Vagrant ssh 'Authentication failure. Retrying…' 重复错误 - 密钥不匹配,无法找到修复
Vagrant ssh 'Authentication failure. Retrying…' repeated error - keys mismatch, cant find fix
我遇到了一个无法解决的恼人问题。
我正在尝试vagrant up这个环境下的centos7系统:
- Windows 10
- Hyper-V(非周年更新版)
- Docker 图片 "serveit/centos-7" 或 "bluefedora/hyperv-alpha-centos7"
- 已安装 OpenSSH,已配置私钥
我的 Vagrantfile 的内容:
Vagrant.configure("2") do |config|
#config.vm.box = "serveit/centos-7"
config.vm.box = "bluefedora/hyperv-alpha-centos7"
config.ssh.private_key_path = "~/.vagrant.d/insecure_private_key"
config.ssh.forward_agent = true
end
我在执行 vagrant up:
时遇到此错误
PS C:\Programs\vagrant_stuff\centos7> vagrant up
Bringing machine 'default' up with 'hyperv' provider...
==> default: Verifying Hyper-V is enabled...
==> default: Importing a Hyper-V instance
default: Cloning virtual hard drive...
default: Creating and registering the VM...
default: Successfully imported a VM with name: vagrantbox
==> default: Starting the machine...
==> default: Waiting for the machine to report its IP address...
default: Timeout: 120 seconds
default: IP: 192.168.137.6
==> default: Waiting for machine to boot. This may take a few minutes...
default: SSH address: 192.168.137.6:22
default: SSH username: vagrant
default: SSH auth method: private key
default:
default: Vagrant insecure key detected. Vagrant will automatically replace
default: this with a newly generated keypair for better security.
default:
default: Inserting generated public key within guest...
default: Removing insecure key from the guest if it's present...
default: Key inserted! Disconnecting and reconnecting using new SSH key...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
Timed out while waiting for the machine to boot. This means that
Vagrant was unable to communicate with the guest machine within
the configured ("config.vm.boot_timeout" value) time period.
If you look above, you should be able to see the error(s) that
Vagrant had when attempting to connect to the machine. These errors
are usually good hints as to what may be wrong.
If you're using a custom box, make sure that networking is properly
working and you're able to connect to the machine. It is a common
problem that networking isn't setup properly in these boxes.
Verify that authentication configurations are also setup properly,
as well.
If the box appears to be booting properly, you may want to increase
the timeout ("config.vm.boot_timeout") value.
我可以做一个 vagrant ssh-config:
Host default
HostName 192.168.137.6
User vagrant
Port 22
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile C:/Users/Kareem/.vagrant.d/insecure_private_key
IdentitiesOnly yes
LogLevel FATAL
ForwardAgent yes
我在别处看到我应该尝试 vagrant halt 和 vagrant up 来解决这个问题。这没有用。
我也删除了 .vagrant.d/insecure_private_key 文件,看到它被重新创建了。没问题,这也是意料之中的。
也 vagrant ssh 使用密码:
PS C:\Programs\vagrant_stuff\centos7> vagrant ssh
vagrant@192.168.137.6's password:
[vagrant@localhost ~]$
因为我可以 SSH,所以我决定检查 .ssh/authorized_keys 文件:
[vagrant@localhost ~]$ cat .ssh/authorized_keys
[vagrant@localhost ~]$ cat /home/vagrant/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIRcYs0HBn/BOjiKg9fGnoraVxRnnZk+6sM3waFFE1+U3aO8GQjRKxQsYgJNoyRmNVymzpP13kOoLodDsz
UKhdcO6dL+zAtmhsFTgmADMXxVzM3mfRWfPG2HdsU13Pof77A68Ln6z6X4jVG4cnsclYvz67Gudl7lZ9VI2TOdDn1V+7ZANlkGnqejIwA2RVWtYLgLQHU9p4
47nvRqId71XaG8BZpbONRzzrL49wWyjfc4h6SdaHVJZJB6kY+vkr31xw6TPIIlo2UHH7Ihlk6KADNo4wFJYF+ozIA7C792omzjN1zu1SayvCYNG21yZy/cCd
n2Hr158Jy83A9CslQPbT vagrant
Dafuq是这个key?!?!
我很确定这不是 Vagrant 对应的 public 键。这也不是我的系统 public 密钥。当我检查 Vagrant Public key 我得到这个:
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9H
ZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHi
lFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRd
K8jlqm8tehUc9c9WhQ== vagrant insecure public key
此外,如果我更新 Vagrantfile 以使用我的系统私钥:
#config.ssh.private_key_path = "~/.vagrant.d/insecure_private_key"
config.ssh.private_key_path = "~/.ssh/id_rsa"
我在 VM 中得到一个不同的 public 密钥,即 Vagrant Public key:
[vagrant@localhost ~]$ cat /home/vagrant/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9H
ZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHi
lFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRd
K8jlqm8tehUc9c9WhQ== vagrant insecure public key
我还看到配置过程没有插入新密钥。这一切似乎倒退了,我认为只有在我使用我的私钥时才应该更新密钥,并且它应该使用我自己的。
求助!
