Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Permission on key_factory.rb #580

Closed
scottwhitworth opened this Issue · 19 comments

8 participants

@scottwhitworth

/Library/Ruby/Gems/1.8/gems/net-ssh-2.1.4/lib/net/ssh/key_factory.rb:38:in `read': Permission denied - /Library/Ruby/Gems/1.8/gems/vagrant-0.8.8/keys/vagrant (Errno::EACCES)

seems to be a reversion of

#235

on 0.8.8. Reverting back to 0.8.7 via gem install vagrant --version=0.8.7 has everything running fine.

OS: OSX 10.7
VirtualBox: 4.1.6

Permissions seem to be okay (0644)

MBP:ssh scott$ ls -la
total 144
drwxr-xr-x  21 root  wheel    714 Dec  5 20:52 .
drwxr-xr-x   4 root  wheel    136 Dec  5 20:52 ..
drwxr-xr-x   8 root  wheel    272 Dec  5 20:52 authentication
-rw-r--r--   1 root  wheel  11074 Dec  5 20:52 buffer.rb
-rw-r--r--   1 root  wheel   6157 Dec  5 20:52 buffered_io.rb
-rw-r--r--   1 root  wheel   7370 Dec  5 20:52 config.rb
drwxr-xr-x   6 root  wheel    204 Dec  5 20:52 connection
-rw-r--r--   1 root  wheel   3177 Dec  5 20:52 errors.rb
-rw-r--r--   1 root  wheel   3751 Dec  5 20:52 key_factory.rb
-rw-r--r--   1 root  wheel   4472 Dec  5 20:52 known_hosts.rb
-rw-r--r--   1 root  wheel   2020 Dec  5 20:52 loggable.rb
-rw-r--r--   1 root  wheel   4522 Dec  5 20:52 packet.rb
-rw-r--r--   1 root  wheel   2970 Dec  5 20:52 prompt.rb
drwxr-xr-x   7 root  wheel    238 Dec  5 20:52 proxy
-rw-r--r--   1 root  wheel   1217 Dec  5 20:52 ruby_compat.rb
drwxr-xr-x   3 root  wheel    102 Dec  5 20:52 service
drwxr-xr-x  10 root  wheel    340 Dec  5 20:52 test
-rw-r--r--   1 root  wheel   3297 Dec  5 20:52 test.rb
drwxr-xr-x  15 root  wheel    510 Dec  5 20:52 transport
drwxr-xr-x   5 root  wheel    170 Dec  5 20:52 verifiers
-rw-r--r--   1 root  wheel   1901 Dec  5 20:52 version.rb
@gregharvey

+1 - we're seeing this with 0.8.8 on Mac OSX and Linux (Fedora).

@lmorchard

Seeing this, too. Though, I had to gem uninstall vagrant first, since gem install vagrant --version=0.8.7 didn't actually fix the issue for me.

@oker1

The problem is with the vagrant private key, it's 600 instead of 644. I've seen this problem on mac os and linux.

To fix it on Mac OS:
sudo chmod 644 /Library/Ruby/Gems/1.8/gems/vagrant-0.8.8/keys/vagrant
On debian based linux distibutions:
sudo chmod 644 /usr/lib/gems/1.8/gems/vagrant-0.8.8/keys/vagrant

@mitchellh
Owner

Hm, this is strange. The keys have to be 0600 for ssh to work directly, but I haven't changed the permissions so I'm not sure how anything would change. I have a feeling this has to do with installing via sudo but then vagrant ssh wouldn't work. Hm...

I'll continue looking.

@mitchellh
Owner

Wow yeah I get really strange behavior when Vagrant is sudo installed. Marked as a bug and will be fixed.

