[DRE-maint] Bug#845165: vagrant-lxc: vagrant ssh key with wrong permissions, vm creation fails
Dean Hamstead
dean at fragfest.com.au
Sun Nov 20 23:58:25 UTC 2016
Package: vagrant-lxc
Version: 1.2.1-2
Severity: important
Dear Maintainer,
When vagrant-lxc places its authorized_keys file in to a new centos7 vm's ~vagrant/.ssh directory, it does so with too permissive ownership.
As a result, the centos7 vm's ssh wont allow ssh login.
I can work around this by manually running the following in another terminal, whilst the vm is being created
chmod 600 /var/lib/lxc/<vagrant vm name>/rootfs/home/vagrant/.ssh/authorized_keys
Here is the main terminal output, the "Authenticaion failure" will repeat over and over and eventually fail. The following examples shows when i perform the manual work around above.
dean at cliffjumper:~/git/stash/conform-OIE-module$ vagrant up --provider=lxc
Bringing machine 'default' up with 'lxc' provider...
==> default: Importing base box 'goodsmileduck/centos-7-lxc'...
==> default: Checking if box 'goodsmileduck/centos-7-lxc' is up to date...
==> default: Setting up mount entries for shared folders...
default: /foo-module => /home/dean/git/stash/my-foo-module
==> default: Starting container...
==> default: Waiting for machine to boot. This may take a few minutes...
default: SSH address: 10.0.3.252:22
default: SSH username: vagrant
default: SSH auth method: private key
default:
default: Vagrant insecure key detected. Vagrant will automatically replace
default: this with a newly generated keypair for better security.
default:
default: Inserting generated public key within guest...
default: Removing insecure key from the guest if it's present...
default: Key inserted! Disconnecting and reconnecting using new SSH key...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
==> default: Machine booted and ready!
==> default: Running provisioner: shell...
default: Running: inline script
==> default: Loaded plugins: fastestmirror
==> default: Determining fastest mirrors
==> default: * base: centos.mirror.crucial.com.au
==> default: * extras: centos.mirror.crucial.com.au
==> default: * updates: centos.mirror.crucial.com.au
==> default: Resolving Dependencies
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.7.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages vagrant-lxc depends on:
ii lxc 1:2.0.5-1
ii redir 2.2.1-13
ii ruby 1:2.3.0+4
ii vagrant 1.8.5+dfsg-2
vagrant-lxc recommends no packages.
vagrant-lxc suggests no packages.
-- no debconf information
More information about the Pkg-ruby-extras-maintainers
mailing list