You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Issue: When attempting to use an SSH URI connector to a remote Linux system, I am authenticating successfully (based on OpenSSH logs), however I am receiving the following error:
Error: failed to connect: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none], no supported methods remain
│
│ with provider["registry.terraform.io/dmacvicar/libvirt"],
│ on test.tf line 9, in provider "libvirt":
│ 9: provider "libvirt" {
│
The SSH key in use will allow me to successfully authenticate outside of Terraform. I have tried both RSA and ECDSA key types in my Terraform URI statement, neither work
In SSH logs, it appears the client is isssuing a close request at preauth:
May 10 15:46:27 qub4rt sshd[209057]: debug1: /etc/ssh/gitlab-libvirt-authorized_keys:1: matching key found: RSA SHA256:5OJzx6mZZirtqdrTp/0SpUSbPAzy1I70DIOSnvCiIS0
May 10 15:46:27 qub4rt sshd[209057]: debug1: /etc/ssh/gitlab-libvirt-authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
May 10 15:46:27 qub4rt sshd[209057]: Accepted key RSA SHA256:5OJzx6mZZirtqdrTp/0SpUSbPAzy1I70DIOSnvCiIS0 found at /etc/ssh/gitlab-libvirt-authorized_keys:1
May 10 15:46:27 qub4rt sshd[209057]: debug1: restore_uid: 0/0
May 10 15:46:27 qub4rt sshd[209057]: debug1: auth_activate_options: setting new authentication options
May 10 15:46:27 qub4rt sshd[209057]: Partial publickey for gitlab-libvirt from 192.168.32.81 port 34246 ssh2: RSA SHA256:5OJzx6mZZirtqdrTp/0SpUSbPAzy1I70DIOSnvCiIS0
May 10 15:46:27 qub4rt sshd[209057]: debug1: auth_activate_options: setting new authentication options [preauth] May 10 15:46:27 qub4rt sshd[209057]: Connection closed by authenticating user gitlab-libvirt 192.168.32.81 port 34246 [preauth]
May 10 15:46:27 qub4rt sshd[209057]: debug1: do_cleanup [preauth]
I have tested enabling the following features in OpenSSH, to no avail:
PermitTunnel yes
AllowAgentForwarding yes
AllowTcpForwarding yes
X11Forwarding yes
AllowStreamLocalForwarding yes
PermitOpen any
If I use the same URI connect string from the command line, I am able to succesfully connect and perform actions.
So this appears to something in the Terraform provider, but I'm unable to determine what.
System Information
Linux distribution
Client System: Linux gitlab 5.15.0-105-generic #115-Ubuntu SMP Mon Apr 15 09:52:04 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Server: Linux qub4rt 6.1.0-18-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.76-1 (2024-02-01) x86_64 GNU/Linux
Terraform version
Terraform v1.8.2 on linux_amd64
Provider and libvirt versions
+ provider registry.terraform.io/dmacvicar/libvirt v0.7.6
Issue: When attempting to use an SSH URI connector to a remote Linux system, I am authenticating successfully (based on OpenSSH logs), however I am receiving the following error:
Error: failed to connect: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none], no supported methods remain
│
│ with provider["registry.terraform.io/dmacvicar/libvirt"],
│ on test.tf line 9, in provider "libvirt":
│ 9: provider "libvirt" {
│
The SSH key in use will allow me to successfully authenticate outside of Terraform. I have tried both RSA and ECDSA key types in my Terraform URI statement, neither work
In SSH logs, it appears the client is isssuing a close request at preauth:
May 10 15:46:27 qub4rt sshd[209057]: debug1: /etc/ssh/gitlab-libvirt-authorized_keys:1: matching key found: RSA SHA256:5OJzx6mZZirtqdrTp/0SpUSbPAzy1I70DIOSnvCiIS0
May 10 15:46:27 qub4rt sshd[209057]: debug1: /etc/ssh/gitlab-libvirt-authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
May 10 15:46:27 qub4rt sshd[209057]: Accepted key RSA SHA256:5OJzx6mZZirtqdrTp/0SpUSbPAzy1I70DIOSnvCiIS0 found at /etc/ssh/gitlab-libvirt-authorized_keys:1
May 10 15:46:27 qub4rt sshd[209057]: debug1: restore_uid: 0/0
May 10 15:46:27 qub4rt sshd[209057]: debug1: auth_activate_options: setting new authentication options
May 10 15:46:27 qub4rt sshd[209057]: Partial publickey for gitlab-libvirt from 192.168.32.81 port 34246 ssh2: RSA SHA256:5OJzx6mZZirtqdrTp/0SpUSbPAzy1I70DIOSnvCiIS0
May 10 15:46:27 qub4rt sshd[209057]: debug1: auth_activate_options: setting new authentication options [preauth]
May 10 15:46:27 qub4rt sshd[209057]: Connection closed by authenticating user gitlab-libvirt 192.168.32.81 port 34246 [preauth]
May 10 15:46:27 qub4rt sshd[209057]: debug1: do_cleanup [preauth]
I have tested enabling the following features in OpenSSH, to no avail:
PermitTunnel yes
AllowAgentForwarding yes
AllowTcpForwarding yes
X11Forwarding yes
AllowStreamLocalForwarding yes
PermitOpen any
If I use the same URI connect string from the command line, I am able to succesfully connect and perform actions.
So this appears to something in the Terraform provider, but I'm unable to determine what.
Example test case;
Enabling TF_LOG=debug, the only item that stands out is:
2024-05-10T19:56:27.997Z [INFO] provider.terraform-provider-libvirt_v0.7.6: 2024/05/10 19:56:27 [DEBUG] Configuring provider for 'qemu+ssh://gitlab-libvirt@qub4rt:26/system?sshauth=privkey&keyfile=/home/madsara/.ssh/gitlab-libvirt&no_verify=1': &{map[uri:0xc000261cc0] 0xc000176500 map[] {{} } 0xc000410160 0xc000528840 0xc00051e680 false {1 {0 0}} false false}: timestamp=2024-05-10T19:56:27.997Z
2024-05-10T19:56:28.065Z [ERROR] provider.terraform-provider-libvirt_v0.7.6: Response contains error diagnostic: diagnostic_detail="" diagnostic_severity=ERROR diagnostic_summary="failed to connect: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none], no supported methods remain" tf_proto_version=5.3 @caller=github.com/hashicorp/terraform-plugin-go@v0.14.2/tfprotov5/internal/diag/diagnostics.go:55 tf_provider_addr=provider tf_req_id=83e75e58-75f7-0104-79e7-ccc33227a62e tf_rpc=Configure @module=sdk.proto timestamp=2024-05-10T19:56:28.064Z
The text was updated successfully, but these errors were encountered: