Vagrant SSH Permissions - vagrant

I am new to Vagrant and get the following error on vagrant up or vagrant ssh:
The private key to connect to this box via SSH has invalid permissions
set on it. The permissions of the private key should be set to 0600, otherwise SSH will
ignore the key. Vagrant tried to do this automatically for you but failed. Please set the
permissions on the following file to 0600 and then try running this command again:
[...]/.vagrant/machines/default/virtualbox/private_key
I have run:
$ sudo chmod 666 [...]/.vagrant/machines/default/virtualbox/private_key
I also tried (600, 777) but still get the same error.
Please can someone tell me what is wrong and how to fix it?

I just had this issue, and I worked around it moving the private_key file to another place, changing its permission, and then creating a symbolic link at the original place.
So,
$ mv [...]/.vagrant/machines/default/virtualbox/private_key /some/path/where/you/can/change/permissions
$ ln -s /some/path/where/you/can/change/permissions [...]/.vagrant/machines/default/virtualbox/private_key

If you're using the Windows Subsystem for Linux (WSL), this error can occur when you're trying to vagrant up in a directory that is outside the user's home directory.
From the Vagrant docs:
If a Vagrant project directory is not within the user's home directory on the Windows system, certain actions that include permission checks may fail (like vagrant ssh). When accessing Vagrant projects outside the WSL Vagrant will skip these permission checks when the project path is within the path defined in the VAGRANT_WSL_WINDOWS_ACCESS_USER_HOME_PATH environment variable.
Changing the VAGRANT_WSL_WINDOWS_ACCESS_USER_HOME_PATH to the current working directory (or a directory above it) can fix this. For example, if your project is in /mnt/c/www, then set the environment variable accordingly:
export VAGRANT_WSL_WINDOWS_ACCESS_USER_HOME_PATH="/mnt/c/www"

I got the same error now. The problem happened because i was trying to do vagrant up in an NTFS partition, just like the error message tell me.
So i created an directory link in my ext4 partition and an simbloc link in my NTFS to solve this. Works Fine now!
Thanks!

I had this same problem and turns out chmod seems to be working fine but is not actually changing permissions, my files where at an NTFS partition, try changing them to an ext4 or similar.

Got this error using otto (which layers on vagrant)
It is def filesystem related, have a fat partition to allow use with windows (used to, no longer). When the permissions couldn't be set on the partition I just copied the whole directory over to my user directory (as I always should have).
Was using git so I just reset to head to get back to my starting place... re-ran:
otto compile
otto dev
up and running now.

Related

How to set permissions to create a vagrantfile

Every time I try to run vagrant init I get this error message.
The user that is running Vagrant doesn't have the proper permissions
to write a Vagrantfile to the specified location. Please ensure that
you call vagrant init in a location where the proper permissions
are in place to create a Vagrantfile.
I'm trying to set up Vagrant for the first time. It's just a Windows 10 laptop, and I'm running the command from this directory; C:\Users\admin\Documents\z\bin>
I've looked at that directory and it seems to have full permissions allowed.

