vscode-coder
vscode-coder copied to clipboard
coder
SSH config not modified on connection attempt
A user of our Coder deployment encountered a problem where the VS Code plugin doesn't update ~/.ssh/config with a
# --- START CODER VSCODE --- when clicking the link in the Coder UI to connect to a workspace, and therefore the connection fails.
General logs:
[09:56:28.278] Log Level: 2
[09:56:28.279] VS Code version: 1.83.1
[09:56:28.279] Remote-SSH version: [email protected]
[09:56:28.279] darwin arm64
[10:02:49.673] SSH Resolver called for "ssh-remote+coder-vscode--idafna--itaydev", attempt 1
[10:02:49.673] "remote.SSH.useLocalServer": true
[10:02:49.674] "remote.SSH.path": undefined
[10:02:49.674] "remote.SSH.configFile": undefined
[10:02:49.674] "remote.SSH.useFlock": true
[10:02:49.675] "remote.SSH.lockfilesInTmp": false
[10:02:49.675] "remote.SSH.localServerDownload": auto
[10:02:49.675] "remote.SSH.remoteServerListenOnSocket": false
[10:02:49.675] "remote.SSH.showLoginTerminal": false
[10:02:49.675] "remote.SSH.defaultExtensions": []
[10:02:49.675] "remote.SSH.loglevel": 2
[10:02:49.676] "remote.SSH.enableDynamicForwarding": true
[10:02:49.676] "remote.SSH.enableRemoteCommand": false
[10:02:49.676] "remote.SSH.serverPickPortsFromRange": {}
[10:02:49.676] "remote.SSH.serverInstallPath": {}
[10:02:49.683] SSH Resolver called for host: coder-vscode--idafna--itaydev
[10:02:49.683] Setting up SSH remote "coder-vscode--idafna--itaydev"
[10:02:49.686] Acquiring local install lock: /var/folders/nm/x4_5dy_97lsbjc7cp7w16rn00000gn/T/vscode-remote-ssh-8e2d63da-install.lock
[10:02:49.687] Looking for existing server data file at /Users/idafna/Library/Application Support/Code/User/globalStorage/ms-vscode-remote.remote-ssh/vscode-ssh-host-8e2d63da-f1b07bd25dfad64b0167beb15359ae573aecd2cc-0.102.0/data.json
[10:02:49.687] Using commit id "f1b07bd25dfad64b0167beb15359ae573aecd2cc" and quality "stable" for server
[10:02:49.691] Install and start server if needed
[10:02:49.694] PATH: /Users/idafna/.local/bin/:/Users/idafna/copilot-cli/node_modules/.bin/github-copilot-cli:/Users/idafna/micromamba/bin:/Users/idafna/.docker/bin:/Users/idafna/micromamba/condabin:/Users/idafna/.sdkman/candidates/java/current/bin:/opt/homebrew/bin:/opt/homebrew/sbin:/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/munki:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin:/Users/idafna/.cargo/bin:/Users/idafna/Library/Application Support/JetBrains/Toolbox/scripts
[10:02:49.694] Checking ssh with "ssh -V"
[10:02:49.706] > OpenSSH_9.0p1, LibreSSL 3.3.6
[10:02:49.708] askpass server listening on /var/folders/nm/x4_5dy_97lsbjc7cp7w16rn00000gn/T/vscode-ssh-askpass-5cd52279ff14bcdfa22b6ec124d4a2e499a73e83.sock
[10:02:49.708] Spawning local server with {"serverId":1,"ipcHandlePath":"/var/folders/nm/x4_5dy_97lsbjc7cp7w16rn00000gn/T/vscode-ssh-askpass-a28f614b9753dfa37c08619ff24e084aa976da38.sock","sshCommand":"ssh","sshArgs":["-v","-T","-D","50661","-o","ConnectTimeout=15","coder-vscode--idafna--itaydev","bash"],"serverDataFolderName":".vscode-server","dataFilePath":"/Users/idafna/Library/Application Support/Code/User/globalStorage/ms-vscode-remote.remote-ssh/vscode-ssh-host-8e2d63da-f1b07bd25dfad64b0167beb15359ae573aecd2cc-0.102.0/data.json"}
[10:02:49.708] Local server env: {"SSH_AUTH_SOCK":"/private/tmp/com.apple.launchd.GIlU4Rgd7j/Listeners","SHELL":"/bin/zsh","DISPLAY":"1","ELECTRON_RUN_AS_NODE":"1","SSH_ASKPASS":"/Users/idafna/.vscode/extensions/ms-vscode-remote.remote-ssh-0.102.0/out/local-server/askpass.sh","VSCODE_SSH_ASKPASS_NODE":"/Applications/Visual Studio Code.app/Contents/Frameworks/Code Helper (Plugin).app/Contents/MacOS/Code Helper (Plugin)","VSCODE_SSH_ASKPASS_EXTRA_ARGS":"--ms-enable-electron-run-as-node","VSCODE_SSH_ASKPASS_MAIN":"/Users/idafna/.vscode/extensions/ms-vscode-remote.remote-ssh-0.102.0/out/askpass-main.js","VSCODE_SSH_ASKPASS_HANDLE":"/var/folders/nm/x4_5dy_97lsbjc7cp7w16rn00000gn/T/vscode-ssh-askpass-5cd52279ff14bcdfa22b6ec124d4a2e499a73e83.sock"}
