I am trying to SFTP a Debian-7-Wheezy-V20140807 Instance on Google Compute Engine from Windows 7, 64 Bit Client.
Finally my problem got solved using this
Also in Windows I first installed Cygwin and then used set the Environment Variable CLOUDSDK_PYTHON to python instead of C:\python27\python.exe
and finally from cygwin ran this
curl https://sdk.cloud.google.com | bash
All the instructions below are symptoms. First i tried Filezilla, which errors out with message
Status: Waiting to retry...
Status: Connecting to 23.xx.xx.xx..
Response: fzSftp started
Command: open "Abdul#23.236.51.19" 22
Error: Disconnected: No supported authentication methods available (server sent: publickey)
Error: Could not connect to server
User :root
password :
<same as passphrase set up on running SSH key>
I have also tried gcloud compute copy-files
gcloud compute copy-files deccan4-clone:/etc/ssh/ssh_host_rsa_key.pub ssh_host_rsa_key.pub --zone=us-central1-b
ssh_host_rsa_key.pub: **Permission denied
ERROR**: (gcloud.compute.copy-files) exit code 1: /usr/bin/scp -i /home/Abdul/.ssh/google_compute_engine
sudo gcloud compute copy-files deccan4-clone:/etc/ssh/ssh_host_rsa_key.pub ssh_host_rsa_key.pub --zone=us-central1-b
WARNING: You do not have an SSH key for Google Compute Engine.
WARNING: ssh-keygen will be executed to generate a key.
This tool needs to create the directory /root/.ssh before being able
to generate SSH keys.
Do you want to continue (Y/n)? Y
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/google_compute_engine.
Your public key has been saved in /root/.ssh/google_compute_engine.pub.
The key fingerprint is:
root#deccan4-clone
**ERROR: (gcloud.compute.copy-files) some requests did not succeed:
- Insufficient Permission**
I have also tried
Abdul#deccan4-clone:/home/a_rahman_synergywell_com$ gcloud compute copy-files de ccan4-clone:test.txt test.txt --zone=us-central1-b
scp: test.txt: No such file or directory
ERROR: (gcloud.compute.copy-files) exit code 1: /usr/bin/scp -i /home/Abdul/.ssh
/google_compute_engine -r Abdul#23.236.51.19:test.txt test.txt
Please let me know if I am missing some key setup.
Related
I'm new on cloud computing and I'm trying to use SSH to control my VM instance but when I use command (with debug)
gcloud compute ssh my-instance-name --verbosity=debug
it's show error
DEBUG: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code
[255]. Traceback (most recent call last): File
"/google/google-cloud-sdk/lib/googlecloudsdk/calliope/cli.py", line
983, in Execute
resources = calliope_command.Run(cli=self, args=args) File "/google/google-cloud-sdk/lib/googlecloudsdk/calliope/backend.py",
line 784, in Run
resources = command_instance.Run(args) File "/google/google-cloud-sdk/lib/surface/compute/ssh.py", line 262, in
Run
return_code = cmd.Run(ssh_helper.env, force_connect=True) File "/google/google-cloud-sdk/lib/googlecloudsdk/command_lib/util/ssh/ssh.py",
line 1256, in Run
raise CommandError(args[0], return_code=status) CommandError: [/usr/bin/ssh] exited with return code [255]. ERROR:
(gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255].
I try to solve the problem in this link but it's not work
https://groups.google.com/forum/#!topic/gce-discussion/O-c10TM4ZLM
SSH error code 255 is a general error returned by GCP. You can try one of the following options.
1. Wait a few minutes and try again. It is possible that:
The instance has not finished starting up.
Metadata for SSH keys has not finished being propagated to the project or instance.
The Guest Environment has not yet read the SSH keys metadata.
2. Verify that SSH access to the instance is not blocked by a firewall.
gcloud compute firewall-rules list | grep "tcp:22"
If necessary, create a firewall rule to allow TCP 22 for a given VPC network, subnet, or instance tag.
gcloud compute firewall-rules create ssh-allow-incoming --priority=0 --allow=tcp:22 --network=[VPC-Network]
3. Make sure that the root volume is not out of disk space. Messages like the following will be visible in the console log when it is out of disk space:
...No space left on device...