openssh windows bad owner or permissions

I've installed openssh for windows and when I run ssh localhost I get
Bad owner or permissions on C:\Users\gary/.ssh/config
I've looked at these 2 questions https://superuser.com/questions/348694/bad-owner-or-permissions-error-using-cygwins-ssh-exe and https://serverfault.com/questions/253313/ssh-returns-bad-owner-or-permissions-on-ssh-config but none of the answers work for me. sshd is running as a service as the Local System user. I've run chmod 0600 C:\Users\gary\.ssh\config and chown gary C:\Users\gary\.ssh\config. I've also cleared the ACL by running setfacl -b C:\Users\gary\.ssh\config and then chmod 0600 C:\Users\gary\.ssh\config again. I've also tried changing the owner to SYSTEM and got the same error.
I'm not sure what else to do, is there anything wrong with my setup? I also have git installed which installed mingw, I deleted ssh and sshd from my git installation so they wouldn't be on my path.
Other commands I've run are
icacls "C:\Users\gary\.ssh\config" /setowner gary
chown -R gary:1049089 C:\Users\gary\.ssh
ls -la C:\Users\gary\.ssh\config shows
-rw-r--r-- 1 gary 1049089 229 Jan 3 14:43 'C:\Users\gary.ssh\config'
it keeps showing this even after changing the owner to SYSTEM, but in the file properties in file explorer it shows SYSTEM as the owner
This started popping up immediately after I created another user with Administrator privileges, and that account began inheriting access to my .ssh folder.
You do not need to change your permissions whatsoever.
Just go to .ssh, right-click Properties, Security Tab, Advanced. DISABLE INHERITANCE, then click on the Administrator user (the one that is not you) and Remove them. Apply. Done.
Use ssh client from Git instead of Windows inbuilt SSH client. E.g. set VS Code to use C:\Program Files\Git\usr\bin\ssh.exe instead of C:\Windows\System32\OpenSSH\ssh.exe.
Steps:
In VS Code navigated to [File] -> [Preferences] -> [Settings] -> Search remote.ssh.path
Input C:\Program Files\Git\usr\bin\ssh.exe
Alternatively:
Update PATH environment variable to point to Git bin before Windows System32.
Type "env" in Start bar to edit System (or account) environment variables.
Select Path and hit edit.
Add C:\Program Files\Git\usr\bin\ssh.exe to the list and move it to the top of the list.
Just got same issue after re-install windows. And easily fixed just by changing the file permissions to
SYSTEM & Administrators - Full Control
[your username] - Modify & as Owner
Note:
I'm still using Windows 10 built-in SSH client C:\Windows\System32\OpenSSH\ssh.exe & not using cygwin at all
For those still struggling with this, check this out: https://github.com/PowerShell/openssh-portable/pull/418. This was the case for me. It turns out that your computer should be named differently from your username... 🤷‍♂️ It will probably be fixed soon in future updates, because fix got into commit.
So again: if your computer name is the same as your username and you still haven't fixed this issue with permissions dialog, then probably renaming your computer could help.
Instead of using the properties box, you can use the one liner:
icacls .ssh /grant:r <yourUserName>:f /inheritance:r
/grant:r username:f -> grant and overwrite permissions, giving full permissions to username
/inheritance:r -> remove inherited permissions
Keep known_hosts writable with
icacls .ssh/known_hosts /grant:rw <username>:f /inheritance:r
I'm not sure what version of Windows you're running, but since this is recent I'd guess Windows 10. I recently found out that an OpenSSH client is installed by default as of the April 2018 update. I then found I had two instances of OpenSSH: the one I installed myself and the one Windows gave me. Uninstalling the one I had installed caused the error message you describe.
The solution that worked for me was to remove the user-installed OpenSSH as well as the C:\Users\username\.ssh folder, and let Windows 10 OpenSSH create the folder when you run the command the next time. I didn't have any configuration I was worried about losing, but if you do I'd suggest copying and pasting the contents of the files somewhere and recovering them afterwards.
Hope this helps!
Having the exact same issue today, this is how I solved it:
Go to C:\Users\username.ssh
Right-click the config file
Properties -> Security -> Advanced -> Disable Inheritance -> Disable
inheritance -> Remove all inherited permissions from this object ->
Apply -> Yes -> Ok -> Ok
Use FixUserFilePermissions.ps1 to fix permissions of client side files - keys and config files of current user.
git clone git#github.com:PowerShell/openssh-portable.git
cd openssh-portable/contrib/win32/openssh
.\FixUserFilePermissions.ps1 -Confirm:$false
On windows server this is due to permission problem. Need to remove access to other users for the following folders
.ssh - folder
Right click on this folder -> Select "Give access to" - > Click on "Remove Access"
