after successfull setup, some hours later when connecting with Connect-EflowVM it fails, asking for Password. Reinstalled, could start to work, after one hour the same problem. Windows-OS: Server 2022 Connection from Win Host to IotEdge moduls works, so it's no generell network problem.
Iassume a problem with openSSH keys or vsocknc service. Any hints?
Following debug output of openssh Compared this also with a running system, the error occurs when: "Trying private key: ..."
PS C:\Windows\system32> Connect-EflowVm -Verbose -Debug -ErrorAction:Inquire
$userName is iotedge-user $vmGuid is 15E5DBA2-BCC8-4710-AF58-A85B9B5A1E81 $sshPrivKey is C:\Users\ext-gerald.kluge\AppData\Local\Temp\tmpAFA.tmp
debug1: Executing proxy command: exec D:\\EFLOW\\vsocknc.exe 15e5dba2-bcc8-4710-af58-a85b9b5a1e81 22
debug1: identity file C:\\Users\\ext-gerald.kluge\\AppData\\Local\\Temp\\tmpAFA.tmp type -1
debug1: identity file C:\\Users\\ext-gerald.kluge\\AppData\\Local\\Temp\\tmpAFA.tmp-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9
debug1: match: OpenSSH_8.9 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 15e5dba2-bcc8-4710-af58-a85b9b5a1e81:22 as 'iotedge-user'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:i3g5WMql7jdVdyQN/nMddlp6bowjIe/r7sKq9Uev8GA
Warning: Permanently added '15e5dba2-bcc8-4710-af58-a85b9b5a1e81' (ECDSA) to the list of known hosts.
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: pubkey_prepare: ssh_get_authentication_socket: No such file or directory
debug1: Will attempt key: C:\\Users\\ext-gerald.kluge\\AppData\\Local\\Temp\\tmpAFA.tmp explicit
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,[email protected],ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected]>
debug1: kex_input_ext_info: [email protected] (unrecognised)
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: C:\\Users\\ext-gerald.kluge\\AppData\\Local\\Temp\\tmpAFA.tmp
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug1: read_passphrase: can't open /dev/tty: No such file or directory
Password:
~~~~~~~~~~~~~~~~~~
wanted to connect with eFlow
This error typically indicates an issue with the ownership or permissions of the
authorized_keysfile in the SSH user’s home directory.Posting the answer for community benefits.
Thanks @sampath @G.Kluge
Using this reference git issue.
Ensure the ownership and permissions of the
authorized_keysfile are set correctly. The file should be owned by the user and have the correct permissions.Verify the home directory (
/home/iotedge-user) itself has the correct ownership and permissions.Check that the SELinux context is set correctly for the
.sshdirectory and its contents. Ensure the public and private keys are in the correct format.