Permission on key_factory.rb #580

scottwhitworth opened this Issue Dec 6, 2011 · 19 comments


None yet

8 participants


/Library/Ruby/Gems/1.8/gems/net-ssh-2.1.4/lib/net/ssh/key_factory.rb:38:in `read': Permission denied - /Library/Ruby/Gems/1.8/gems/vagrant-0.8.8/keys/vagrant (Errno::EACCES)

seems to be a reversion of


on 0.8.8. Reverting back to 0.8.7 via gem install vagrant --version=0.8.7 has everything running fine.

OS: OSX 10.7
VirtualBox: 4.1.6

Permissions seem to be okay (0644)

MBP:ssh scott$ ls -la
total 144
drwxr-xr-x  21 root  wheel    714 Dec  5 20:52 .
drwxr-xr-x   4 root  wheel    136 Dec  5 20:52 ..
drwxr-xr-x   8 root  wheel    272 Dec  5 20:52 authentication
-rw-r--r--   1 root  wheel  11074 Dec  5 20:52 buffer.rb
-rw-r--r--   1 root  wheel   6157 Dec  5 20:52 buffered_io.rb
-rw-r--r--   1 root  wheel   7370 Dec  5 20:52 config.rb
drwxr-xr-x   6 root  wheel    204 Dec  5 20:52 connection
-rw-r--r--   1 root  wheel   3177 Dec  5 20:52 errors.rb
-rw-r--r--   1 root  wheel   3751 Dec  5 20:52 key_factory.rb
-rw-r--r--   1 root  wheel   4472 Dec  5 20:52 known_hosts.rb
-rw-r--r--   1 root  wheel   2020 Dec  5 20:52 loggable.rb
-rw-r--r--   1 root  wheel   4522 Dec  5 20:52 packet.rb
-rw-r--r--   1 root  wheel   2970 Dec  5 20:52 prompt.rb
drwxr-xr-x   7 root  wheel    238 Dec  5 20:52 proxy
-rw-r--r--   1 root  wheel   1217 Dec  5 20:52 ruby_compat.rb
drwxr-xr-x   3 root  wheel    102 Dec  5 20:52 service
drwxr-xr-x  10 root  wheel    340 Dec  5 20:52 test
-rw-r--r--   1 root  wheel   3297 Dec  5 20:52 test.rb
drwxr-xr-x  15 root  wheel    510 Dec  5 20:52 transport
drwxr-xr-x   5 root  wheel    170 Dec  5 20:52 verifiers
-rw-r--r--   1 root  wheel   1901 Dec  5 20:52 version.rb

+1 - we're seeing this with 0.8.8 on Mac OSX and Linux (Fedora).


Seeing this, too. Though, I had to gem uninstall vagrant first, since gem install vagrant --version=0.8.7 didn't actually fix the issue for me.

oker1 commented Dec 6, 2011

The problem is with the vagrant private key, it's 600 instead of 644. I've seen this problem on mac os and linux.

To fix it on Mac OS:
sudo chmod 644 /Library/Ruby/Gems/1.8/gems/vagrant-0.8.8/keys/vagrant
On debian based linux distibutions:
sudo chmod 644 /usr/lib/gems/1.8/gems/vagrant-0.8.8/keys/vagrant


Hm, this is strange. The keys have to be 0600 for ssh to work directly, but I haven't changed the permissions so I'm not sure how anything would change. I have a feeling this has to do with installing via sudo but then vagrant ssh wouldn't work. Hm...

I'll continue looking.


Wow yeah I get really strange behavior when Vagrant is sudo installed. Marked as a bug and will be fixed.


