terraform ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

Question

I can't figure out where is it trying to connect via SSH? Into the newly deployed resource?

How can diagnose this error in more detail?

Error: Error applying plan:

1 error occurred:
    * module.deploy_nixos.null_resource.deploy_nixos: timeout - last error: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

data "google_compute_network" "default" {
  name = "default"
}

resource "google_compute_firewall" "deploy-nixos" {
  name    = "deploy-nixos"
  network = "${data.google_compute_network.default.name}"

  allow {
    protocol = "icmp"
  }

  // Allow SSH access
  allow {
    protocol = "tcp"
    ports    = ["22", "80", "443"]
  }

  source_tags = ["nixos"]
}

resource "google_compute_instance" "deploy-nixos" {
  name         = "deploy-nixos-example"
  machine_type = "g1-small"
  zone         = "europe-west2-a"
  # region      = "eu-west2"

  // Bind the firewall rules
  tags = ["nixos"]

  boot_disk {
    initialize_params {
      // Start with an image the deployer can SSH into
      image = "${module.nixos_image_custom.self_link}"
      size  = "25"
    }
  }

  network_interface {
    network = "default"

    // Give it a public IP
    access_config {}
  }

  lifecycle {
    // No need to re-deploy the machine if the image changed
    // NixOS is already immutable
    ignore_changes = ["boot_disk"]
  }
}

module "deploy_nixos" {
  source = "../../deploy_nixos"

  // Deploy the given NixOS configuration. In this case it's the same as the
  // original image. So if the configuration is changed later it will be
  // deployed here.
  nixos_config = "${path.module}/image_nixos_custom.nix"

  target_user = "root"
  target_host = "${google_compute_instance.deploy-nixos.network_interface.0.access_config.0.nat_ip}"

  triggers = {
    // Also re-deploy whenever the VM is re-created
    instance_id = "${google_compute_instance.deploy-nixos.id}"
  }
}

With debug output:

module.deploy_nixos.null_resource.deploy_nixos: Creating...
  triggers.%:                 "" => "3"
  triggers.deploy_nixos_drv:  "" => "/nix/store/0dmz6dhqbk1g6ni3b92l95s377zbikaz-nixos-system-unnamed-19.03.172837.6c3826d1c93.drv"
  triggers.deploy_nixos_keys: "" => "44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a"
  triggers.instance_id:       "" => "deploy-nixos-example"
module.deploy_nixos.null_resource.deploy_nixos: Provisioning with 'file'...
2019-06-08T22:31:00.030Z [DEBUG] plugin.terraform: file-provisioner (internal) 2019/06/08 22:31:00 [DEBUG] connecting to TCP connection for SSH
2019-06-08T22:31:00.041Z [DEBUG] plugin.terraform: file-provisioner (internal) 2019/06/08 22:31:00 [DEBUG] handshaking with SSH
2019-06-08T22:31:00.119Z [DEBUG] plugin.terraform: file-provisioner (internal) 2019/06/08 22:31:00 [WARN] ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
2019-06-08T22:31:00.119Z [DEBUG] plugin.terraform: file-provisioner (internal) 2019/06

Answer 1

Make sure your ssh key is added.

ssh-add ~/.ssh/id_rsa 

Answer 2

Check the source of module (source = "../../deploy_nixos") null_resource may be defined there(It is not shown in the question here). you may have used terraform remote_exec or file provisioner there and you need to check connection properties in that.

Sample Terraform connection properties looks like below

provisioner "file" {
  source      = "conf/myapp.conf"
  destination = "/etc/myapp.conf"

  connection {
    type     = "ssh"
    user     = "root"
    password = "${var.root_password}"
  }
}

For more details check : https://www.terraform.io/docs/provisioners/connection.html