Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Finch vm init failed after install #38

Closed
Zlender opened this issue Nov 23, 2022 · 15 comments
Closed

Finch vm init failed after install #38

Zlender opened this issue Nov 23, 2022 · 15 comments
Assignees
@pendo324 @KevinLiAWS
Labels
bug Something isn't working

Comments

@Zlender
Copy link

Zlender commented Nov 23, 2022

Describe the bug
Using Finch Finch-v0.1.0-aarch64 the command vm init fails with fatal error as seen in the logs section.

It the end it looks like init did succeed as I can build and run containers.

Steps to reproduce
Install Finch-v0.1.0-aarch64 and run finch vm init

Expected behavior
No fatal error.

Screenshots or logs

finch vm init
INFO[0000] Using default values due to missing config file at "/Users/r.zlender/.finch/finch.yaml"
INFO[0000] "/Users/r.zlender/.finch" directory doesn't exist, attempting to create it
FROM alpine:latest
INFO[0002] binaries directory doesn't exist
INFO[0002] Requesting root access to finish network dependency configuration
Password:
INFO[0010] sudoers file not found: %!w(*fs.PathError=&{open /etc/sudoers.d/finch-lima 2})
INFO[0010] Initializing and starting Finch virtual machine...
INFO[0150] Finch virtual machine started successfully
FATA[0150] failed to setup ssh client: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

Additional context
Add any other context about the problem here.
@Zlender Zlender added the bug Something isn't working label Nov 23, 2022
@KevinLiAWS
Copy link
Contributor

I looked up similar issue and seems rancher rke also had this issue before: rancher/rke#2696
From their thread, seems related with Fedora: https://www.reddit.com/r/Fedora/comments/jhxbdh/no_ssh_public_key_auth_after_upgrade_to_fedora_33/

However in the current case, lima did finish booting the vm because it shows vm started successfully, but it still shows the fatal error. @Zlender could you please try finch vm stop and finch vm remove, and then retry finch vm init again to see if you can consistently reproduce this error? Thanks

@oraclesean
Copy link

I'm seeing the same error. It's reproducible with stop/remove/init:

[~ 13:16:32]
# finch vm start
INFO[0000] Starting existing Finch virtual machine...
INFO[0024] Finch virtual machine started successfully
FATA[0025] failed to setup ssh client: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
[~ 13:17:00]
# finch vm stop
INFO[0000] Stopping existing Finch virtual machine...
INFO[0005] Finch virtual machine stopped successfully
[~ 13:18:45]
# finch vm remove
INFO[0000] Removing existing Finch virtual machine...
INFO[0000] Finch virtual machine removed successfully
[~ 13:18:49]
# finch vm init
INFO[0000] Initializing and starting Finch virtual machine...
INFO[0073] Finch virtual machine started successfully
FATA[0073] failed to setup ssh client: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
[~ 13:20:07]

[~ 13:21:44]
# finch version
Finch version: v0.1.0
[~ 13:21:52]
# uname -a
Darwin X.local 21.4.0 Darwin Kernel Version 21.4.0: Mon Feb 21 20:35:58 PST 2022; root:xnu-8020.101.4~2/RELEASE_ARM64_T6000 x86_64

@oraclesean
Copy link

With --debug:

# finch vm init --debug
DEBU[0000] Creating limactl command: ARGUMENTS: [ls -f {{.Status}} finch], LIMA_HOME: /Applications/Finch/lima/data
DEBU[0000] Status of virtual machine:
DEBU[0000] Creating limactl command: ARGUMENTS: [sudoers], LIMA_HOME: /Applications/Finch/lima/data
DEBU[0000] Creating limactl command: ARGUMENTS: [start --name=finch /Applications/Finch/os/finch.yaml --tty=false], LIMA_HOME: /Applications/Finch/lima/data
INFO[0000] Initializing and starting Finch virtual machine...
INFO[0160] Finch virtual machine started successfully
DEBU[0160] Applying guest configuration options
DEBU[0160] Creating limactl command: ARGUMENTS: [ls -f {{.SSHLocalPort}} finch], LIMA_HOME: /Applications/Finch/lima/data
FATA[0160] failed to setup ssh client: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

