This is a follow-up question to an earlier question. I've used the same Vagrantfile, but have commented out two lines I don't think are necessary.
I'm trying to ssh into my Vagrant box without using vagrant ssh. Below is my Vagrantfile and ssh configuration information:
Vagrantfile:
Vagrant.configure(2) do |config|
config.vm.provider "virtualbox" do |v|
v.memory = 6144
v.cpus = 2
v.name = "mb_vagrant"
end
config.vm.box = "ubuntu/trusty64"
config.vm.network :private_network, ip: "192.168.33.10"
config.ssh.forward_agent = true
# config.vm.provision :shell, path: "bootstrap.sh"
# config.vm.network :forwarded_port, host: 8001, guest: 8001
end
The output from vagrant ssh-config:
Host default
HostName 127.0.0.1
User vagrant
Port 2222
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile "/Users/mbigras/Google Drive/tmp/chef-repo/.vagrant/machines/default/virtualbox/private_key"
IdentitiesOnly yes
LogLevel FATAL
ForwardAgent yes
I've tried sshing into my machine with the following command:
$ ssh -i "/Users/mbigras/Google Drive/tmp/chef-repo/.vagrant/machines/default/virtualbox/private_key" -p 2222 vagrant#192.168.33.10
ssh: connect to host 192.168.33.10 port 2222: Connection refused
Also, as per the solution described in another answer, I've tried removing ~/.ssh/known_hosts before attempting to connect; however, it also doesn't work:
$ rm ~/.ssh/known_hosts
$ ssh -i "/Users/mbigras/Google Drive/tmp/chef-repo/.vagrant/machines/default/virtualbox/private_key" -p 2222 vagrant#192.168.33.10
ssh: connect to host 192.168.33.10 port 2222: Connection refused
What am I missing here?
Ssh service is bound to host machine's (i.e: 127.0.0.1) port 2222, but in the VM (guest machine) is still listening on port 22 (as the default port).
So, you should connect to port 22 on 192.168.33.10 or 2222 on 127.0.0.1. I.e:
$ ssh -i "<vagranfile-path>/.vagrant/machines/default/virtualbox/private_key" \
-p 22 vagrant#192.168.33.10
or
$ ssh -i "<vagranfile-path>/.vagrant/machines/default/virtualbox/private_key" \
-p 2222 vagrant#127.0.0.1
Also, it is not required to remove ~/.ssh/known_hosts file. Adding the following option will avoid host fingerprint check: -o UserKnownHostsFile=/dev/null
set the port forwarding section of vagrantfile like so:
# using a specific IP.
config.vm.network "private_network", ip: "192.168.56.101"
config.vm.network "forwarded_port", guest: 22, host: 2290
this will allow "normal" ssh into the the guest without go through vagrant ssh
Related
I know, this question has been asked a lot, but still I have problems using ssh proxy.
I have an EC2 server (running a simple web server) which is in a private network in aws. And have a jumphost to connect to it. jumphost is in a public network. Only way I can login in to the web server instance is through the jumphost.
So I have created ~/.ssh/config file in my local computer as below:
Host jumphost
Hostname <Retracted-Public-IP>
user ec2-user
IdentityFile /Users/jananath/.ssh/private-key.pem
I can log in to the jumphost as: ssh jumphost and it works.
And in the jumphost above I have configured ~/.ssh/config as below:
Host my-web-server
Hostname <Retracted-Private-IP>
user ec2-user
IdentityFile ~/.ssh/web-server-private-key.pem
And I can ssh into the web server (from jumphost) as ssh my-web-server and it works.
I don't want to log in to the jumphost everytime I need to log into the web server, so I tried proxying.
Therefore, I added another block to my local ~/.ssh/config file as below:
Host jumphost
Hostname <Retracted-Public-IP>
user ec2-user
IdentityFile /Users/jananath/.ssh/private-key.pem
Host my-web-server
ProxyCommand ssh jumphost -W %h:%p
And I tried: ssh my-web-server and it gives the below output:
kex_exchange_identification: Connection closed by remote host
Connection closed by UNKNOWN port 65535
Can someone help me fix this?
This should work :
Host my-web-server
ProxyCommand ssh jumphost nc %h %p
You can also try :
ssh -oProxyCommand="ssh -W %h:%p jumphost" my-web-server
Third command worth to try :
ssh -J jumphost my-web-server
Copy the public key of your local machine to ~/.ssh/authorized_keys of the remote machine and not just the jump server. This will enable passwordless login from the local machine using ssh -J. If your ip is ipv6 make the following modification in the config file of your local machine.
