Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Private Key change permissions 0600 #988

Closed
creativefriend-au opened this issue Sep 14, 2016 · 12 comments
Closed

Private Key change permissions 0600 #988

creativefriend-au opened this issue Sep 14, 2016 · 12 comments
Labels
type:question

Comments

@creativefriend-au
Copy link

Hi,
I'm trying to install Vagrant and this error keeps coming up but I'm not sure how to change the permissions:

The private key to connect to this box via SSH has invalid permissions
set on it. The permissions of the private key should be set to 0600, otherwise SSH will
ignore the key. Vagrant tried to do this automatically for you but failed. Please set the
permissions on the following file to 0600 and then try running this command again:
@LoreleiAurora
Copy link
Contributor

Try running chmod 0600 .vagrant/machines/default/virtualbox/private_key from the VVV root.

@xhiza
Copy link

xhiza commented Feb 23, 2018

move private_key out of NFS drive and create a soft link towards old location (don’t forget to chmod original key)

@tomjn
Copy link
Member

tomjn commented Feb 24, 2018

It's not supposed to be outside of the machine for security reasons. This was likely because of an older version of Vagrant, it was a bug a while back that it would not set the key properly

@nontro
Copy link

nontro commented May 17, 2018

@xhiza the soft link worked perfectly for me

@tomjn
Copy link
Member

tomjn commented May 17, 2018

Recreating the VM with a vagrant destroy && vagrant up --provision would be better. No user should ever have to touch the key file as it's an internal Vagrant thing

I suspect some users might do so in order to use SSH auth, but that is a dangerous thing to do, and not the way it should be fixed. SSH key forwarding is the answer, and turned on by default, it allows the hosts ssh key to be used inside the VM

@nikhilbansal97
Copy link

@xhiza Can you explain more on why did we have to do this??

@nontro
Copy link

nontro commented Jun 14, 2018

@nikhilbansal97
It was because was impossibile to change the permission on the key in the original position.

@tomjn
Copy link
Member

tomjn commented Jun 15, 2018

I'd like to reiterate that there are no circumstances under which one should need to or want to touch or change things regarding SSH keys and the VM. If you can run ssh and connect on the host, it should work on the guest without changes via SSH forwarding. Any other method is dangerous, unsupported, unreliable, and could break your VM.

If SSH forwarding is non-functional, upgrade to the latest VVV Vagrant and VirtualBox, reboot, reprovision, and if that does not fix the issue, create a new issue here.

@nontro
Copy link

nontro commented Jun 15, 2018
edited
Loading

ok there is just one circumstance where if you get this message :

The private key to connect to this box via SSH has invalid permissions set on it. The permissions of the private key should be set to 0600, otherwise SSH will ignore the key. Vagrant tried to do this automatically for you but failed. Please set the permissions on the following file to 0600 and then try running this command again:

you can solve with a soft link and changing the permission in the original file.
It's a trick but it works

and nothing happened at the VM

@metagrapher
Copy link

metagrapher commented Jan 7, 2020
edited
Loading

I'd like to reiterate that there are no circumstances under which one should need to or want to touch or change things regarding SSH keys and the VM.

No Circumstances Whatsoever?
Are you 100% sure?
What about in a WSL situation wherein literally nothing is able to set the proper permissions, thereby making Vagrant simply not work?
it does seem like that might be more than "no circumstances".

telling people not to use the solutions or to reinstall or upgrade, the latter of which is hard to do from the latest version of the software, is not really a workable solution/workaround.

Now, @tomjn since you are so certain that fixing this in this fashion is a terrible idea, and I do trust your expertise, I would be SUPER INTERESTED in a safe way to fix this, taking into consideration all the factors and implications of a Linux->WSL->Windows->VM workflow, please.
In the current state, setting the permissions on this do not work.

@metagrapher
Copy link

Hrm. It looks like this may also be a solution for anyone coming across this issue...
hashicorp/vagrant#8742 (comment)

@tomjn
Copy link
Member

tomjn commented Jan 7, 2020
edited
Loading

@metagrapher I believe you've misread my comment addressing SSH port forwarding. It appears you've encountered edge cases in Vagrant itself, and you found a solution that doesn't involve messing with keys.

As I said, if you're able to run vagrant ssh and enter the VM, then you should be able to SSH to all the things inside the VM that you can SSH to outside the VM, assuming SSH Agents are working correctly.

Also remember this is the VVV project, not the Hashicorp Vagrant project.

If someone does come across this particular issue, in VVV, with modern Vagrant versions, please open a new issue, and include all the information the ticket asks for, such as the splash screen, provisioner output, etc

@Varying-Vagrant-Vagrants Varying-Vagrant-Vagrants locked as off-topic and limited conversation to collaborators Jan 7, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
type:question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@tomjn @jeremyfelt @LoreleiAurora @xhiza @creativefriend-au @nontro @nikhilbansal97 @metagrapher