Right click on this folder -> Select "properties" - > "Securities" - > Click on "Edit Permissions" - Remove other users except the ID you are logged in.
Repeat the same process for the folder under which you have .pem file. (Note: Keep .pem file in a separate folder)
For anyone, who still has troubles after applying the owner + modify (plus full control for admins): it did not work for me. Then I saw a solution to remove all other users (incl all admins), which did not help either.
This worked for me:
leave System and Administrators in place, with full control, as suggested above
leave the user itself in place, as owner, with modify, as suggested above
however, remove any other user or group. You probably need to go to advanced first, to disable inheritance of rights
after I removed an administrative user who was added by Windows after entering my folder (by passing through the UAC box), it worked for me again.
Hope this helps for anyone who encounters this specific issue :-)
If User is in Administrative group just keep configuration in
c:\programdata\ssh\ssh_config instead %USERPROFILE%.ssh\config, will work
after disabling inheritance, make sure you add your current user, else u cannot edit the file
For me it was fixed by running chmod 0644 config under ~/.ssh/. Earlier it was set to 755 which was causing "Bad owner or permissions on /home/home/.ssh/config"
I tried all the solutions above, and sadly still can't fix this issue. I'm pretty sure the permission of my ssh config is correct, this has been verified by the Explore GUI and the Get-Acl commands.
Then I finally find a way to solve it:
delete the entire .ssh folder and then open powershell and type ssh localhost. It will create a new .ssh folder for you, then you can apply the above permission tweaks(for me I only did one thing: disable inheritance).
So if other solutions doesn't work for you, maybe you can try this. Hope it's helpful.
PS: don't forget to backup your old .ssh folder before deleting it.
I was having this problem, and no amount of changing permissions or disabling inheritance on the config file would fix it. It turned out that it did not like my computer name and user name being the same, so I re-named my computer, allowed open ssh to re-create the config file, and the permissions are now correct. That was probably a bad idea to begin with, tbh.
I deleted C:\Users\user/.ssh/config and reran my stuff, then it worked.
However, if you have something valuable there, make a backup first, just in case!
After a domain change over, I started having this same problem. Went through all of the suggestions listed and nothing worked, including both chmod and chown solutions.
I ended up fixing the problem by copying the folder, pasting it, deleting the original, and then renaming it back to .ssh.
The problem seems from the files are owned/has-permission for more than one user.
1- Go to your ./ssh folder and for both config & id_rsa files. From the properties -> Security -> Advanced:
2- Make sure that the user that you are logged in with IS the only user there.
No group change or whatever,the first answer is right.Change to git ssh.exe
How?
uninstall win10's openssh in Settings
add path of git's ssh.exe to your Path
For me it was fixed by running chmod 0644 config under ~/.ssh/ when running WSL.
Rename the config file to something like config2
Open this file with notepad
Save As config (original name)
This worked for me.
I guess it was caused by the wrong path expression.
Bad owner or permissions on C:\Users\gary/.ssh/config
The /.ssh should be \.ssh. So I try to use git bash (the terminal tool when install git in Windows system) to run ssh command. It really works. But I don't really know if it is caused by the reason I guessed.
Hi guys after a troubleshoot for a day I found that this "m.. f.." config file should not stand in the .ssh/ path.
For VSCODE just set the config in 'C:\ProgrmaData\ssh\ssh_config' path as proposed in the second choice of the palette command, and forget .shh path for this configuration.
That worked fine for me.
Nota: there was also a known_host file also created here with strange VM names inside, I deleted also this file. and that helps
For me, re-editing the permission settings in Windows is too complicated. Regenerating another configuration in vscode does not work either.
I set a custom config file path to solve this problem.
["Remote SSH: Config file"]
The absolute file path to a custom SSH config file.
note: search this option by #ext:ms-vscode-remote.remote-ssh,ms-vscode-remote.remote-ssh-edit config file
This is because the config file cannot be accessed normally. We can create a new config file (this file needs to be accessible normally), such as D:/.ssh/config, and then specify the configuration file through the -F option: ssh -F D:/.ssh/config username#ip_address -p port
Delete the .config file, it has worked for me

