Bug 1566295

Summary: vagrant ssh does not work passwordless with openssh-7.7
Product: [Fedora] Fedora Reporter: Randy Barlow <rbarlow>
Component: opensshAssignee: Jakub Jelen <jjelen>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 28CC: dwalsh, egegunes, jfch, jjelen, lkundrak, lmohanty, madam, mattias.ellert, plautrba, pvalena, strzibny, thrcka, tmraz, vondruch
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: openssh-7.7p1-2.fc28 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-04-15 02:40:40 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Vagrantfile none

Description Randy Barlow 2018-04-12 01:36:05 UTC 
Created attachment 1420614 [details]
Vagrantfile

Description of problem:
I noticed this week that I could not use vagrant ssh without typing a password. If I downgrade from openssh-7.7 to 7.6, it works again, so I believe there is some compatibility issue there.


Version-Release number of selected component (if applicable):
vagrant-2.0.2-1.fc28.noarch


How reproducible:
Every time.


Steps to Reproduce:
1. Use the attached Vagrantfile.
2. Install openssh-clients-7.7p1-1.fc28
3. vagrant up
4. vagrant ssh


Actual results:
$ vagrant ssh
vagrant.121.50's password:


Expected results:
$ vagrant ssh
Last login: Wed Apr 11 22:09:52 2018 from 192.168.121.1
[vagrant@localhost ~]$
Comment 1 Vít Ondruch 2018-04-12 05:47:49 UTC 
Probably question for OpenSSH maintainers then ...
Comment 2 Vít Ondruch 2018-04-12 05:49:45 UTC 
BTW running vagrant with "--debug" option could provide more details.
Comment 3 Jakub Jelen 2018-04-12 07:55:38 UTC 
Please, next time, run the ssh with -vvv to get more verbose log. I can reproduce the issue now and I see the following error:

debug1: Next authentication method: publickey
debug1: Trying private key: "/root/.vagrant.d/insecure_private_key"
no such identity: "/root/.vagrant.d/insecure_private_key": No such file or directory
debug2: we did not send a packet, disable method

even though the stat from command line works as expected:

# stat /root/.vagrant.d/insecure_private_key
  File: /root/.vagrant.d/insecure_private_key
  Size: 1675      	Blocks: 8          IO Block: 4096   regular file
Device: fd00h/64768d	Inode: 26054342    Links: 1
Access: (0600/-rw-------)  Uid: (    0/    root)   Gid: (    0/    root)
Context: unconfined_u:object_r:admin_home_t:s0
Access: 2018-04-12 09:34:15.269720504 +0200
Modify: 2018-04-12 09:17:53.199812801 +0200
Change: 2018-04-12 09:17:53.199812801 +0200
 Birth: -

With the OpenSSH 7.6, I see this part succeed:

debug1: Next authentication method: publickey
debug1: Trying private key: /root/.vagrant.d/insecure_private_key
debug3: sign_and_send_pubkey: RSA SHA256:1M4RzhMyWuFS/86uPY/ce2prh/dVTHW7iD2RhpquOZA
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 52
debug1: Enabling compression at level 6.
debug1: Authentication succeeded (publickey).

It looks like the issue is the quotes around the filename now. I will have a look how to support this properly. Thank you for the report.
Comment 4 Jakub Jelen 2018-04-12 08:25:31 UTC 
The following scratch build solves the issue for me and supports parsing quotes as expected again:

https://koji.fedoraproject.org/koji/taskinfo?taskID=26320731

I will wait for all the tests pass from upstream testsuite and I will issue an update.
Comment 5 Fedora Update System 2018-04-12 09:55:08 UTC 
openssh-7.7p1-2.fc28 has been submitted as an update to Fedora 28. https://bodhi.fedoraproject.org/updates/FEDORA-2018-4bcb8b924a
Comment 6 Fedora Update System 2018-04-13 16:30:51 UTC 
openssh-7.7p1-2.fc28 has been pushed to the Fedora 28 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-4bcb8b924a
Comment 7 Fedora Update System 2018-04-15 02:40:40 UTC 
openssh-7.7p1-2.fc28 has been pushed to the Fedora 28 stable repository. If problems still persist, please make note of it in this bug report.