action-upterm
action-upterm copied to clipboard
lhotari
Github ssh connection issues
Hey,
I'm not sure if the docs are unclear or something is wrong, but I couldn't use either limit-access-to-actor together with limit-access-to-users or limit-access-to-actor by itself (introduced in #8).
The ssh command I used was:
ssh -i ~/.ssh/gh_current_key b9mSRLZzh0Br3aVNmSNE:[email protected]
b9mSRLZzh0Br3aVNmSNE:[email protected]: Permission denied (publickey).
I also tried stripping the password string, as the connection string instruction in the docs is a little ambiguous.
ssh -i ~/.ssh/gh_current_key [email protected]
Connection closed by 157.230.199.75 port 22
To sanity check I tried doing an ssh connection test to github, which worked fine:
ssh -T -i ~/.ssh/gh_current_key [email protected]
Warning: remote port forwarding failed for listen port 2222
Hi Folcon! You've successfully authenticated, but GitHub does not provide shell access.
Not sure what the problem is or if this is an upstream issue...
Thanks for the report @Folcon . Do you see any log messages about fetching the ssh keys?
Example of the logs:
Adding actor "lhotari" to allowed users.
Fetching SSH keys registered with GitHub profiles: lhotari
Fetched 2 ssh public keys
If that's fine, it could be the type of the public keys that aren't accepted by the Upterm ssh server. What type of ssh key do you use? Is it RSA or ed25519? I believe legacy DSA keys might not be supported.
I see it's ed25519, https://github.com/Folcon.keys . Can you try adding a RSA key temporarily for testing?
Nope:
ssh -i ~/.ssh/gh_upterm_rsa h5NCmo8QbJciRl98apgZ:[email protected]
Connection closed by 157.230.199.75 port 22
Ok, it worked this time. Not sure if it's an intermittent issue, but it does work at the moment.
Ok, it worked this time. Not sure if it's an intermittent issue, but it does work at the moment.
I'll close the issue if it's resolved. It could also be a upterm server issue. It's possible to run your own upterm server on Heroku. I haven't tried that myself yet.
I also tried stripping the password string, as the connection string instruction in the docs is a little ambiguous.
btw. that doesn't seem to work at all and the connection will always fail in that case.
You might want to add an example connection string in the docs so it's clearer about what it should look like.
- Nilu
On Wed, 2 Feb 2022, 08:43 Lari Hotari, @.***> wrote:
Ok, it worked this time. Not sure if it's an intermittent issue, but it does work at the moment.
I'll close the issue if it's resolved. It could also be a upterm server issue. It's possible to run your own upterm server on Heroku. I haven't tried that myself yet.
I also tried stripping the password string, as the connection string instruction in the docs is a little ambiguous.
btw. that doesn't seem to work at all and the connection will always fail in that case.
— Reply to this email directly, view it on GitHub https://github.com/lhotari/action-upterm/issues/9#issuecomment-1027704363, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAA6BL5MOUMWOKTQWUN276DUZDVB7ANCNFSM5NBJL5WA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.
You are receiving this because you were mentioned.Message ID: @.***>
Same issue here - key seems to be accepted, but then connection is closed:
debug1: Will attempt key: /Users/jas88/.ssh/id_github2022 RSA SHA256:Wi4K402kNASQdMNFJqTpgxl3MqwXhXTiKkzs6lQsy/o explicit agent
debug1: SSH2_MSG_SERVICE_ACCEPT received
Connection closed by 157.230.199.75 port 22
No error or anything else - just a dead session.
Same issue here - key seems to be accepted, but then connection is closed:
debug1: Will attempt key: /Users/jas88/.ssh/id_github2022 RSA SHA256:Wi4K402kNASQdMNFJqTpgxl3MqwXhXTiKkzs6lQsy/o explicit agent
debug1: SSH2_MSG_SERVICE_ACCEPT received
Connection closed by 157.230.199.75 port 22No error or anything else - just a dead session.
@jas88 Does the connection get established when you don't limit access to specific github users?
@lhotari Yes - I removed the user list as a test, and it worked fine then. I've fixed the immediate issue I needed (turned out to be a regression in .Net 6.0.1's Kerberos handling, which was making our Github CI test hosts crash) - which was made much easier by having this action available, thank you.
Can confirm this issue is still occurring on ubuntu-latest.
ssh -i ~/.ssh/gh_rsa [email protected]
Connection closed by 157.230.199.75 port 22
Commenting here since this can help
I was trying this github action & was facing Connection closed by 157.230.199.75 port 22 when trying to ssh to ubuntu-latest github runner from my local machine . Upon further debugging came to know it was because of ssh-rsa public key being used (reference https://github.com/owenthereal/upterm/issues/93#issuecomment-1045387517)
Followed below steps , generating ed25519 key & using it for ssh to uptermd.upterm.dev worked fine for me.
ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C "yourusername@company"
ssh -i ~/.ssh/id_ed25519 <somestring>:<somestring>[email protected]
One of the commits removed the instructions for the workarounds: https://github.com/owenthereal/upterm/commit/0f410ca8f3f88119a570adf13dae37d9817ae894
Same issue. I'm not limiting connections to any actor. I can actually connect from a different computer. Is there anything regarding ssh keys that's required even if you don't restrict actors?
I solved it by adding an ssh key to Github. I had authenticated using only Github's CLI "gh" before