Cannot connect to the tmate session with ssh

[suvayu]

When my workflow gets to this action, it runs and I get continuous stream of SSH connection messages like this (same as #163):

SSH: ssh CNJjg6kaYJkzCJ7NBGQqygBLZ@sfo2.tmate.io
or: ssh -i <path-to-private-SSH-key> CNJjg6kaYJkzCJ7NBGQqygBLZ@sfo2.tmate.io
SSH: ssh CNJjg6kaYJkzCJ7NBGQqygBLZ@sfo2.tmate.io
or: ssh -i <path-to-private-SSH-key> CNJjg6kaYJkzCJ7NBGQqygBLZ@sfo2.tmate.io

I'm doing this on a minimal test workflow.

When I try to connect, it fails like this:

$ ssh TGFxYjGucExXYZazUd7yEQueG@nyc1.tmate.io
Invalid command
Shared connection to nyc1.tmate.io closed.

If I use ssh with verbosity on, I get this:

ssh -v -F none 2yQGWxG7ssGh4d7PR6RzTtZ3k@sfo2.tmate.io

``` OpenSSH_9.0p1, OpenSSL 3.0.9 30 May 2023 debug1: auto-mux: Trying existing master debug1: Control socket "/run/user/1000/kssh-2211167-12b3298cfc2b2b25ae5251503a64b4c9e8608968" does not exist debug1: Connecting to sfo2.tmate.io [157.230.72.130] port 22. debug1: Connection established. debug1: identity file /home/username/.ssh/id_rsa type 0 debug1: identity file /home/username/.ssh/id_rsa-cert type -1 debug1: identity file /home/username/.ssh/id_ecdsa type -1 debug1: identity file /home/username/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/username/.ssh/id_ecdsa_sk type -1 debug1: identity file /home/username/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file /home/username/.ssh/id_ed25519 type -1 debug1: identity file /home/username/.ssh/id_ed25519-cert type -1 debug1: identity file /home/username/.ssh/id_ed25519_sk type -1 debug1: identity file /home/username/.ssh/id_ed25519_sk-cert type -1 debug1: identity file /home/username/.ssh/id_xmss type -1 debug1: identity file /home/username/.ssh/id_xmss-cert type -1 debug1: identity file /home/username/.ssh/id_dsa type -1 debug1: identity file /home/username/.ssh/id_dsa-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_9.0 debug1: Remote protocol version 2.0, remote software version tmate debug1: compat_banner: no match: tmate debug1: Authenticating to sfo2.tmate.io:22 as '2yQGWxG7ssGh4d7PR6RzTtZ3k' debug1: load_hostkeys: fopen /home/username/.ssh/known_hosts2: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: rsa-sha2-512 debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: zlib@openssh.com debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: zlib@openssh.com debug1: kex: curve25519-sha256 need=32 dh_need=32 debug1: kex: curve25519-sha256 need=32 dh_need=32 debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: SSH2_MSG_KEX_ECDH_REPLY received debug1: Server host key: ssh-rsa SHA256:Hthk2T/M/Ivqfk1YYUn5ijC2Att3+UPzD7Rn72P5VWs debug1: load_hostkeys: fopen /home/username/.ssh/known_hosts2: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory debug1: hostkeys_find_by_key_cb: found matching key in ~/.ssh/known_hosts:86 debug1: hostkeys_find_by_key_cb: found matching key in ~/.ssh/known_hosts:87 debug1: hostkeys_find_by_key_hostfile: hostkeys file /home/username/.ssh/known_hosts2 does not exist debug1: hostkeys_find_by_key_hostfile: hostkeys file /etc/ssh/ssh_known_hosts does not exist debug1: hostkeys_find_by_key_hostfile: hostkeys file /etc/ssh/ssh_known_hosts2 does not exist The authenticity of host 'sfo2.tmate.io (157.230.72.130)' can't be established. RSA key fingerprint is SHA256:Hthk2T/M/Ivqfk1YYUn5ijC2Att3+UPzD7Rn72P5VWs. This host key is known by the following other names/addresses: ~/.ssh/known_hosts:86: lon1.tmate.io ~/.ssh/known_hosts:87: nyc1.tmate.io Are you sure you want to continue connecting (yes/no/[fingerprint])? Please