Issue using Vagrant SSH when vagrant.d folder is on an external exFAT drive

Setting up Vagrant for the first time and I'm using the VAGRANT_HOME environment variable to change the location of the ~/.vagrant.d folder to an external drive (I'm paranoid about SSD wear and tear, sue me). This is causing an issue with the vagrant ssh command as it's complaining about not having the right permissions and I can't use chmod to change the permissions for the file it wants on an exFAT volume.
Is there a workaround? I've checked the documentation and there doesn't seem to be a setting where I can specify a different location for the insecure key, but I might be missing something.
Thanks!
The solution is to move the insecure_private_key file located in the external vagrant.d folder to somewhere in your local home directory and then symlink it back.

Error when running vagrant: "The host path of the shared folder is missing"

I have downloaded a Vagrantfile, but when i run vagrant up in terminal the following message appears:
Bringing machine 'default' up with 'virtualbox' provider... There are
errors in the configuration of this machine. Please fix the following
errors and try again:
vm:
* The host path of the shared folder is missing: ~/Sync
OBS.: Using Ubuntu 14.10
I created a folder named Sync in my home.
According to Vagrant docs host path must be either absolute (i.e. /home/user/Sync) or relative to project root (place where your Vagrantfile is).
Relative to project root means if your Vagrantfile resides in /home/user/MyProject then setting up path as "Sync" will create share from /home/user/MyProject/Sync.
Ref: http://docs.vagrantup.com/v2/synced-folders/basic_usage.html
I assumed you are in linux or mac. Type in "pwd" and enter in the terminal where Homestead.yml is.
Mine is "/home/idhamhafidz/Code/opp190-ama"
Then go to your Homestead.yml and edit the folders section like in the image below:
Then quit edit Homesteady.yml and re-run vagrant up again.
In my case it was a space at the end of the path in config.yaml:
source: '/Users/h/Packt/Code '
I've deleted this space and it's working now.
If you are using Vagrant and Windows Subsystem for Linux then you can solve the issue creating a symlink
ln -s /mnt/c/Users/user/project ~/project
/mnt/c/Users/user/project should match the Vagrant project in your Windows machine.
~/project should match the path that is missing.
Note, that you may need to create any intermediary directories.
I know this is an old question, but for anyone just encountering this issue and having a hard time finding a conclusion the answer by #megawebmaster would be the correct approach in giving the relative path to the folder: "/home/(your-pc-username)/Sync/".
Also with a Vagrantfile being ruby-based I personally use ruby's ENV object:
#{ENV["HOME"]}/Sync should resolve the issue.
I came across the same problem and
mkdir ~/Sync help me solve it.

Cannot access Vagrant shared folders

I just trying to add Vagrant to my workflow and I have following probably noob problem. I pull standard hashicorp standard 14.04 image, vagrant up it, SSH to it install my python requirements on it and then then try to execute build commands against code in Vagrant shared folder and run in to problems. Basic errors I get say those locations don't exist or cannot be found.
First action I, go ls /vagrant and can see my shared folders. I cannot cd to them from Vagrant machine I have tried to halt the machine.
Vagrantfile shared folder code.
{"virtualbox":{"/vagrant":{"guestpath":"/vagrant","hostpath":"/Users/Kimmo/Documents/Mist.io","disabled":false}}}
I am using Virtualbox as provider newest version.
My dev machine is OSX 10.9.5
There are not access limitations on the folder itself.
Thanks for you help in advance :)
Does /vagrant exists inside the VM just after you start it ?
If no you can add this parameter : "create":true. According to the doc, for the create: true paramater : If true, the host path will be created if it does not exist. Defaults to false.
If the folder /vagrant exists but you can cd or ls it, you can add parameters wich will define the right/owner of this folder:
owner: (string) the user who should be the owner of this synced folder. By default this will be the SSH user. Some synced folder types don't support modifying the owner.
group: (string) the group that will own the synced folder. By default this will be the SSH user. Some synced folder types don't support modifying the group.
Also for the hostpath parameter you have to give him a folder path, not a file path. In your conf I can see: "hostpath":"/Users/Kimmo/Documents/Mist.io". If Mist.io is a file and you want to access this file inside your VM, just give the path to the folder containing this file, /Users/Kimmo/Documents in your case.

Resources