search

nix-community / nixbox

NixOS Vagrant boxes [maintainer=@ifurther]
https://app.vagrantup.com/nixbox/
MIT License
304 stars 101 forks source link

Failing with 21.11 #74

Open PierreR opened 2 years ago

PierreR commented 2 years ago

If I use

{
  "variables": {
    "disk_size": "72000",
    "memory": "6800",
    "version": "21.11",
    "build": "334139.1bd4bbd49be",
    "checksum": "8259e4a841c624c98a02e24f35e8dfe3363af821cd31831c22b79414454e9379"
  },

The build is failing with

==> virtualbox-iso: Waiting 45s for boot...
==> virtualbox-iso: Typing the boot command...
==> virtualbox-iso: Using ssh communicator to connect: 127.0.0.1
==> virtualbox-iso: Waiting for SSH to become available...
==> virtualbox-iso: Error waiting for SSH: Packer experienced an authentication error when trying to connect via SSH. This can happen if your username/password are wrong. You may want to double-check your credentials as part of your debugging process. original error: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

If I revert back to 21.05 it works again.

Any idea about what would cause this failure ?

Thanks

PierreR commented 2 years ago

I wonder if this is not related to the update to openssh 8.8:

https://www.openssh.com/releasenotes.html https://github.com/hashicorp/packer/issues/10074

@zimbatm is it possible to change the rsa vagrant public key ?

zimbatm commented 2 years ago

Can you try setting services.openssh.extraConfig to

HostkeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa

and see if it fixes it?

zimbatm commented 2 years ago

I'm not really using nixbox and would be willing to pass on maintainership.

PierreR commented 2 years ago

It doesn't work probably because the ssh connection needs to be set up before configuration.nix is used

stephank commented 2 years ago

I'm not using nixbox, but am using Packer with EC2, and just PubkeyAcceptedAlgorithms is sufficient. I was able to solve it on EC2 with user_data, but not sure a similar mechanism exists for VirtualBox.

Maybe adding "temporary_key_pair_type": "ed25519" to the Packer builder config works? There's an open issue for the EC2 builder that this option is broken there, but maybe it doesn't affect VirtualBox or other builders. (https://github.com/hashicorp/packer-plugin-amazon/issues/144)