vagrant
vagrant copied to clipboard
hashicorp
[email protected]: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
Hi,Authors!
Take some pictures first!!!
My operating system is win11, and the ssh I use comes with vagrant. private_key also has permissions.
My steps:
- download https://vagrantcloud.com/centos/boxes/7/versions/2004.01/providers/virtualbox/unknown/vagrant.box
- vagrant box add centos7 'file path for vagrant.box'
- vagrant up only these.
I've tried all kinds of methods but nothing works. I'm going crazy. help me ,thank you.
I read a lot of articles and tried a lot of methods. I reinstalled vagrant, but it still says I don’t have permission. Please help me.
Having the same issue, worked a few months ago ...
Solved it by adding this to the Vagrantfile:
config.ssh.insert_key = false
Having the same issue, worked a few months ago ...
Solved it by adding this to the Vagrantfile:
config.ssh.insert_key = false
@alexgit2k Thank you, thank you very much. I didn’t find similar answers on the Internet. I would like to know how you came to know this solution.
Found it here: https://www.devopsroles.com/vagrant-ssh-permission-denied-fixed/#How_do_fix_vagrant_ssh_Permission_denied
But actually without config.ssh.insert_key it should generate a new key, copy it into the virtual machine and vagrant ssh should work. So I think config.ssh.insert_key is just a workaround for an issue.
It seems that Vagrant is copying SSH key with wrong permissions to .vagrant/machines/<machine_name>/virtualbox folder. I am facing this issue too on Vagrant 2.3.1 or Vagrant 2.4.0. Changing config.ssh.insert_key is not solution for me.
Output from Vagrant SSH (Windows built-in):
Vagrant SSH outputs:
PS > vagrant ssh test_VM --debug
INFO ssh: Invoking SSH: C:\Windows\System32\OpenSSH\/ssh.EXE ["[email protected]", "-p", "2181", "-o", "LogLevel=FATAL", "-o", "Compression=yes", "-o", "DSAAuthentication=yes", "-o", "IdentitiesOnly=yes", "-o", "StrictHostKeyChecking=no", "-o", "UserKnownHostsFile=/dev/null", "-i", "C:/path/to/files/.vagrant/machines/test_VM/virtualbox/private_key"]
DEBUG safe_exec: Converting command and arguments to common UTF-8 encoding for exec.
DEBUG safe_exec: Command: `"C:\\Windows\\System32\\OpenSSH\\/ssh.EXE"` Args: `["[email protected]", "-p", "2181", "-o", "LogLevel=FATAL", "-o", "Compression=yes", "-o", "DSAAuthentication=yes", "-o", "IdentitiesOnly=yes", "-o", "StrictHostKeyChecking=no", "-o", "UserKnownHostsFile=/dev/null", "-i", "C:/path/to/files/.vagrant/machines/test_VM/virtualbox/private_key"]`
DEBUG safe_exec: Converted - Command: `"C:\\Windows\\System32\\OpenSSH\\/ssh.EXE"` Args: `["[email protected]", "-p", "2181", "-o", "LogLevel=FATAL", "-o", "Compression=yes", "-o", "DSAAuthentication=yes", "-o", "IdentitiesOnly=yes", "-o", "StrictHostKeyChecking=no", "-o", "UserKnownHostsFile=/dev/null", "-i", "C:/path/to/files/.vagrant/machines/test_VM/virtualbox/private_key"]`
[email protected]: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
PS > > C:\\Windows\\System32\\OpenSSH\\/ssh.EXE [email protected] -p 2181 -o Compression=yes -o DSAAuthentication=yes -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i C:/path/to/files/.vagrant/machines/test_VM/virtualbox/private_key
Warning: Permanently added '[127.0.0.1]:2181' (ED25519) to the list of known hosts.
Bad permissions. Try removing permissions for user: BUILTIN\\Users (S-1-5-32-545) on file C:/path/to/files/.vagrant/machines/test_VM/virtualbox/private_key.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions for 'C:/path/to/files/.vagrant/machines/test_VM/virtualbox/private_key' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "C:/path/to/files/.vagrant/machines/test_VM/virtualbox/private_key": bad permissions
[email protected]: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
It is happening on Debian / CentOS 7 boxes.
Environment: Vagrant: 2.3.1 (replicated also on 2.4.0) VirtualBox: 6.1.38 HOST: Windows 11 (OS Build: 22621.2861) PowerShell version: 7.4.0
NOTE:
I was able to fix this, by changing private key parameters for file C:/path/to/files/.vagrant/machines/test_VM/virtualbox/private_key. Click Properties -> Security -> Advanced -> Disable Inheritance. After that remove all other users except yours from Group or user names and have Read permissions set in Permissions for Users.
This need to be done manually for all new VMs.
I believe this issue is a duplicate of /hashicorp/vagrant/issues/13284.
Downgrading to 2.3.7 worked for me.
Hi there,
I have tried to replicate this behavior but have not been successful. After Vagrant writes the new private key it will then run the set_ssh_key_permissions capability if the host provides it. The Windows host plugin does provide this capability and runs this script that calls this function on the path to remove inherited permissions from the key file.
I set up a project locally with inheritance enabled on the drive, ran a vagrant up and after it was complete was able to vagrant ssh into the guest without issue. If I updated the permissions on the private key file manually to enable inheritance, I would then see the behavior being described.
I'm not exactly sure where the configuration discrepancy is that's providing me the expected behavior. If one of you could provide the following, it would be very helpful to try and determine the underlying cause of this behavior:
- run
vagrant up --debugand provide a gist of the entire output - after the above command is completed, take a screenshot of the advanced security properties and include it.
Thanks!
No problems for me anymore with new Vagrant version 2.4.1 which includes fix #13329 for #13284.
If anyone else is still facing this issue, try disabling synced folders.
In my case I was syncing the /home/vagrant directory which was clearing .ssh I guess.
This is what I had,
config.vm.synced_folder ".", "/home/vagrant/"
I changed it to
config.vm.synced_folder ".", "/home/vagrant/shared"
and that fixed the issue.
