Reputation: 5526
use ssh private key from host in vagrant guest
I want to clone a bunch of private git repositories while provisioning a vagrant box. According to this article this should be possible using config.ssh.forward_agent = true. However, when trying to connect to github via something like ssh -T [email protected] -o StrictHostKeyChecking=no it fails with the following error:
Warning: Permanently added 'github.com,192.30.252.130' (RSA) to the list of known hosts. Permission denied (publickey).
I cut my configuration down to the simplest possible configuration. You can find it here: https://gist.github.com/TomTasche/31f7c45fcffc2997d43a
When I do "vagrant ssh" and try the same again, a similar error occurs:
Cloning into 'private-repositories'... Warning: Permanently added the RSA host key for IP address '192.30.252.130' to the list of known hosts. Permission denied (publickey). fatal: The remote end hung up unexpectedly
Edit: the configuration linked above does work on a host running Ubuntu, but does neither work on a Mac host, nor on a Windows host. My goal is to have a configuration that works on all these three hosts.
Upvotes: 20
Views: 23662
Answers (3)
Reputation: 562
It sounds like you may be hitting this particular bug: https://github.com/mitchellh/vagrant/issues/1735 (Despite it being "closed" it's actually not fixed)
On Windows, SSH Forwarding in Vagrant does not work properly by default (because of a bug in net-ssh).
However, there is a workaround or simple hack. You can auto-copy your local SSH key to the Vagrant VM via a simple provisioning script in your VagrantFile. Here's an example: https://github.com/mitchellh/vagrant/issues/1735#issuecomment-25640783
Upvotes: 6
Reputation: 467
Tom,
What you're doing is fairly generic in nature and I don't think is Vagrant specific.
Try some of the following to track down the issue:
- edit your
/etc/ssh/sshd_config - Set
LogLevel debug - Restart the sshd service
sudo service sshd restartor/etc/init.d/sshd restart tail -f /var/log/authlog-- note, the file may be something else like/var/log/authd.logor/var/log/secureor something.- Watch what happens when you connect. It should give you some indication of why it's failing.
Again sorry, I'm not that familiar with Vagrant but I'm wondering if the provisioning script is running as another user, in which case the agent forwarding may not work as expected?
Upvotes: 2
Reputation: 1800
Please check whether your host system has ssh-agent forwarding enabled. You can do so for example by adding this block to your ~/.ssh/config file:
Host *
ForwardAgent yes
If this is enabled vagrant ssh (and also vagrant provision) should be able to forward your key to the guest machine.
You also might want to check using ssh-add -l whether your ssh-agent does know about your SSH-key. If it is in the list and you have agent-forwarding activated you should have a success. Otherwise you can add the key to your ssh-agent by running ssh-add <path to your key file>.
Upvotes: 34
Related Questions
- How do I add my own public key to Vagrant VM?
- Vagrant ssh authentication failure
- Private key to connect to the machine via SSH must be owned by the user running Vagrant
- how to get vagrant public key?
- Vagrant prompting for password without using key
- Can't ssh to vagrant VMs using the insecure private key (vagrant 1.7.2)
- Vagrant ssh using username and password
- How to include and reference a custom ssh key in a vagrant base (baseline) box? (virtualbox)
- Vagrant, enable key-less SSH login
- vagrant: Share ssh folder between host and guest