@Zlender
Copy link
Author

Zlender commented Nov 24, 2022

@KevinLiAWS this is the output

➜  ~ finch vm stop
INFO[0000] Stopping existing Finch virtual machine...
INFO[0002] Finch virtual machine stopped successfully
➜  ~ finch vm remove
INFO[0000] Removing existing Finch virtual machine...
INFO[0000] Finch virtual machine removed successfully
➜  ~ finch vm init --debug
DEBU[0000] Creating limactl command: ARGUMENTS: [ls -f {{.Status}} finch], LIMA_HOME: /Applications/Finch/lima/data
DEBU[0000] Status of virtual machine:
DEBU[0000] Creating limactl command: ARGUMENTS: [sudoers], LIMA_HOME: /Applications/Finch/lima/data
DEBU[0000] Creating limactl command: ARGUMENTS: [start --name=finch /Applications/Finch/os/finch.yaml --tty=false], LIMA_HOME: /Applications/Finch/lima/data
INFO[0000] Initializing and starting Finch virtual machine...
INFO[0070] Finch virtual machine started successfully
DEBU[0070] Applying guest configuration options
DEBU[0070] Creating limactl command: ARGUMENTS: [ls -f {{.SSHLocalPort}} finch], LIMA_HOME: /Applications/Finch/lima/data
FATA[0070] failed to setup ssh client: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
➜  ~ finch vm init --debug
DEBU[0000] Creating limactl command: ARGUMENTS: [ls -f {{.Status}} finch], LIMA_HOME: /Applications/Finch/lima/data
DEBU[0000] Status of virtual machine: Running
FATA[0000] the instance "finch" is already running```

@Zlender
Copy link
Author

Zlender commented Nov 24, 2022 

➜  ~ LIMA_HOME=/Applications/Finch/lima/data /Applications/Finch/lima/bin/limactl ls
NAME     STATUS     SSH                ARCH       CPUS    MEMORY    DISK      DIR
finch    Running    127.0.0.1:61998    aarch64    3       8GiB      100GiB    /Applications/Finch/lima/data/finch

@KevinLiAWS
Copy link
Contributor

Thanks for your detailed debug info. @Zlender and @oraclesean could you please share me your mac os version? I noticed that it might be related with the mac os version, so I would like to collect more data about the env. Thanks

@Zlender
Copy link
Author

Zlender commented Nov 25, 2022

Sure

➜  ~ uname -v
Darwin Kernel Version 22.1.0: Sun Oct  9 20:15:09 PDT 2022; root:xnu-8792.41.9~2/RELEASE_ARM64_T6000
➜  ~ sw_vers
ProductName:		macOS
ProductVersion:		13.0
BuildVersion:		22A380

@EigoOda
Copy link

EigoOda commented Nov 26, 2022

Same issue.

$ uname -v
Darwin Kernel Version 21.6.0: Thu Sep 29 20:13:56 PDT 2022; root:xnu-8020.240.7~1/RELEASE_ARM64_T6000

$ sw_vers
ProductName:    macOS
ProductVersion: 12.6.1
BuildVersion:   21G217

@oraclesean
Copy link 

# uname -v
Darwin Kernel Version 21.4.0: Mon Feb 21 20:35:58 PST 2022; root:xnu-8020.101.4~2/RELEASE_ARM64_T6000
# sw_vers
ProductName:	macOS
ProductVersion:	12.3
BuildVersion:	21E230

@netcode
Copy link

netcode commented Nov 29, 2022
edited
Loading

same issue here

$ uname -v
Darwin Kernel Version 21.6.0: Thu Sep 29 20:13:56 PDT 2022; root:xnu-8020.240.7~1/RELEASE_ARM64_T6000

$ sw_vers
ProductName:	macOS
ProductVersion:	12.6.1
BuildVersion:	21G217

@CkReal
Copy link

CkReal commented Dec 3, 2022

Same issue.