[10:02:49.709] Spawned 26148
[10:02:49.788] > local-server-1> Running ssh connection command: "-v -T -D 50661 -o ConnectTimeout=15 coder-vscode--idafna--itaydev bash"
[10:02:49.790] > local-server-1> Spawned ssh, pid=26159
[10:02:49.793] stderr> OpenSSH_9.0p1, LibreSSL 3.3.6
[10:02:50.088] stderr> ssh: Could not resolve hostname coder-vscode--idafna--itaydev: nodename nor servname provided, or not known
[10:02:50.089] > local-server-1> ssh child died, shutting down
[10:02:50.093] Local server exit: 0
[10:02:50.093] Received install output: local-server-1> Running ssh connection command: "-v -T -D 50661 -o ConnectTimeout=15 coder-vscode--idafna--itaydev bash"
local-server-1> Spawned ssh, pid=26159
OpenSSH_9.0p1, LibreSSL 3.3.6
ssh: Could not resolve hostname coder-vscode--idafna--itaydev: nodename nor servname provided, or not known
local-server-1> ssh child died, shutting down
"Coder" section of logs:
Using binName: coder-darwin-arm64
Using binPath: /Users/idafna/Library/Application Support/Code/User/globalStorage/coder.coder-remote/bin/coder-darwin-arm64
Using binSource: /bin/coder-darwin-arm64
Using ETag:
Response status code: 200
No value is set for "Config File" under "Remote.SSH":
Thanks for opening this issue @aaronlehmann!
Would it be possible for you to confirm that the permissions on .ssh and .ssh/config are OK? (i.e. user writeable).
❯ ls -ld ~/.ssh ~/.ssh/config
drwx------ 2 coder coder 4.0K Sep 28 13:38 /home/coder/.ssh/
-rw-r--r-- 1 coder coder 40 Sep 21 17:36 /home/coder/.ssh/config
Interesting - we took another look and now see # --- START CODER VSCODE --- in the SSH config file. This might have been added by experimenting with connecting via the Coder plugin in-IDE, instead of the "VS Code Desktop" button in the Coder web UI. Previously, all the attempts were via the "VS Code Desktop" button, and this didn't seem to add the necessary config. Now that it's in place, though, connecting via this button is working.
I attempted to reproduce this by clearing out my ~/.ssh/config and then using the dashboard button, but my SSH config was populated and I was able to connect.
I did that a few times, alternating between closing VS Code normally and explicitly using Close Remote and clearing my config in between but no luck reproducing yet. Anyone else manage to make it happen?
Same issue. I set ssh config file path to ~/.coder/config and chmod +777 to this file and stail have this issue.
log and configfile info
[12:09:25.244] Log Level: 2
[12:09:25.311] VS Code version: 1.92.0
[12:09:25.311] Remote-SSH version: [email protected]
[12:09:25.311] darwin arm64
[12:09:25.390] SSH Resolver called for "ssh-remote+coder-vscode.coder.192.168.0.127.nip.io--admin--yy-2", attempt 1
[12:09:25.390] "remote.SSH.useLocalServer": false
[12:09:25.390] "remote.SSH.useExecServer": true
[12:09:25.390] "remote.SSH.showLoginTerminal": false
[12:09:25.390] "remote.SSH.remotePlatform": {"114.116.103.38":"linux","*.gitpod.io":"linux"}
[12:09:25.390] "remote.SSH.path": undefined
[12:09:25.390] "remote.SSH.configFile": /Users/yy/.coder/config
[12:09:25.390] "remote.SSH.useFlock": true
[12:09:25.390] "remote.SSH.lockfilesInTmp": false
[12:09:25.390] "remote.SSH.localServerDownload": auto
[12:09:25.391] "remote.SSH.remoteServerListenOnSocket": true
[12:09:25.391] "remote.SSH.showLoginTerminal": false
[12:09:25.391] "remote.SSH.defaultExtensions": []
[12:09:25.391] "remote.SSH.loglevel": 2
[12:09:25.391] "remote.SSH.enableDynamicForwarding": true
[12:09:25.391] "remote.SSH.enableRemoteCommand": false
[12:09:25.391] "remote.SSH.serverPickPortsFromRange": {}
[12:09:25.391] "remote.SSH.serverInstallPath": {}
[12:09:25.392] SSH Resolver called for host: coder-vscode.coder.192.168.0.127.nip.io--admin--yy-2
[12:09:25.392] Setting up SSH remote "coder-vscode.coder.192.168.0.127.nip.io--admin--yy-2"
[12:09:25.393] Using commit id "b1c0a14de1414fcdaa400695b4db1c0799bc3124" and quality "stable" for server
