bolt icon indicating copy to clipboard operation
bolt copied to clipboard
verified publisher icon puppetlabs

Ubuntu 22.04 Support

Open asa1 opened this issue 3 years ago • 9 comments

Use Case

Ubuntu 22.04 is an LTS release, and it has been out for 6 months now. Puppet-agent has supported 22.04 since August.

Describe the Solution You Would Like

Ideally support for Ubuntu LTS releases as they are released.

Describe Alternatives You've Considered

Switching back to ansible :)

asa1 avatar Oct 13 '22 16:10 asa1

When I try to connect to a server running Ubuntu 22.04 sshd rejects the connection:

❯➜ bolt command run "hostname" --targets 10.20.30.40
Started on 10.20.30.40..
all authorization methods failed (tried none, publickey)
Failed on 10.20.30.40:
  Authentication failed for user [email protected]
Failed on 1 target: 10.20.30.40
Ran on 1 target in 0.31 sec

sshd[49309]: userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]

When I use bolt with the --native-ssh flag the command works fine.

I guessed there is an Issue with Net::SSH but this fine as well:

require '/opt/puppetlabs/bolt/lib/ruby/gems/2.7.0/gems/net-ssh-6.1.0/lib/net/ssh/'

Net::SSH.start('10.20.30.40', 'user') do |ssh|
  res = ssh.exec!("hostname")
  puts res
end

There are two workarounds:

  1. Use a ECDSA keypair for authentication
  2. Allow ssh-rsa keys in the servers sshd_config: PubkeyAcceptedAlgorithms +ssh-rsa

moritz-makandra avatar Oct 28 '22 12:10 moritz-makandra

Could someone comment on if Ubuntu support is planned going forward, and if so, when?

Thank you

asa1 avatar Nov 16 '22 20:11 asa1

We are working on getting packages built today. Should be included in bolt 3.26.2.

donoghuc avatar Nov 16 '22 21:11 donoghuc

Thank you!!!

asa1 avatar Nov 16 '22 22:11 asa1

This issue has not had activity for 60 days and will be marked as stale. If this issue continues to have no activity for 7 days, it will be closed.

github-actions[bot] avatar Jan 16 '23 00:01 github-actions[bot]

I am on bolt 3.26.2 and experiencing this issue. The puppet servers is on 18.04 and can't connect to newly built 22.04 clients. Yet it can with the native ssh.

swells-ac avatar Feb 09 '23 20:02 swells-ac

Ubuntu 22.04 has been released but to confirm @swells-ac is this still an issue you are experiencing ?

davidsandilands avatar Jun 20 '24 09:06 davidsandilands

I just ran it and it is saying a fingerprint doesn't match. Which is probably just a cache issue. I don't get the error with native ssh option. Host is on ubuntu 20 this only happens against the ubuntu 22 hosts. We are still using rsa. And the clients have been upgraded from older version. I would say it is fixed and the error I am getting now is just from upgrading and something needs to be cleaned up.

swells-ac avatar Jun 20 '24 13:06 swells-ac

I still experience this issue with bolt 3.30.0. We just managed to get this to work by updating the net-ssh version shipped with bolt. It comes (at least on windows) with 6.1.0. Doing a manual gem update net-ssh, which installed 7.2.3, got rid of this error.

knorx avatar Jul 01 '24 11:07 knorx