Host jumphost
Hostname Retracted-Public-IPv6
user ec2-user
IdentityFile /Users/jananath/.ssh/private-key.pem
Host my-web-server
ProxyCommand ssh jumphost -W %[h]:%p
I want to copy file from vagrant machine to my host machine to do that I'm using this command
scp -P 2222 vagrant#127.0.0.1:/home/vagrant/pjsip-build/lib/armeabi-v7a/libyuv.so .
but it gives me this error ssh: connect to host 127.0.0.1 port 2222: Connection refused
If i don't mention the port and just run this way
scp vagrant#127.0.0.1:/home/vagrant/pjsip-build/lib/armeabi-v7a/libyuv.so
it gives me error scp : home/vagrant/pjsip-build/lib/armeabi-v7a/libyuv.so: No such file or directory
So what's going wrong here? how can i copy file from guest to host machine.
EDIT:
MY ssh configuration is this
Host default
HostName 127.0.0.1
User vagrant
Port 2222
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile C:/Users/arfeen/.vagrant/machines/default/virtualbox/private_key
IdentitiesOnly yes
LogLevel FATAL
and when i do vagrant up my port forwarding is this
==> default: Preparing network interfaces based on configuration...
default: Adapter 1: nat
==> default: Forwarding ports...
default: 22 (guest) => 2222 (host) (adapter 1)s this
first issue - you probably have no one listening on 2222. it should not say port 22 as the P flag should call the 2222 port.
** after your correction - check that the port is open in iptables if you have blocking and check the sshd is listening on this port:
netstat -l
second - better use the src and dst:
scp vagrant#127.0.0.1:/home/vagrant/pjsip-build/lib/armeabi-v7a/libyuv.so .
(notice the . in the end that means copy to local folder)
and make sure the machine at 127.0.0.1 has the path: /home/vargant.... ect, and the user vargant has access to the so file.
I also can't understand why you use 127.0.0.1 - as this would be your own address. unless you use this to hide the real address of the server in question - or you local card is bridged, and then - did you change the listening port of ssh on the machine to 2222 ?
when you run vagrant up it should give you some indication (this is my own example, the port will differ for you)
xxxx
==> jenkins: Setting the name of the VM: jenkins
==> jenkins: Fixed port collision for 22 => 2222. Now on port 2205.
xxxx
==> jenkins: Forwarding ports...
jenkins: 22 (guest) => 2205 (host) (adapter 1)
In this case it runs ssh port on port 2205 on my host so I would need to run the scp -P 2205 ....
You can also review this information by running `vagrant ssh-config``
$ vagrant ssh-config
Host jenkins
HostName 127.0.0.1
User vagrant
Port 2205
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile /Users/fhenri/.vagrant.d/insecure_private_key
IdentitiesOnly yes
LogLevel FATAL
If your vagrant VM is running on your host machine (a.k.a. there's just one computer involved) you can transfer files by placing them in the "Synced folder" within vagrant.
When vagrant provisions a virtual machine, by default it links the /vagrant folder to whatever folder the vagrant file is located in. And by linked, I mean the /vagrant folder on the virtual machine contains all of the same stuff as the Vagrantfile folder on the host machine. Copying any files to that folder from either machine will make those files available on both machines.
By editing your vagrant file, you can add other folders that are synced in this manner. You can learn more by reading the vagrant docs on the topic here: https://www.vagrantup.com/docs/synced-folders/
I have a Vagrant box with public network configured.
What I can do:
from vbox ping another machine on the network
from another machine on the network ping the vbox
from host ping another machine on the network
from another machine on the network ping the host
What I can't do:
from vbox ping the host
from host ping the vbox
This is my Vagrantfile network part:
config.vm.network "public_network", auto_config: false
config.vm.provision "shell",
run: "always",
inline: "ifconfig eth1 192.168.0.20 netmask 255.255.255.0 up"
Not sure what I did wrong here...
That's weird, it should work with that. Anyway if that doesn't work perhaps the error is somewhere else in your Vagrantfile. Try manually setting the ip.
config.vm.network "public_network", ip: "192.168.0.23"
This is how I do in my vagrant box and works fine. Hope this help you.
I am running django project openstack on virtual box. ./run_tests.sh --runserver 0.0.0.0:808. This is responsible to start django project. This is running inside virtual-box, which is created by Vagrant. I want to access this result into my firefox running on the same machine, outside of vagrant.
