SSH Basics on Vagrant VMs
I'm building a vagrant machine (Ubuntu 12.04) with the following requirements:
- SSH access via Vagrant to a user with sudo-privileges.
I've generated public/private keys (via ssh-keygen
) on the host and have moved the public key to the authorized_keys
file on the guest. And I have tried a password-less SSH.
A couple of things happen I type vagrant ssh
with password-enabled SSH keys:
- I have to type my keyphrase in on the host machine to SSH into the Guest VM.
- Each time I type in the correct keyphrase it is not accepted.
Which results in the I get the following error message:
SSH authentication failed! This is typically caused by the public/private
keypair for the SSH user not being properly set on the guest VM. Please
verify that the guest VM is setup with the proper public key, and that
the private key path for Vagrant is setup properly as well.
Then I tried password-less ssh.
vagrant ssh
[email protected]'s password:
??
I never set up a vagrant user! It should be user@hostname
as I had set it up and can confirm works when I boot the VM in VirtualBox.
How do I get private ssh keys to work properly with vagrant? What to do on the host, what to do on the guest?
Update
In VirtualBox the VM is live but I can't do any of the following commands from vagrant console in addition to the problems with vagrant ssh
:
vagrant up
vagrant halt
The only vagrant command that works is vagrant suspend
. When I use it I can actually halt the machine via vagrant halt
. Here is the output:
$ vagrant halt
[default] Attempting graceful shutdown of VM...
SSH authentication failed! This is typically caused by the public/private
keypair for the SSH user not being properly set on the guest VM. Please
verify that the guest VM is setup with the proper public key, and that
the private key path for Vagrant is setup properly as well.
I am adding this solution for anyone who comes to this thread:
First open this file on the host machine:
$ sudo vim ~/.vagrant.d/boxes/<yourbox>/include/_Vagrantfile
Verify that config.ssh.private_key_path
is set to your private key file. If not update that
ssh to vagrant box with default pwd
$ vagrant ssh (default pwd = ‘vagrant’]
Once in the box:
vagrant@lucid64:~$ sudo visudo -f .ssh/authorized_keys
Add your public key to this file and save the file, and exit the box
vagrant@lucid64:~$ exit
Back to the local machine
$ vagrant halt
$ vagrant up
This worked for me
I had the same problem although it wasn't due to SSH key issues. When starting the machine, Virtualbox worked and brought the guest up fine. I was able to SSH into the machine myself, and vagrant ssh
worked although it asked me for a password. I logged in and found the following in /var/log/auth.log on the guest:
Feb 13 10:14:34 spaaza-dev sshd[1468]: Accepted password for vagrant from 192.168.50.1 port 61816 ssh2
Feb 13 10:14:34 spaaza-dev sshd[1468]: pam_unix(sshd:session): session opened for user vagrant by (uid=0)
Feb 13 10:14:34 spaaza-dev sshd[1636]: Received disconnect from 192.168.50.1: 11: disconnected by user
Feb 13 10:14:34 spaaza-dev sshd[1468]: pam_unix(sshd:session): session closed for user vagrant
Feb 13 10:16:44 spaaza-dev sshd[1764]: Authentication refused: bad ownership or modes for directory /home/vagrant
I went in to look at permissions for /home/vagrant:
drwxrwxrwx 6 vagrant vagrant 4096 Feb 13 10:15 vagrant
Not good, something else I'd been doing had inadvertently changed the permissions of the /home/vagrant dir. The following fixed the issue:
# chmod 755 vagrant
drwxr-xr-x 6 vagrant vagrant 4096 Feb 13 10:15 vagrant
After that I shut the machine down, started it again and vagrant did its thing fine. :-)
Try copying the vagrant insecure public key into the file .ssh/authorized_keys
into the guest box.
Hope this resolves your ssh issue.
If you want to make it secure then you can do so by copying your own .ssh/id_rsa.pub into the aforementioned file. And setting the
config.ssh.private_key_path = '~/.ssh/id_rsa'
in your Vagrantfile.
For anyone who gets this problem. it took me ages to fix. (Yet the fix is easy!!) So, According to Vagrant documentation there is a default password for 'vagrant' user which is 'vagrant' without the single quotes. you can read more on the same on their Official website http://docs.vagrantup.com/v2/boxes/base.html