-
Bug
-
Resolution: Done-Errata
-
None
-
False
-
-
False
-
VERIFIED
-
---
-
---
-
-
-
Important
-
No
Description of problem:
The "virtctl ssh" and "NodePort ssh" commands that are copied from the UI do not work unless the user adds the "-i" flag and the private key.
Version-Release number of selected component (if applicable):
4.13
How reproducible:
Steps to Reproduce:
1. Create SSH key pair with "ssh-keygen" in /home/user/.ssh directory.
2. Inject public key as static key into a VM and restart the VM.
3. Copy the virtctl ssh command from the UI and try to run it from the CLI.
Actual results:
Permission denied error:
[avitalpinnick@fedora ~]$ virtctl -n avital ssh cloud-user@rhel9-inject-before-boot
The authenticity of host 'vmi/rhel9-inject-before-boot.avital (<no hostip for proxy command>)' can't be established.
ED25519 key fingerprint is SHA256:vmloMxhsR1f49jl04UrMNiJkxn3Xj9HHufgfwtWHHLM.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'vmi/rhel9-inject-before-boot.avital' (ED25519) to the list of known hosts.
cloud-user@vmi/rhel9-inject-before-boot.avital: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
Expected results:
SSH connection succeeds
Additional info:
This command worked with "/home/avitalpinnick/.ssh/testkey2": "virtctl -n avital ssh cloud-user@rhel9-inject-before-boot -i testkey2"
If the private key is in another location, the full path has to be specified: "virtctl -n avital ssh cloud-user@rhel9-inject-before-boot -i /home/avitalpinnick/testkey2"
I observed the same behavior when I copied and ran the NodePort/SSH command (after running the oc patch command to get the service to work).
I recommend adding "-i <private_SSH_key>" with a tooltip saying that if the private key is not in /home/user/.ssh, the full path needs to be specified.
- external trackers
- links to
- mentioned on