[12:09:25.396] Install and start server if needed
[12:09:29.156] PATH: /Users/yy/.nvm/versions/node/v20.10.0/bin:/opt/homebrew/bin:/opt/homebrew/sbin:/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin:/Users/yy/Library/Application Support/JetBrains/Toolbox/scripts:/Users/yy/.orbstack/bin:/Users/yy/go/bin
[12:09:29.156] Checking ssh with "ssh -V"
[12:09:29.164] > OpenSSH_9.7p1, LibreSSL 3.3.6
[12:09:29.165] Using SSH config file "/Users/yy/.coder/config"
[12:09:29.165] Running script with connection command: ssh -T -D 59011 -o ConnectTimeout=15 -F '/Users/yy/.coder/config' 'coder-vscode.coder.192.168.0.127.nip.io--admin--yy-2' bash
[12:09:29.309] > ssh: Could not resolve hostname coder-vscode.coder.192.168.0.127.nip.io--admin--yy-2: nodename nor servname provided, or not known
[12:09:29.310] Got some output, clearing connection timeout
[12:09:29.548] "install" terminal command done
[12:09:29.548] Install terminal quit with output: ssh: Could not resolve hostname coder-vscode.coder.192.168.0.127.nip.io--admin--yy-2: nodename nor servname provided, or not known
[12:09:29.548] Received install output: ssh: Could not resolve hostname coder-vscode.coder.192.168.0.127.nip.io--admin--yy-2: nodename nor servname provided, or not known
[12:09:29.550] Resolver error: Error: Could not resolve hostname
at g.Offline (/Users/yy/.vscode/extensions/ms-vscode-remote.remote-ssh-0.112.0/out/extension.js:2:499969)
at /Users/yy/.vscode/extensions/ms-vscode-remote.remote-ssh-0.112.0/out/extension.js:2:495628
at t.handleInstallOutput (/Users/yy/.vscode/extensions/ms-vscode-remote.remote-ssh-0.112.0/out/extension.js:2:496175)
at t.tryInstall (/Users/yy/.vscode/extensions/ms-vscode-remote.remote-ssh-0.112.0/out/extension.js:2:621085)
at async /Users/yy/.vscode/extensions/ms-vscode-remote.remote-ssh-0.112.0/out/extension.js:2:580730
at async t.withShowDetailsEvent (/Users/yy/.vscode/extensions/ms-vscode-remote.remote-ssh-0.112.0/out/extension.js:2:584036)
at async k (/Users/yy/.vscode/extensions/ms-vscode-remote.remote-ssh-0.112.0/out/extension.js:2:577649)
at async t.resolve (/Users/yy/.vscode/extensions/ms-vscode-remote.remote-ssh-0.112.0/out/extension.js:2:581407)
at async /Users/yy/.vscode/extensions/ms-vscode-remote.remote-ssh-0.112.0/out/extension.js:2:848023
[12:09:29.551] ------
[12:09:29.718] Opening exec server for ssh-remote+coder-vscode.coder.192.168.0.127.nip.io--admin--yy-2
[12:09:29.719] Initizing new exec server for ssh-remote+coder-vscode.coder.192.168.0.127.nip.io--admin--yy-2
[12:09:29.720] Using commit id "b1c0a14de1414fcdaa400695b4db1c0799bc3124" and quality "stable" for server
[12:09:29.721] Install and start server if needed
[12:09:31.539] getPlatformForHost was canceled
[12:09:31.539] Exec server for ssh-remote+coder-vscode.coder.192.168.0.127.nip.io--admin--yy-2 failed: Error: Connecting was canceled
[12:09:31.540] Error opening exec server for ssh-remote+coder-vscode.coder.192.168.0.127.nip.io--admin--yy-2: Error: Connecting was canceled
ls -lh .coder/config
-rwxrwxrwx 1 yy staff 0B Aug 5 12:02 .coder/config
@lingdie Can you post the contents of ~/.coder/config as well? Want to see if there is a Host coder-vscode.coder.192.168.0.127.nip.io--* or similar entry in there. Maybe it injected the wrong host or something.
Also if you could post the Coder extension log as well that would be awesome.
@code-asher Coder extension log:
The issue was resolved after I replaced the certificate. During the process, it can be observed that coder has very limited support for self-signed certificates.
Glad to see it resolved!
Yeah we do have a coder.insecure option in the plugin to bypass needing a properly signed certificate but I think it only works with http.proxySupport set to off or fallback otherwise VS Code just overrides our change.
In this case it looks like the self-signed certificate was also malformed, I am not sure if coder.insecure bypasses that as well or if this is a hard requirement from Electron.