@mitchellh
Owner

Fixed: 05ae297

@mitchellh mitchellh closed this
@jravetch

I'm still seeing this error with OS X 10.7 and vagrant 0.8.10

@JoeJasinski

I'm seeing the same issue with osx 10.7 and vagrant 0.8.10.

default] Matching MAC address for NAT networking...
[default] Clearing any previously set forwarded ports...
[default] Forwarding ports...
[default] -- ssh: 22 => 2222 (adapter 1)
[default] Creating shared folders metadata...
[default] Running any VM customizations...
[default] Booting VM...
[default] Waiting for VM to boot. This can take a few minutes.
[default] Forcing shutdown of VM...
[default] Destroying VM and associated drives...
/opt/local/lib/ruby/gems/1.8/gems/net-ssh-2.1.4/lib/net/ssh/key_factory.rb:38:in `read': Permission denied -     /opt/local/lib/ruby/gems/1.8/gems/vagrant-0.8.10/keys/vagrant (Errno::EACCES)
    from /opt/local/lib/ruby/gems/1.8/gems/net-ssh-2.1.4/lib/net/ssh/key_factory.rb:38:in `load_private_key'
    from /opt/local/lib/ruby/gems/1.8/gems/net-ssh-2.1.4/lib/net/ssh/authentication/key_manager.rb:137:in `sign'
    from /opt/local/lib/ruby/gems/1.8/gems/net-ssh-2.1.4/lib/net/ssh/authentication/methods/publickey.rb:62:in `authenticate_with'
    from /opt/local/lib/ruby/gems/1.8/gems/net-ssh-2.1.4/lib/net/ssh/authentication/methods/publickey.rb:20:in `authenticate'
     ....
    from /opt/local/lib/ruby/gems/1.8/gems/thor-0.14.6/lib/thor/invocation.rb:118:in `invoke_task'
    from /opt/local/lib/ruby/gems/1.8/gems/thor-0.14.6/lib/thor.rb:263:in `dispatch'
    from /opt/local/lib/ruby/gems/1.8/gems/thor-0.14.6/lib/thor/base.rb:389:in `start'
    from /opt/local/lib/ruby/gems/1.8/gems/vagrant-0.8.10/bin/vagrant:26
    from /opt/local/bin/vagrant:19:in `load'
    from /opt/local/bin/vagrant:19

The following command seemed to fix.

sudo chmod 644 /opt/local/lib/ruby/gems/1.8/gems/vagrant-0.8.10/keys/vagrant

@mitchellh
Owner

This issue is fixed in git, and will be part of the next release. For now please just do the chmod necessary:

sudo chmod 644 /opt/local/lib/ruby/gems/1.8/gems/vagrant-0.8.10/keys/vagrant

(Where the path to your key might be different)

@JoeJasinski

Thank you mitchellh

@jravetch

Thanks mitchelih!

@cliffano

@mitchellh What's the proper keys/vagrant setup when user1 installed vagrant via 'sudo gem install vagrant' , but vagrant is meant to be used by both user1 and user2? (user2 won't have the copied key).

Also, I'm using vagrant-1.0.6, but I can't find the insecure_private_key anywhere in user1 home dir (also, there's no ~/.ssh). Where should it be copied to?

@mitchellh
Owner

It is supposed to be copied to "~/.vagrant.d"

@cliffano

Odd, the key doesn't exist anywhere in ~/.vagrant.d , using vagrant-1.0.6 on RHEL6.

ls -al ~/.vagrant.d/
total 20
drwxr-xr-x 5 foo bar 4096 Feb 27 16:48 .
drwx------ 6 foo bar 4096 Feb 27 16:48 ..
drwxr-xr-x 2 foo bar 4096 Feb 27 16:48 boxes
drwxr-xr-x 2 foo bar 4096 Feb 27 16:48 gems
drwxr-xr-x 2 foo bar 4096 Feb 27 16:48 tmp

@mitchellh
Owner

It should get created on a vagrant up? If that is not the case, can you get me the VAGRANT_LOG=debug output (gist it)

@cliffano

Gist created https://gist.github.com/cliffano/5054305
It looks like the key can't be copied because of permission.

I installed vagrant using 'sudo gem install vagrant', so the key has 600 permission.
And then when I run vagrant without sudo, the key can't be accessed when it needs to be copied across to ~/.vagrant.d

@cliffano

This means 05ae297 assumes that the key will be accessible to be copied to ~/vagrant.d/, but that's not the case when vagrant is installed with 'gem install vagrant', but then it's run as non-root 'vagrant up'

The same error also shows up on 'vagrant --help', 'vagrant destroy', etc

@mitchellh
Owner

Fixed! :)

@cliffano

Awesome :) Thanks @mitchellh

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.