Vagrant VM : Bad configuration option: IdentitiesOnly - ssh

I installed the vagrant VM, but when i run:
vagrant ssh
it display an error of configuration:
command-line: line 0: Bad configuration option: IdentitiesOnly
I checked :
vagrant ssh-config
it display me:
C:\Vagrant\Ubuntu1>vagrant ssh-config
Host default
HostName 127.0.0.1
User vagrant
Port 2222
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile C:/Vagrant/Ubuntu1/.vagrant/machines/default/virtualbox/private_key
IdentitiesOnly yes
LogLevel FATAL
Can you tell me why, knowing that the first time i'm using vagrant.

IdentitiesOnly option is in OpenSSH since 2004 (OpenSSH 3.9). If you are using older version, you should certainly update.
Other possibility is to remove the colliding option, since it is not crucial to the functionality.

Related

Why does SSH work from the command line but not from the SSH config file?

I've found that when running ssh from the command line on my system is different than running it from the ~/.ssh/config file. But I'm not sure how to fix it or if its a problem with the program itself.
I have a server (blueberry.local) and a client (xps.local). Both have a user named bob. Both can resolve each-other with the host command from either box.
The server is running sshd with the following configuration (/etc/ssh/sshd_config):
UsePAM yes
Banner none
AddressFamily any
Port 22
X11Forwarding no
PermitRootLogin no
GatewayPorts no
PasswordAuthentication no
KbdInteractiveAuthentication no
PrintMotd no
AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys2 /etc/ssh/authorized_keys.d/%u
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
KexAlgorithms sntrup761x25519-sha512#openssh.com,curve25519-sha256,curve25519-sha256#libssh.org,diffie-hellman-group-exchange-sha256
Ciphers chacha20-poly1305#openssh.com,aes256-gcm#openssh.com,aes128-gcm#openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512-etm#openssh.com,hmac-sha2-256-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128#openssh.com
LogLevel INFO
UseDNS no
And from my client I'm running ssh with this configuration (~/.ssh/config):
Host blueberry.stark.local
Port 22
HostName blueberry.local
IdentityFile ~/.ssh/blueberry_rsa
IdentitiesOnly yes
When running ssh from the command line like this:
ssh bob#blueberry.local -i ~/.ssh/blueberry_rsa
The command works and I can successfully connect via ssh to the server.
However, when running ssh from the command line using the client configuration like this:
ssh bob#blueberry.local
I get an authentication error:
bob#blueberry.local: Permission denied (publickey).
What's going on here? I've tried to remove configuration properties and the like but it never works.
What's even stranger is that I have another client configuration just like that that works without any issues at all...
The issue is likely caused by two factors:
Based on your example command, your Host and HostName values are mixed up:
Host <this should be what you type on the CLI>
...
HostName <The real hostname of the server>
...
This means ssh isn't actually going to use any of the configuration you provided. Making the following change should work.
Host blueberry.local
Port 22
HostName blueberry.stark.local
IdentityFile ~/.ssh/blueberry_rsa
IdentitiesOnly yes
This is most likely if the following command works with the configuration you posted:
ssh bob#blueberry.starlink.local
If you expected ssh to just try all of your private keys until it found the right one, (~/.ssh/blueberry_rsa), its likely you haven't added it to your ssh-agent (you can confirm by running ssh-add -L and check the output.
by default ssh will check these paths, then any additional keys in the agent:
~/.ssh/id_rsa
~/.ssh/id_ecdsa
~/.ssh/id_ecdsa_sk
~/.ssh/id_ed25519
~/.ssh/id_ed25519_sk
~/.ssh/id_xmss
~/.ssh/id_dsa
Its likely you only have ~/.ssh/id_rsa in your agent which is what is throwing the
When in trouble, its always helpful to run ssh -vvv <rest of your command> to see whats happening under the hood 😉.

