Vagrant prompting for password without using key - ssh

I am running vagarant using chef. When I am running vagrant up. Its creating an instance after that its prompting for password. Actually it should login with ssh key
I have granted
chmod 0700 ~/.ssh/.ssh
chmod 0600 ~/.ssh/.ssh/authorized_keys
root#system-desktop:/home/system/Documents/dsrv169# vagrant --version
Vagrant 1.6.5
config.vm.provider :digital_ocean do |provider, override|
override.ssh.private_key_path = '~/.ssh/id_rsa'
override.vm.box = 'digital_ocean'
root#system-desktop:/home/system/Documents/dsrv168# vagrant ssh-config
Host default
HostName 45.55.239.147
User root
Port 22
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile /root/.ssh/id_rsa
IdentitiesOnly yes
LogLevel FATAL
May I know what I required to do

it's just owner and group permission issue. After issuing chown it worked normally.

Related

Scp denied when copying files into vagrant VM

I am trying to copy a demo.zip from local host to a newly initiated vagrant VM.
I tried command like this from my MAC terminal:
scp -P 2200 demo.zip vagrant#127.0.0.1:/home/vagrant
However, I get:
vagrant#127.0.0.1: Permission denied (publickey).
lost connection
And below is the log from vagrant ssh-config:
Host default
HostName 127.0.0.1
User vagrant
Port 2200
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile /Volumes/dailystorage/program_analysis_VM/.vagrant/machines/default/virtualbox/private_key
IdentitiesOnly yes
LogLevel FATAL
The version of vagrant box is ubuntu-xenial (Ubuntu 16.04.3).
Could anyone tell what's going on here and possible ways out?
Thanks!
UPDATE: Solved by installing vagrant scp.
The name localhost normally resolves to the IPv4 loopback address 127.0.0.1
So you can try copy file from your local machine to local machine.
Try this:
scp -i /Volumes/dailystorage/program_analysis_VM/.vagrant/machines/default/virtualbox/private_key demo.zip vagrant#private_ip_address_your_remote_machine:/home/vagrant
I regenerated the key and it worked:
Generate Key Pair on master-1 node $ssh-keygen
Leave all settings to default.
View the generated public key ID at:
$cat .ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD......8+08b vagrant#master-1
Move public key of master to all other VMs
$cat >> ~/.ssh/authorized_keys <<EOF
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD......8+08b vagrant#master-1
EOF

How to access one vagrant box from another via ssh?

I use Vagrant 1.9.1 and boxes are config.vm.box = "centos/7". There seems to be private keys employed when calling „vagrant ssh“ to connect to a box. However, I’m not sure where are those keys located. Thanks a lot
Kind Regards
Diana
You can run vagrant ssh-config command, for example
fhenri#machine:~/project/vagrant/centos$ vagrant ssh-config app1
Host app1
HostName 127.0.0.1
User vagrant
Port 2222
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile /Users/fhenri/.vagrant.d/insecure_private_key
IdentitiesOnly yes
LogLevel FATAL
It will give you the information of the ssh key used

Vagrant VM : Bad configuration option: IdentitiesOnly

I installed the vagrant VM, but when i run:
vagrant ssh
it display an error of configuration:
command-line: line 0: Bad configuration option: IdentitiesOnly
I checked :
vagrant ssh-config
it display me:
C:\Vagrant\Ubuntu1>vagrant ssh-config
Host default
HostName 127.0.0.1
User vagrant
Port 2222
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile C:/Vagrant/Ubuntu1/.vagrant/machines/default/virtualbox/private_key
IdentitiesOnly yes
LogLevel FATAL
Can you tell me why, knowing that the first time i'm using vagrant.
IdentitiesOnly option is in OpenSSH since 2004 (OpenSSH 3.9). If you are using older version, you should certainly update.
Other possibility is to remove the colliding option, since it is not crucial to the functionality.

Vagrant allows to SSH onto it only the first time

I'm trying to configure my first Vagrant box.
However it allows me to ssh onto it (with vagrant ssh) only the first time after vagrant up
But when I log out of the VM I can't log back onto it.
Doing Vagrant provision yields:
▶ vagrant provision
==> default: Running provisioner: shell...
SSH authentication failed! This is typically caused by the public/private
keypair for the SSH user not being properly set on the guest VM. Please
verify that the guest VM is setup with the proper public key, and that
the private key path for Vagrant is setup properly as well.
And trying to ssh into it yields:
▶ vagrant ssh
vagrant#127.0.0.1's password:
vagrant#127.0.0.1's password:
vagrant#127.0.0.1's password:
Permission denied (publickey,password).
Even if I give it the default password (vagrant) it rejects it and asks for it again 3 times.
When I start it in GUI mode, after writing any credentials whole console clears out and asks to log in again.
Tried destroying and rebuilding the VM, clearing project/.vagrant and ~/.vagrant.d.
Always the same result.
Adding config.ssh.insert_key = false to Vagrantfile changed nothing.
My box is ubuntu/trusty64 and my ssh-config looks like that:
▶ vagrant ssh-config
Host default
HostName 127.0.0.1
User vagrant
Port 2222
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile /home/iraasta/.vagrant.d/insecure_private_key
IdentitiesOnly yes
LogLevel FATAL
Trying to ssh manually with ssh vagrant#127.0.0.1 -p 2222 and password vagrant also returns Permission Denied