...google-accounts: ERROR Exception calling the response handler.
[Errno 2] No usable temporary directory found in ['/tmp', '/var/tmp',
'/usr/tmp', '/']...
4. Make sure that the instance has not run out of memory
5. Verify that temporary SSH Keys metadata is set for either the project or instance.
Finally you could follow any of their supported or third-party methods
Assuming you have the correct IAM permissions, it is much easier and preferred by GCP to use OSlogin to ssh into an instance, rather than manage ssh keys
in cloud shell, enter this
gcloud compute --project PROJECTID project-info add-metadata --metadata enable-oslogin=TRUE
This enables OSLogin on all instances in a project, instead of using ssh keys gcp will check your IAM permissions and authenticate based on those.
If you are not project owner, make sure you have the compute.osloginviewer or admin permissions in Cloud IAM
Once enables, try SSHing into the instance again using the command you posted.
This is not a concrete answer but I think at first you should set your project by :
gcloud config set project PROJECT_ID
Then
gcloud compute ssh my-instance-name --verbosity=debug
This link would be useful:
https://cloud.google.com/sdk/gcloud/reference/compute/ssh
Last night I setup Pass Password Manager. I used gpg2, and followed this tutorial. I didn't implement git integration. Everything worked successfully. To view my password I had to enter my master key, exactly like how I want it. This morning I try to use pass. In my terminal I typed in
pass account/adobe/my#email.com
I get the following error:
gpg: decryption failed: No secret key
It didn't ask me to enter my master key. I tried restarting gpg-agent, I tried editing ~/.gnupg/gpg-agent.conf, but nothing is working.
This is how my ~/.gnupg/gpg-agent.conf looks like:
default-cache-ttl 28800
# 8 hours
pinentry-program /usr/bin/pinentry-curses
allow-loopback-pinentry
I should mention that I am using Linux Subsystem on Windows 10.
I put this in ~/.gnupg/gpg-agent.conf :
default-cache-ttl 3153600000
pinentry-program /usr/bin/pinentry-curses
allow-loopback-pinentry
After enter the following commands:
$ gpgconf --kill gpg-agent
$ gpg-connect-agent /bye
I am connecting to a remote server with the following code:
ssh = paramiko.SSHClient()
ssh.load_system_host_keys()
ssh.set_missing_host_key_policy(paramiko.WarningPolicy())
ssh.connect(
hostname=settings.HOSTNAME,
port=settings.PORT,
username=settings.USERNAME,
)
When I'm on local server A, I can ssh onto the remote from the command line, suggesting it is in known_hosts. And the code works as expected.
On local server B, I can also ssh onto the remote from the command line. But when I try to use the above code I get:
/opt/mysite/virtualenv/lib/python3.5/site-packages/paramiko/client.py:763: UserWarning: Unknown ssh host key for [hostname]:22: b'12345'
key.get_fingerprint())))
...
File "/opt/mysite/virtualenv/lib/python3.5/site-packages/paramiko/client.py", line 416, in connect
look_for_keys, gss_auth, gss_kex, gss_deleg_creds, t.gss_host,
File "/opt/mysite/virtualenv/lib/python3.5/site-packages/paramiko/client.py", line 702, in _auth
raise SSHException('No authentication methods available')
paramiko.ssh_exception.SSHException: No authentication methods available
Unlike "SSH - Python with paramiko issue" I am using both load_system_host_keys and WarningPolicy, so I should not need to programatically add a password or key (and I don't need to on local server A).
Is there some system configuration step I've missed?
Try to use the fabric (this is written based on invoke + paramiko) instead of the paramiko and set the following parameters:
con = fabric.Connection('username#hostname' ,connect_kwargs={'password': 'yourpassword', 'allow_agent': False}
If it's keep falling, try to check if your password is still valid and you're not required to change your password.
I tested with the wrong user on local server B. The user running the Python process did not have ssh permissions after all. (Command line ssh failed for that user.) Once I gave it permissions, the connection worked as expected.
I'm trying to run 'hoogle data', and I get this as the output :
Downloading downloads/base.txt
# base.txt (for downloads/base.txt)
ERROR: cannot verify www.haskell.org's certificate, issued by '/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA - G2':
Issued certificate has expired.