谁能帮我找出为什么会这样?
事实证明,Vagrant 1.8.5 中存在一个已知错误(将在 1.8.6 中修复):
详情here
如果您使用的是 1.8.5,您可以使用 PowerShell 从 PR #7611 下载更新版本:
[IO.File]::WriteAllLines("C:\HashiCorp\Vagrant\embedded\gems\gems\vagrant-1.8.5\plugins\guests\linux\cap\public_key.rb", (Invoke-WebRequest -Uri https://raw.githubusercontent.com/Poohblah/vagrant/41063204ca540c44f9555bd11ba9e76c7307bec5/plugins/guests/linux/cap/public_key.rb).Content)
通过 SSH 连接到 vagrant 机器并授予此权限。
vagrant@localhost:chmod 600 ~/.ssh/authorized_keys.
退出回到主机并点击"vagrant reload"
有效!!!
在 public_key.rb 文件中找到第 56 行的内容并像这样附加 chmod 0600 ~/.ssh/authorized_keys:
if test -f ~/.ssh/authorized_keys; then
grep -v -x -f '#{remote_path}' ~/.ssh/authorized_keys > ~/.ssh/authorized_keys.tmp
mv ~/.ssh/authorized_keys.tmp ~/.ssh/authorized_keys
chmod 0600 ~/.ssh/authorized_keys
fi
rm -f '#{remote_path}'
Windows 的路径:C:\HashiCorp\Vagrant\embedded\gems\gems\vagrant-1.8.5\plugins\guests\linux\cap\public_key.rb
mac 的路径:/opt/vagrant/embedded/gems/gems/vagrant-1.8.5/plugins/guests/linux/cap/public_key.rb
检查 vagrant 实例中的权限:
chmod 600 /vagrant/.ssh/authorized_keys
chmod 700 /vagrant/.ssh
chmod 700 /vagrant # important too! (for me that was a reason of same error)
ssh 密钥将仅在具有正确权限的情况下使用。
此外,作为解决方法,您可以添加到 Vagrantfile:
config.ssh.username = "vagrant"
config.ssh.password = "vagrant"
我遇到了一个无法解决的恼人问题。
我正在尝试vagrant up这个环境下的centos7系统:
- Windows 10
- Hyper-V(非周年更新版)
- Docker 图片 "serveit/centos-7" 或 "bluefedora/hyperv-alpha-centos7"
- 已安装 OpenSSH,已配置私钥
我的 Vagrantfile 的内容:
Vagrant.configure("2") do |config|
#config.vm.box = "serveit/centos-7"
config.vm.box = "bluefedora/hyperv-alpha-centos7"
config.ssh.private_key_path = "~/.vagrant.d/insecure_private_key"
config.ssh.forward_agent = true
end
我在执行 vagrant up:
PS C:\Programs\vagrant_stuff\centos7> vagrant up
Bringing machine 'default' up with 'hyperv' provider...
==> default: Verifying Hyper-V is enabled...
==> default: Importing a Hyper-V instance
default: Cloning virtual hard drive...
default: Creating and registering the VM...
default: Successfully imported a VM with name: vagrantbox
==> default: Starting the machine...
==> default: Waiting for the machine to report its IP address...
default: Timeout: 120 seconds
default: IP: 192.168.137.6
==> default: Waiting for machine to boot. This may take a few minutes...
default: SSH address: 192.168.137.6:22
default: SSH username: vagrant
default: SSH auth method: private key
default:
default: Vagrant insecure key detected. Vagrant will automatically replace
default: this with a newly generated keypair for better security.
default:
default: Inserting generated public key within guest...
default: Removing insecure key from the guest if it's present...
default: Key inserted! Disconnecting and reconnecting using new SSH key...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
Timed out while waiting for the machine to boot. This means that
Vagrant was unable to communicate with the guest machine within
the configured ("config.vm.boot_timeout" value) time period.
If you look above, you should be able to see the error(s) that
Vagrant had when attempting to connect to the machine. These errors
are usually good hints as to what may be wrong.
If you're using a custom box, make sure that networking is properly
working and you're able to connect to the machine. It is a common
problem that networking isn't setup properly in these boxes.
Verify that authentication configurations are also setup properly,
as well.
If the box appears to be booting properly, you may want to increase
the timeout ("config.vm.boot_timeout") value.