vagrant login as root by default

Problem: frequently the first command I type to my boxes is su -.
Question: how do I make vagrant ssh use the root user by default?
Version: vagrant 1.6.5
This is useful:
sudo passwd root
for anyone who's been caught out by the need to set a root password in vagrant first
Solution:
Add the following to your Vagrantfile:
config.ssh.username = 'root'
config.ssh.password = 'vagrant'
config.ssh.insert_key = 'true'
When you vagrant ssh henceforth, you will login as root and should expect the following:
==> mybox: Waiting for machine to boot. This may take a few minutes...
mybox: SSH address: 127.0.0.1:2222
mybox: SSH username: root
mybox: SSH auth method: password
mybox: Warning: Connection timeout. Retrying...
mybox: Warning: Remote connection disconnect. Retrying...
==> mybox: Inserting Vagrant public key within guest...
==> mybox: Key inserted! Disconnecting and reconnecting using new SSH key...
==> mybox: Machine booted and ready!
Update 23-Jun-2015:
This works for version 1.7.2 as well. Keying security has improved since 1.7.0; this technique overrides back to the previous method which uses a known private key. This solution is not intended to be used for a box that is accessible publicly without proper security measures done prior to publishing.
Reference:
https://docs.vagrantup.com/v2/vagrantfile/ssh_settings.html
This works if you are on ubuntu/trusty64 box:
vagrant ssh
Once you are in the ubuntu box:
sudo su
Now you are root user. You can update root password as shown below:
sudo -i
passwd
Now edit the below line in the file /etc/ssh/sshd_config
PermitRootLogin yes
Also, it is convenient to create your own alternate username:
adduser johndoe
Wait until it asks for password.
If Vagrantfile as below:
config.ssh.username = 'root'
config.ssh.password = 'vagrant'
config.ssh.insert_key = 'true'
But vagrant still ask you root password,
most likely the base box you used do not configured to allow root login.
For example, the offical ubuntu14.04 box do not set PermitRootLogin yes in /etc/ssh/sshd_config.
So If you want a box can login as root default(only Vagrantfile, no more work), you have to :
Setup a vm by username vagrant(whatever name but root)
Login and edit sshd config file.
ubuntu: edit /etc/ssh/sshd_config, set PermitRootLogin yes
others: ....
(I only use ubuntu, feel free to add workaround of other platforms)
Build a new base box:
vagrant package --base your-vm-name
this create a file package.box
Add that base box to vagrant:
vagrant box add ubuntu-root file:///somepath/package.box
then, you need use this base box to build vm which allow auto login as root.
Destroy original vm by vagrant destroy
Edit original Vagrantfile, change box name to ubuntu-root and username to root, then vagrant up create a new one.
It cost me some time to figure out , it is too complicate in my opinion. Hope vagrant would improve this.
Dont't forget root is allowed root to login before!!!
Place the config code below in /etc/ssh/sshd_config file.
PermitRootLogin yes
Note: Only use this method for local development, it's not secure.
You can setup password and ssh config while provisioning the box. For example with debian/stretch64 box this is my provision script:
config.vm.provision "shell", inline: <<-SHELL
echo -e "vagrant\nvagrant" | passwd root
echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
sed -in 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config
service ssh restart
SHELL
This will set root password to vagrant and permit root login with password. If you are using private_network say with ip address 192.168.10.37 then you can ssh with ssh root#192.168.10.37
You may need to change that echo and sed commands depending on the default sshd_config file.
Adding this to the Vagrantfile worked for me. These lines are the equivalent of you entering sudo su - every time you login. Please notice that this requires reprovisioning the VM.
config.vm.provision "shell", inline: <<-SHELL
echo "sudo su -" >> .bashrc
SHELL
I know this is an old question, but looking at the original question, it looks like the user just wanted to run a command as root, that's what I need to do when I was searching for an answer and stumbled across the question.
So this one is worth knowing in my opinion:
vagrant ssh servername -c "echo vagrant | sudo -S shutdown 0"
vagrant is the password being echoed into the the sudo command, because as we all know, the vagrant account has sudo privileges and when you sudo, you need to specify the password of the user account, not root..and of course by default, the vagrant user's password is vagrant !
By default you need root privileges to shutdown so I guess doing a shutdown is a good test.
Obviously you don't need to specify a server name if there is only one for that vagrant environment. Also, we're talking about local vagrant virtual machine to the host, so there isn't really any security issue that I can see.
Hope this helps.
I had some troubles with provisioning when trying to login as root, even with PermitRootLogin yes. I made it so only the vagrant ssh command is affected:
# Login as root when doing vagrant ssh
if ARGV[0]=='ssh'
config.ssh.username = 'root'
end
I used vagrant putty with the vagrant multi putty plugin, it took me directly to root.
vagrant destroy
vagrant up
Please add this to vagrant file:
config.ssh.username = 'vagrant'
config.ssh.password = 'vagrant'
config.ssh.insert_key = 'true'