When I run firefox in virtaul box it gives
Error: no display specified
How I will do that, please check Vagrantfile
# -*- mode: ruby -*-
# vi: set ft=ruby :
# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure(2) do |config|
# The most common configuration options are documented and commented below.
# For a complete reference, please see the online documentation at
# https://docs.vagrantup.com.
# Every Vagrant development environment requires a box. You can search for
# boxes at https://atlas.hashicorp.com/search.
config.vm.box = "centos7"
# Disable automatic box update checking. If you disable this, then
# boxes will only be checked for updates when the user runs
# `vagrant box outdated`. This is not recommended.
# config.vm.box_check_update = false
# Create a forwarded port mapping which allows access to a specific port
# within the machine from a port on the host machine. In the example below,
# accessing "localhost:8080" will access port 80 on the guest machine.
# config.vm.network "forwarded_port", guest: 80, host: 8080
# Create a private network, which allows host-only access to the machine
# using a specific IP.
# config.vm.network "private_network", ip: "192.168.33.10"
# Create a public network, which generally matched to bridged network.
# Bridged networks make the machine appear as another physical device on
# your network.
# config.vm.network "public_network"
# Share an additional folder to the guest VM. The first argument is
# the path on the host to the actual folder. The second argument is
# the path on the guest to mount the folder. And the optional third
# argument is a set of non-required options.
# config.vm.synced_folder "../data", "/vagrant_data"
# Provider-specific configuration so you can fine-tune various
# backing providers for Vagrant. These expose provider-specific options.
# Example for VirtualBox:
#
#config.vm.network "public_network", bridge: 'wlo1'
config.vm.network :"private_network", ip: "192.168.50.4"
config.vm.network :forwarded_port, guest: 8080, host: 8080
config.vm.network :forwarded_port, guest: 5000, host: 5000
config.vm.network :forwarded_port, guest: 8000, host: 8000
config.vm.network :forwarded_port, guest: 9000, host: 9000
config.vm.network :forwarded_port, guest: 9696, host: 9696
config.vm.network :forwarded_port, guest: 8774, host: 8774
config.vm.network :forwarded_port, guest: 35357, host: 35357
config.ssh.forward_x11 = true
config.ssh.insert_key = false
config.vm.provider "virtualbox" do |vb|
# Display the VirtualBox GUI when booting the machine
# vb.gui = true
#
# # Customize the amount of memory on the VM:
vb.memory = 3072
vb.cpus = 2
end
#
# View the documentation for the provider you are using for more
# information on available options.
# Define a Vagrant Push strategy for pushing to Atlas. Other push strategies
# such as FTP and Heroku are also available. See the documentation at
# https://docs.vagrantup.com/v2/push/atlas.html for more information.
# config.push.define "atlas" do |push|
# push.app = "YOUR_ATLAS_USERNAME/YOUR_APPLICATION_NAME"
# end
# Enable provisioning with a shell script. Additional provisioners such as
# Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
# documentation for more information about their specific syntax and use.
# config.vm.provision "shell", inline: <<-SHELL
# sudo apt-get update
# sudo apt-get install -y apache2
# SHELL
end
If you want to run graphical programs from your vm and forward to your host, its possible. I believe there are different ways but this is what I am using.
Install a X11 program on your host. On mac, you can install xquartz (http://xquartz.macosforge.org/landing/), on windows I am pretty sure there are equivalent but I am not familiar
configure your vm to do x forwarding, add the 2 parameters to your Vagrantfile
config.ssh.forward_agent = true
config.ssh.forward_x11 = true
start vagrant and when you execute firefox it will forward to your host
In my Vagrantfile I have the definition of my development machine with a private network ip of 192.168.33.10 and a forwarded port of "guest=80, host=8888", but when a run my vagrant enviroment and I try to run curl -i 192.168.33.10:8888 I get an error saying 'Failed connect to 192.168.33.10:8888; connection refused', but when I try to connect to 192.168.33.10:80 everything it's ok.
My Vagrantfile is:
Vagrant::configure("2") do |config|
config.vm.box = "precise32"
config.vm.define :web do |www|
www.vm.hostname = "apache"
www.ssh.max_tries = 10
www.vm.network :forwarded_port, guest: 80, host: 8888 # Apache port
www.vm.network :private_network, ip: "192.168.33.10"
www.vm.synced_folder "www", "/var/www", :extra => 'dmode=777,fmode=777'
end
end
Why this happens? is vagrant ignoring the forwarded port?
By default Vagrant Boxes use NAT mode, it means that the guests are behind a router (VirtualBox Networking engine between the host and the guest) which maps traffic from and to the virtual machine transparently. The guests are invisible and unreachable from the host.
That's why we need port forwarding. Otherwise services running on guest wont' be accessible.
In your case, you are using Private Network, the guest will be assigned a private IP address that ONLY the host can access, which is 192.168.33.10.
The proper way to access web hosted on the guest is => http://192.168.33.10 from the host.
You have the port forwarding part in the Vagrantfile
www.vm.network :forwarded_port, guest: 80, host: 8888 # Apache port
It is forwarding guest port 80 to your host's 8888. Because you are NOT using NAT mode I am pretty sure it will be ignored. Try to curl -Is http://localhost:8888.
NOTE: even if it still work somehow, you should be accessing web by => http://localhost:8888/ from your host.