Open wpietron opened 3 months ago
Vagrant v2.4.0 changed the default generated private key type from RSA to Ed25519, with the key file now being saved using the new OpenSSH private key format (see hashicorp/vagrant#13219). This causes two problems:
vagrant-multi-putty expects the private key file to be in PEM format and able to be opened using Ruby's OpenSSL::PKey
class (see https://github.com/nickryand/vagrant-multi-putty/blob/4bd39e9df77a9d758b651b90cd4747d3c8c22fc1/lib/vagrant-multi-putty/command.rb#L114). The new OpenSSH private key format cannot be understood by OpenSSL. This causes the 'Could not parse PKey: unsupported (OpenSSL::PKey::PKeyError)' exception you are encountering.
putty-key doesn't currently support conversion of Ed25519 keys. This is because it only supports conversion between OpenSSL::PKey
objects and PuTTY private keys and support for Ed25519 has only been added to Ruby's OpenSSL bindings relatively recently.
As a workaround, you can have vagrant generate a RSA private key in PEM format that is supported by both vagrant-multi-putty and putty-key by setting config.ssh.key_type = :rsa
in your Vagrantfile
(see https://developer.hashicorp.com/vagrant/docs/vagrantfile/ssh_settings#config-ssh-key_type).
It looks like Vagrant should remove the default insecure public key from the VM after it is first provisioned (see https://github.com/hashicorp/vagrant/blob/d8fdc500b76c840cdeaa69869d0c000530b036b3/plugins/communicators/ssh/communicator.rb#L263). Changing the key type would therefore seem to require destroying the VM and re-provisioning.
In practice, I've found that it's failing to remove the insecure public key. I was able to run vagrant halt
, change the Vagrantfile
to set key_type
, delete the .vagrant/machines/**/private_key
files and then run vagrant up
to re-provision with a new key.
Hi Guys, I hit some issue:
I have no problems to convert
D:\git\vgwp\dbasm19\.vagrant\machines\default\virtualbox\private_key
with puttygen 0.8 with a confirmation comment "Successfully imported foreign key (OpenSSH SSH-2 private key (new format)) [...].What else I may check to investigate this issue?