Scp denied when copying files into vagrant VM

I am trying to copy a demo.zip from local host to a newly initiated vagrant VM.
I tried command like this from my MAC terminal:
scp -P 2200 demo.zip vagrant#127.0.0.1:/home/vagrant
However, I get:
vagrant#127.0.0.1: Permission denied (publickey).
lost connection
And below is the log from vagrant ssh-config:
Host default
HostName 127.0.0.1
User vagrant
Port 2200
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile /Volumes/dailystorage/program_analysis_VM/.vagrant/machines/default/virtualbox/private_key
IdentitiesOnly yes
LogLevel FATAL
The version of vagrant box is ubuntu-xenial (Ubuntu 16.04.3).
Could anyone tell what's going on here and possible ways out?
Thanks!
UPDATE: Solved by installing vagrant scp.
The name localhost normally resolves to the IPv4 loopback address 127.0.0.1
So you can try copy file from your local machine to local machine.
Try this:
scp -i /Volumes/dailystorage/program_analysis_VM/.vagrant/machines/default/virtualbox/private_key demo.zip vagrant#private_ip_address_your_remote_machine:/home/vagrant
I regenerated the key and it worked:
Generate Key Pair on master-1 node $ssh-keygen
Leave all settings to default.
View the generated public key ID at:
$cat .ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD......8+08b vagrant#master-1
Move public key of master to all other VMs
$cat >> ~/.ssh/authorized_keys <<EOF
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD......8+08b vagrant#master-1
EOF

How to access one vagrant box from another via ssh?

I use Vagrant 1.9.1 and boxes are config.vm.box = "centos/7". There seems to be private keys employed when calling „vagrant ssh“ to connect to a box. However, I’m not sure where are those keys located. Thanks a lot
Kind Regards
Diana
You can run vagrant ssh-config command, for example
fhenri#machine:~/project/vagrant/centos$ vagrant ssh-config app1
Host app1
HostName 127.0.0.1
User vagrant
Port 2222
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile /Users/fhenri/.vagrant.d/insecure_private_key
IdentitiesOnly yes
LogLevel FATAL
It will give you the information of the ssh key used

Vagrant prompting for password without using key

I am running vagarant using chef. When I am running vagrant up. Its creating an instance after that its prompting for password. Actually it should login with ssh key
I have granted
chmod 0700 ~/.ssh/.ssh
chmod 0600 ~/.ssh/.ssh/authorized_keys
root#system-desktop:/home/system/Documents/dsrv169# vagrant --version
Vagrant 1.6.5
config.vm.provider :digital_ocean do |provider, override|
override.ssh.private_key_path = '~/.ssh/id_rsa'
override.vm.box = 'digital_ocean'
root#system-desktop:/home/system/Documents/dsrv168# vagrant ssh-config
Host default
HostName 45.55.239.147
User root
Port 22
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile /root/.ssh/id_rsa
IdentitiesOnly yes
LogLevel FATAL
May I know what I required to do
it's just owner and group permission issue. After issuing chown it worked normally.

How to make IP address for vagrant ssh the same as for the VM?

How can I make IP address for vagrant ssh the same as for the VM? What would I need to change/add to my manifest (Vagrant config files) ?
To explain my situation a little more: In my /etc/hosts file, I've setup local domains to map to the IP address of the VM as 192.168.56.105 - this is what is configured in the Vagrant setup, this works.
However vagrant ssh tries to connect to 127.0.0.1
Why would this be?
My vagrant ssh details are (when outputted to a file):
Host default
HostName 127.0.0.1
User vagrant
Port 2222
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile /Users/rdavis/.vagrant.d/insecure_private_key
IdentitiesOnly yes
LogLevel FATAL
My specific problem had a root cause in port collision (with other VMs I'm using). Full credit to my colleague for spotting this.
Vagrant detects port collision but in your Vagrantfile config you have to do something about it i.e.
auto_correct: true
https://docs.vagrantup.com/v2/networking/forwarded_ports.html
This means that I can run more than one VM at a time without this issue.