我可以做一个 vagrant ssh-config:
Host default
HostName 192.168.137.6
User vagrant
Port 22
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile C:/Users/Kareem/.vagrant.d/insecure_private_key
IdentitiesOnly yes
LogLevel FATAL
ForwardAgent yes
我在别处看到我应该尝试 vagrant halt 和 vagrant up 来解决这个问题。这没有用。
我也删除了 .vagrant.d/insecure_private_key 文件,看到它被重新创建了。没问题,这也是意料之中的。
也 vagrant ssh 使用密码:
PS C:\Programs\vagrant_stuff\centos7> vagrant ssh
vagrant@192.168.137.6's password:
[vagrant@localhost ~]$
因为我可以 SSH,所以我决定检查 .ssh/authorized_keys 文件:
[vagrant@localhost ~]$ cat .ssh/authorized_keys
[vagrant@localhost ~]$ cat /home/vagrant/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIRcYs0HBn/BOjiKg9fGnoraVxRnnZk+6sM3waFFE1+U3aO8GQjRKxQsYgJNoyRmNVymzpP13kOoLodDsz
UKhdcO6dL+zAtmhsFTgmADMXxVzM3mfRWfPG2HdsU13Pof77A68Ln6z6X4jVG4cnsclYvz67Gudl7lZ9VI2TOdDn1V+7ZANlkGnqejIwA2RVWtYLgLQHU9p4
47nvRqId71XaG8BZpbONRzzrL49wWyjfc4h6SdaHVJZJB6kY+vkr31xw6TPIIlo2UHH7Ihlk6KADNo4wFJYF+ozIA7C792omzjN1zu1SayvCYNG21yZy/cCd
n2Hr158Jy83A9CslQPbT vagrant
Dafuq是这个key?!?! 我很确定这不是 Vagrant 对应的 public 键。这也不是我的系统 public 密钥。当我检查 Vagrant Public key 我得到这个:
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9H
ZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHi
lFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRd
K8jlqm8tehUc9c9WhQ== vagrant insecure public key
此外,如果我更新 Vagrantfile 以使用我的系统私钥:
#config.ssh.private_key_path = "~/.vagrant.d/insecure_private_key"
config.ssh.private_key_path = "~/.ssh/id_rsa"
我在 VM 中得到一个不同的 public 密钥,即 Vagrant Public key:
[vagrant@localhost ~]$ cat /home/vagrant/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9H
ZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHi
lFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRd
K8jlqm8tehUc9c9WhQ== vagrant insecure public key
我还看到配置过程没有插入新密钥。这一切似乎倒退了,我认为只有在我使用我的私钥时才应该更新密钥,并且它应该使用我自己的。
求助!
谁能帮我找出为什么会这样?
事实证明,Vagrant 1.8.5 中存在一个已知错误(将在 1.8.6 中修复):
详情here
如果您使用的是 1.8.5,您可以使用 PowerShell 从 PR #7611 下载更新版本:
[IO.File]::WriteAllLines("C:\HashiCorp\Vagrant\embedded\gems\gems\vagrant-1.8.5\plugins\guests\linux\cap\public_key.rb", (Invoke-WebRequest -Uri https://raw.githubusercontent.com/Poohblah/vagrant/41063204ca540c44f9555bd11ba9e76c7307bec5/plugins/guests/linux/cap/public_key.rb).Content)
通过 SSH 连接到 vagrant 机器并授予此权限。
vagrant@localhost:chmod 600 ~/.ssh/authorized_keys.
退出回到主机并点击"vagrant reload"
有效!!!
在 public_key.rb 文件中找到第 56 行的内容并像这样附加 chmod 0600 ~/.ssh/authorized_keys:
if test -f ~/.ssh/authorized_keys; then
grep -v -x -f '#{remote_path}' ~/.ssh/authorized_keys > ~/.ssh/authorized_keys.tmp
mv ~/.ssh/authorized_keys.tmp ~/.ssh/authorized_keys
chmod 0600 ~/.ssh/authorized_keys
fi
rm -f '#{remote_path}'
Windows 的路径:C:\HashiCorp\Vagrant\embedded\gems\gems\vagrant-1.8.5\plugins\guests\linux\cap\public_key.rb
mac 的路径:/opt/vagrant/embedded/gems/gems/vagrant-1.8.5/plugins/guests/linux/cap/public_key.rb
检查 vagrant 实例中的权限:
chmod 600 /vagrant/.ssh/authorized_keys
chmod 700 /vagrant/.ssh
chmod 700 /vagrant # important too! (for me that was a reason of same error)
ssh 密钥将仅在具有正确权限的情况下使用。
此外,作为解决方法,您可以添加到 Vagrantfile:
config.ssh.username = "vagrant"
config.ssh.password = "vagrant"