Fixed: 05ae297

@mitchellh mitchellh closed this Dec 12, 2011

I'm still seeing this error with OS X 10.7 and vagrant 0.8.10


I'm seeing the same issue with osx 10.7 and vagrant 0.8.10.

default] Matching MAC address for NAT networking...
[default] Clearing any previously set forwarded ports...
[default] Forwarding ports...
[default] -- ssh: 22 => 2222 (adapter 1)
[default] Creating shared folders metadata...
[default] Running any VM customizations...
[default] Booting VM...
[default] Waiting for VM to boot. This can take a few minutes.
[default] Forcing shutdown of VM...
[default] Destroying VM and associated drives...
/opt/local/lib/ruby/gems/1.8/gems/net-ssh-2.1.4/lib/net/ssh/key_factory.rb:38:in `read': Permission denied -     /opt/local/lib/ruby/gems/1.8/gems/vagrant-0.8.10/keys/vagrant (Errno::EACCES)
    from /opt/local/lib/ruby/gems/1.8/gems/net-ssh-2.1.4/lib/net/ssh/key_factory.rb:38:in `load_private_key'
    from /opt/local/lib/ruby/gems/1.8/gems/net-ssh-2.1.4/lib/net/ssh/authentication/key_manager.rb:137:in `sign'
    from /opt/local/lib/ruby/gems/1.8/gems/net-ssh-2.1.4/lib/net/ssh/authentication/methods/publickey.rb:62:in `authenticate_with'
    from /opt/local/lib/ruby/gems/1.8/gems/net-ssh-2.1.4/lib/net/ssh/authentication/methods/publickey.rb:20:in `authenticate'
    from /opt/local/lib/ruby/gems/1.8/gems/thor-0.14.6/lib/thor/invocation.rb:118:in `invoke_task'
    from /opt/local/lib/ruby/gems/1.8/gems/thor-0.14.6/lib/thor.rb:263:in `dispatch'
    from /opt/local/lib/ruby/gems/1.8/gems/thor-0.14.6/lib/thor/base.rb:389:in `start'
    from /opt/local/lib/ruby/gems/1.8/gems/vagrant-0.8.10/bin/vagrant:26
    from /opt/local/bin/vagrant:19:in `load'
    from /opt/local/bin/vagrant:19

The following command seemed to fix.

sudo chmod 644 /opt/local/lib/ruby/gems/1.8/gems/vagrant-0.8.10/keys/vagrant


This issue is fixed in git, and will be part of the next release. For now please just do the chmod necessary:

sudo chmod 644 /opt/local/lib/ruby/gems/1.8/gems/vagrant-0.8.10/keys/vagrant

(Where the path to your key might be different)


Thank you mitchellh


Thanks mitchelih!


@mitchellh What's the proper keys/vagrant setup when user1 installed vagrant via 'sudo gem install vagrant' , but vagrant is meant to be used by both user1 and user2? (user2 won't have the copied key).

Also, I'm using vagrant-1.0.6, but I can't find the insecure_private_key anywhere in user1 home dir (also, there's no ~/.ssh). Where should it be copied to?


It is supposed to be copied to "~/.vagrant.d"


Odd, the key doesn't exist anywhere in ~/.vagrant.d , using vagrant-1.0.6 on RHEL6.

ls -al ~/.vagrant.d/
total 20
drwxr-xr-x 5 foo bar 4096 Feb 27 16:48 .
drwx------ 6 foo bar 4096 Feb 27 16:48 ..
drwxr-xr-x 2 foo bar 4096 Feb 27 16:48 boxes
drwxr-xr-x 2 foo bar 4096 Feb 27 16:48 gems
drwxr-xr-x 2 foo bar 4096 Feb 27 16:48 tmp


It should get created on a vagrant up? If that is not the case, can you get me the VAGRANT_LOG=debug output (gist it)


Gist created
It looks like the key can't be copied because of permission.

I installed vagrant using 'sudo gem install vagrant', so the key has 600 permission.
And then when I run vagrant without sudo, the key can't be accessed when it needs to be copied across to ~/.vagrant.d


This means 05ae297 assumes that the key will be accessible to be copied to ~/vagrant.d/, but that's not the case when vagrant is installed with 'gem install vagrant', but then it's run as non-root 'vagrant up'

The same error also shows up on 'vagrant --help', 'vagrant destroy', etc


Fixed! :)

cliffano commented Mar 2, 2013

Awesome :) Thanks @mitchellh

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment