Created
May 10, 2019 13:47
-
-
Save salderma/7fbd4a786c396cebfb568a464ac2eb8e to your computer and use it in GitHub Desktop.
vagrant ssh key selinux issue
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ vagrant up | |
Bringing machine 'default' up with 'virtualbox' provider... | |
==> default: Importing base box 'centos/7'... | |
==> default: Matching MAC address for NAT networking... | |
==> default: Checking if box 'centos/7' version '1902.01' is up to date... | |
==> default: Setting the name of the VM: centos7_default_1557494786617_24865 | |
==> default: Clearing any previously set network interfaces... | |
==> default: Preparing network interfaces based on configuration... | |
default: Adapter 1: nat | |
==> default: Forwarding ports... | |
default: 22 (guest) => 2222 (host) (adapter 1) | |
==> default: Booting VM... | |
==> default: Waiting for machine to boot. This may take a few minutes... | |
default: SSH address: 127.0.0.1:2222 | |
default: SSH username: vagrant | |
default: SSH auth method: private key | |
default: | |
default: Vagrant insecure key detected. Vagrant will automatically replace | |
default: this with a newly generated keypair for better security. | |
default: | |
default: Inserting generated public key within guest... | |
default: Removing insecure key from the guest if it's present... | |
default: Key inserted! Disconnecting and reconnecting using new SSH key... | |
==> default: Machine booted and ready! | |
==> default: Checking for guest additions in VM... | |
default: No guest additions were detected on the base box for this VM! Guest | |
default: additions are required for forwarded ports, shared folders, host only | |
default: networking, and more. If SSH fails on this machine, please install | |
default: the guest additions and repackage the box to continue. | |
default: | |
default: This is not an error message; everything may continue to work properly, | |
default: in which case you may ignore this message. | |
==> default: Rsyncing folder: /home/me/centos7/ => /vagrant | |
There was an error when attempting to rsync a synced folder. | |
Please inspect the error message below for more info. | |
Host path: /home/me/centos7/ | |
Guest path: /vagrant | |
Command: "rsync" "--verbose" "--archive" "--delete" "-z" "--copy-links" "--no-owner" "--no-group" "--rsync-path" "sudo rsync" "-e" "ssh -p 2222 -o LogLevel=FATAL -o ControlMaster=auto -o ControlPath=/tmp/vagrant-rsync-20190510-5578-8m3d3a -o ControlPersist=10m -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i '/home/me/centos7/.vagrant/machines/default/virtualbox/private_key'" "--exclude" ".vagrant/" "/home/me/centos7/" "vagrant@127.0.0.1:/vagrant" | |
Error: Permission denied (publickey,gssapi-keyex,gssapi-with-mic). | |
rsync: connection unexpectedly closed (0 bytes received so far) [sender] | |
rsync error: unexplained error (code 255) at io.c(226) [sender=3.1.2] | |
$ vagrant ssh-config | |
Host default | |
HostName 127.0.0.1 | |
User vagrant | |
Port 2222 | |
UserKnownHostsFile /dev/null | |
StrictHostKeyChecking no | |
PasswordAuthentication no | |
IdentityFile /home/me/centos7/.vagrant/machines/default/virtualbox/private_key | |
IdentitiesOnly yes | |
LogLevel FATAL | |
$ vagrant ssh | |
Permission denied (publickey,gssapi-keyex,gssapi-with-mic). | |
$ ls -lZ /home/me/centos7/.vagrant/machines/default/virtualbox/private_key | |
-rw-------. me me staff_u:object_r:user_home_t:s0 /home/me/centos7/.vagrant/machines/default/virtualbox/private_key | |
$ sudo grep ssh /var/log/audit/audit.log | grep denied | |
type=AVC msg=audit(1557495908.874:297528): avc: denied { open } for pid=24133 comm="ssh" path="/home/me/centos7/.vagrant/machines/default/virtualbox/private_key" dev="dm-6" ino=2214666941 scontext=staff_u:staff_r:ssh_t:s0-s0:c0.c1023 tcontext=staff_u:object_r:user_home_t:s0 tclass=file permissive=1 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment