> LC_TIME=de_DE.UTF-8
> PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
> DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
> LC_NUMERIC=de_DE.UTF-8
> _=/usr/bin/printenv
> OLDPWD=/home/XXX
> Trigger client server download
[12:47:47.246] >
> 9dfdb74a2081:trigger_server_download
> platform==linux==
> vscodeArch==x64==
> destFolder==/home/XXX/.vscode-server/bin/91899dcef7b8110878ea59626991a18c8a6a1b3e==
> 9dfdb74a2081:trigger_server_download_end
> Waiting for client to transfer server archive...
> Waiting for /home/XXX/.vscode-server/bin/91899dcef7b8110878ea59626991a18c8a6a1b3e/vscode-scp-done.flag and vscode-server.tar.gz t
> o exist
>
[12:47:47.246] Got request to download on client for {"platform":"linux","arch":"x64","destFolder":"/home/XXX/.vscode-server/bin/91899dcef7b8110878ea59626991a18c8a6a1b3e"}
[12:47:47.246] Downloading VS Code server locally...
[12:47:48.378] Downloaded VS Code server to c:\Users\XXX\AppData\Local\Temp\210a7834-34c5-40c9-94f5-c2c26a574ac2
[12:47:48.380] Renamed VS Code server to c:\Users\XXX\AppData\Local\Temp\vscode_server_1596624468378\vscode-server.tar.gz
[12:47:48.383] Checking ssh with "C:\Users\XXX\bin\ssh.exe -V"
[12:47:48.435] > OpenSSH_for_Windows_8.1p1, LibreSSL 2.9.2
[12:47:48.436] Expecting scp to be next to ssh at C:\Users\XXX\bin\scp.exe
[12:47:48.436] Testing scp with "C:\Users\XXX\bin\scp.exe"
[12:47:48.493] scp exited with code: 1
[12:47:48.493] Got stderr from scp: usage: scp [-346BCpqrTv] [-c cipher] [-F ssh_config] [-i identity_file]
[-J destination] [-l limit] [-o ssh_option] [-P port]
[-S program] source ... target
[12:47:48.494] Copying file to remote with "C:\Users\XXX\bin\scp.exe" vscode-server.tar.gz vscode-scp-done.flag ubuntu-vm:/home/XXX/.vscode-server/bin/91899dcef7b8110878ea59626991a18c8a6a1b3e
[12:47:48.494] Using cwd: file:///c%3A/Users/XXX/AppData/Local/Temp/vscode_server_1596624468378
[12:47:48.494] Terminal shell path: C:\WINDOWS\System32\cmd.exe
[12:47:48.622] >
[12:47:50.166] >
[12:47:53.170] >
[12:47:56.170] >
[12:47:59.169] >
[12:48:02.170] >
[12:48:05.197] >
[12:48:08.198] >
[12:48:10.401] > Enter PIN for 'XXX PKI Card (Card PIN)':
[12:48:11.228] >
[12:48:14.223] >
[12:48:17.232] >
It looks like scp
is asking for the PIN but I have no way to enter it. If I type blindly into terminal nothing happens.
The first issue is:
wget: unable to resolve host address ‘update.code.visualstudio.com’
the remote can't download the server. But I see why scp is not showing the prompt in the terminal.
"remote.SSH.showLoginTerminal": true
should force it to appear. Setting "remote.SSH.useLocalServer": true
should use a different route that might work for you (or might cause other issues on windows)
but I will fix it
wget fails because this server is running in an internal network without internet access.
Setting both options worked. Thanks!
I also got the same issue, It is very likely that you used the type of key that PowerShell's favor of OpenSSH didn't support. I'm still waiting for https://github.com/PowerShell/openssh-portable/pull/537 to release
I think the core issue here was just to recognize the PIN prompt Enter PIN for 'XXX PKI Card (Card PIN)':
as one of our recognized password formats.
We don't use the smarter SSH_AUTH_SOCK form of getting auth prompts for scp
, even when useLocalServer=true
Steps to Reproduce:
The console prints:
The process runs into an infinite loop of checking if vscode-scp-done.flag exists, prints " ", sleeps for 3s and continues.