type 'yes', 'no' or the fingerprint: Warning: Permanently added 'sfo2.tmate.io' (RSA) to the list of known hosts. debug1: rekey out after 4294967296 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey in after 4294967296 blocks debug1: get_agent_identities: bound agent to hostkey debug1: get_agent_identities: agent returned 1 keys debug1: Will attempt key: /home/username/.ssh/id_rsa RSA SHA256:ukqzwZ/2KwEhEgH89m/VGxJNALjzwPyxV6j+lSp9Bmc agent debug1: Will attempt key: /home/username/.ssh/id_ecdsa debug1: Will attempt key: /home/username/.ssh/id_ecdsa_sk debug1: Will attempt key: /home/username/.ssh/id_ed25519 debug1: Will attempt key: /home/username/.ssh/id_ed25519_sk debug1: Will attempt key: /home/username/.ssh/id_xmss debug1: Will attempt key: /home/username/.ssh/id_dsa debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs= debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Offering public key: /home/username/.ssh/id_rsa RSA SHA256:ukqzwZ/2KwEhEgH89m/VGxJNALjzwPyxV6j+lSp9Bmc agent debug1: Server accepts key: /home/username/.ssh/id_rsa RSA SHA256:ukqzwZ/2KwEhEgH89m/VGxJNALjzwPyxV6j+lSp9Bmc agent debug1: Enabling compression at level 6. Authenticated to sfo2.tmate.io ([157.230.72.130]:22) using "publickey". debug1: pkcs11_del_provider: called, provider_id = (null) debug1: setting up multiplex master socket debug1: channel 0: new [/run/user/1000/kssh-2211167-12b3298cfc2b2b25ae5251503a64b4c9e8608968] debug1: control_persist_detach: backgrounding master process debug1: forking to background debug1: Entering interactive session. debug1: pledge: id debug1: multiplexing control connection debug1: channel 1: new [mux-control] debug1: channel 2: new [client-session] if [ -z "$python" -o ython=$(command -v python))*" > /dev/stderr; cleanup_on_bootstrap_exit; exit 1; }4\\\\\\n\\\\\\041)"' '/bin/sh debug1: mux_client_request_session: master session id: 2 debug1: client_input_channel_req: channel 2 rtype exit-status reply 0 Invalid command debug1: channel 2: free: client-session, nchannels 3 debug1: channel 1: free: mux-control, nchannels 2 Shared connection to sfo2.tmate.io closed. debug1: channel 0: free: /run/user/1000/kssh-2211167-12b3298cfc2b2b25ae5251503a64b4c9e8608968, nchannels 1 Connection to sfo2.tmate.io closed by remote host. Transferred: sent 5364, received 2672 bytes, in 0.6 seconds Bytes per second: sent 9092.9, received 4529.5 debug1: Exit status -1 debug1: compress outgoing: raw data 5589, compressed 2218, factor 0.40 debug1: compress incoming: raw data 88, compressed 83, factor 0.94 ```

If you look towards the end of the ssh output, it does authenticate correctly: Authenticated to sfo2.tmate.io ([157.230.72.130]:22) using "publickey"., but then it gets disconnected by the remote. I'm not sure why.

[jameelkaisar]

Set limit-access-to-actor to false.

[suvayu]

Set limit-access-to-actor to false.

I get the same behaviour.

In any case, as I reported above it's not an authentication problem. Also, opening up your actions to the world sounds like a horrible idea.

[Nomango]

Set limit-access-to-actor to false and it will provide you a public tmate link to connect the terminal. However, when opened, there is only a black screen.

And connection via ssh command will fail directly.

Use bash instead of zsh and ...... it's working! 😅

After connecting, some information was displayed. Press q and ignore it.

What's wrong with it?

[suvayu]

This seems to be working now (both with/without limit-access-to-actor set to false). I didn't change anything on my side. Maybe there was an update on the server side?