$ finch --version
finch version v0.1.0
$ uname -v
Darwin Kernel Version 21.6.0: Thu Sep 29 20:13:46 PDT 2022; root:xnu-8020.240.7~1/RELEASE_ARM64_T8101
$ sw_vers
ProductName:    macOS
ProductVersion: 12.6.1
BuildVersion:   21G217

@pendo324 pendo324 mentioned this issue Dec 8, 2022
Merged
1 task
pendo324 added a commit that referenced this issue Dec 12, 2022
@pendo324
fix: ignore .ssh pub keys (#109)
0b74597 
Signed-off-by: Justin Alvarez <alvajus@amazon.com>

Issue #, if available: Fixes #103. Still having trouble reproducing #38,
but possibly related

*Description of changes:*
- Our Lima configuration (finch.yaml) was using the default value for
the `ssh.loadDotSSHPubKeys` option, which is `true`. This may cause
errors if the user has any issues with the keys in their `.ssh`
directory. Since the correct key is generated and stored in Lima's
directories, and the user is not expected to interact directly with the
VM anyway, we can just set this to `false` explicitly
- In the future, we can consider adding this to finch's config (probably
by adding logic to `pkg/config`'s `lima_config_applier` and
`defaults.go`)

*Testing done:*
- Reproduced the error by creating an invalid pub key entry. Made the
change to my local `lima.yaml` and rebooted the vm, and did not see the
error


- [x] I've reviewed the guidance in CONTRIBUTING.md


#### License Acceptance

By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license.

Signed-off-by: Justin Alvarez <alvajus@amazon.com>
@azhouwd azhouwd mentioned this issue Dec 26, 2022
Closed
ahsan-z-khan pushed a commit to ahsan-z-khan/finch that referenced this issue Jan 11, 2023
@pendo324 @ahsan-z-khan
fix: ignore .ssh pub keys (runfinch#109)
865abb7 
Signed-off-by: Justin Alvarez <alvajus@amazon.com>

Issue #, if available: Fixes runfinch#103. Still having trouble reproducing runfinch#38,
but possibly related

*Description of changes:*
- Our Lima configuration (finch.yaml) was using the default value for
the `ssh.loadDotSSHPubKeys` option, which is `true`. This may cause
errors if the user has any issues with the keys in their `.ssh`
directory. Since the correct key is generated and stored in Lima's
directories, and the user is not expected to interact directly with the
VM anyway, we can just set this to `false` explicitly
- In the future, we can consider adding this to finch's config (probably
by adding logic to `pkg/config`'s `lima_config_applier` and
`defaults.go`)

*Testing done:*
- Reproduced the error by creating an invalid pub key entry. Made the
change to my local `lima.yaml` and rebooted the vm, and did not see the
error


- [x] I've reviewed the guidance in CONTRIBUTING.md


#### License Acceptance

By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license.

Signed-off-by: Justin Alvarez <alvajus@amazon.com>
@tranngoclam
Copy link

After v0.2.0 released, the issue looks like not resolved

➜  ~ finch version
Finch version:	v0.2.0
FATA[0000] detailed version info is unavailable because VM is not running
➜  ~ finch vm init
INFO[0000] binaries directory doesn't exist
INFO[0000] Requesting root access to finish network dependency configuration
INFO[0000] sudoers file not found: open /etc/sudoers.d/finch-lima: no such file or directory
INFO[0006] Initializing and starting Finch virtual machine...
INFO[0130] Finch virtual machine started successfully
FATA[0130] failed to setup ssh client: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
➜  ~ uname -v
Darwin Kernel Version 22.2.0: Fri Nov 11 02:03:51 PST 2022; root:xnu-8792.61.2~4/RELEASE_ARM64_T6000
➜  ~ sw_vers
ProductName:		macOS
ProductVersion:		13.1
BuildVersion:		22C65
➜  ~

@marcelmindemann
Copy link

Also running into this problem.

❯ finch --version
finch version v0.3.0
❯ sw_vers
ProductName:	macOS
ProductVersion:	12.6
BuildVersion:	21G115

@KevinLiAWS
Copy link
Contributor

Did some research and found similar issue here: https://support.okta.com/help/s/article/No-supported-methods-remain-unable-to-ssh-to-target-server-via-sft?language=en_US
It seems related ssh policy settings, and needs changes in /etc/ssh/sshd_config.
Could you please try if the config change can resolve the issue? Thanks

@ningziwen
Copy link
Member

ningziwen commented Apr 3, 2023
edited
Loading

Closing the issue because of no response. Feel free to reopen.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pendo324 pendo324

@KevinLiAWS KevinLiAWS

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
10 participants
@Zlender @netcode @pendo324 @CkReal @oraclesean @tranngoclam @ningziwen @marcelmindemann @EigoOda @KevinLiAWS