To connect to www.haskell.org insecurely, use `--no-check-certificate'.
hoogle: Error when running Shake build system:
* default.hoo
* platform.hoo
* mtl.hoo
* base.txt
* downloads/base.txt.cache
* downloads/base.txt
Development.Shake.command, system command failed
Command: wget -nv http://www.haskell.org/hoogle/base.txt --output-document=downloads/base.txt
Exit code: 5
Stderr:
ERROR: cannot verify www.haskell.org's certificate, issued by '/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA - G2':
Issued certificate has expired.
To connect to www.haskell.org insecurely, use `--no-check-certificate'.
I'm not sure what to do, last time I ran hoogle data it just worked and generated everything, but I can't figure out how to get around this error.
To get around this problem, try creating a wrapper for wget:
I'll assume your installed wget is located at /usr/bin/wget
Save this file as wget somewhere in your $PATH and make sure it is executable:
#!/bin/sh
/usr/bin/wget --no-check-certificate "$#"
Now retry your hoogle command.
I'm trying to connect to a windows azure instance using fabric, but despite I configure ssh conection to execute commands, fabric keeps asking for password.
This is my fabric file:
def azure1():
env.hosts = ['host.cloudapp.net:60770']
env.user = 'adminuser'
env.key_filename = './azure.key'
def what_is_my_name():
run('whoami')
I run it as:
fab -f fabfile.py azure1 what_is_my_name
or
fab -k -f fabfile.py -i azure.key -H adminuser#host.cloudapp.net:60770 -p password what_is_my_name
But nothing worked, it keeps asking for user password despite I enter it correctly.
Executing task 'what_is_my_name'
run: whoami
Login password for 'adminuser':
Login password for 'adminuser':
Login password for 'adminuser':
Login password for 'adminuser':
If I try to connect directly with ssh, it works perfectly.
ssh -i azure.key -p 60770 adminuser#host.cloudapp.net
I've tried the advises given in other questions (q1 q2 q3) but nothing works.
Any idea what I am doing wrong?
Thank you
Finally I found the problem is due to the public-private key pair generation.
I followed the steps provided in windows azure guide, there the keys are generated using openssl, so the process outcomes a public key stored in a pem file you must upload to your instance during creation process.
The problem is that this private key obtained is not correctly recognized by paramiko, so fabric won't work. If you try to open a ssh connection using paramiko from python interpreter:
>>> import paramiko, os
>>> paramiko.common.logging.basicConfig(level=paramiko.common.DEBUG)
>>> ssh = paramiko.SSHClient()
>>> ssh.load_host_keys('private_key_file.key') # private key file generated using openssl
>>> ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
>>> ssh.connect("web1.cloudapp.net",port=56317)
Gives me the error:
DEBUG:paramiko.transport:Trying SSH agent key a9d8dd41609191ebeedbe8df768ad8c9
DEBUG:paramiko.transport:userauth is OK
INFO:paramiko.transport:Authentication (publickey) failed.
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File ".. /paramiko/client.py", line 337, in connect
self._auth(username, password, pkey, key_filenames, allow_agent, look_for_keys)
File ".. /paramiko/client.py", line 528, in _auth
raise saved_exception
paramiko.PasswordRequiredException: Private key file is encrypted
When the key file isn't encrypted.
To solve this, I created the key pair using openssh and then convert the public key to pem to upload it to azure:
# Create key with openssh
ssh-keygen -t rsa -b 2048 -f private_key_file.key
# extract public key and store as x.509 pem format
openssl req -x509 -days 365 -new -key private_key_file.key -out public_key_file.pem
# upload public_key_file.pem file during instance creation
# check connection to instance
ssh -i private_key_file.key -p 63534 adminweb#host.cloudapp.net
This solved the problem.
To debug fabric's ssh connections, add these lines to your fabfile:
import paramiko, os
paramiko.common.logging.basicConfig(level=paramiko.common.DEBUG)
This will print all of paramiko's debug messages. Paramiko is the ssh library that fabric uses.
Note that since Fabric 1.4 you have to specifically enable using ssh config:
env.use_ssh_config = True
(Note: I'm pretty sure absolutely certain that my fabfile used to work with Fabric > 1.5 without this option, but it doesn't now that I upgraded to 1.10).