MacOS Orgalore doesnt work - Bug

[0xtavian]

Expected behavior:

orgalorg -o [email protected]:2266  -C id
uid=1000(op) gid=1000(op) groups=1000(op),27(sudo),998(docker)

I cant seem to get orgalorg to work on Mac. Tried by installing via go get and via the binary.
Bug:

./orgalorg -o [email protected]:2266  -C id -k /Users/desktop/.ssh/id_rsa.pub

2021-07-23 23:53:47 [FATAL] connecting to cluster failed
                            └─ connection to 1 of 1 nodes failed
                               └─ can't connect to nodes
                                  └─ can't connect to address: [[email protected]:2266]
                                     └─ ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

Running the same command from Ubuntu 20.04 works.
SSH-ing normally from my Mac to 55.55.55.55 works

ssh [email protected] -p2266 < - works.

orgalorg seems to not be able to find the key file? Even specifying the keyfile in the command line manually doesn't work. Not specifying in the command and letting orgalorg picks the default still doesnt work.

./orgalorg -o [email protected]:2266  -C id                                  

2021-07-24 00:00:12 [FATAL] connecting to cluster failed
                            └─ connection to 1 of 1 nodes failed
                               └─ can't connect to nodes
                                  └─ can't connect to address: [[email protected]:2266]
                                     └─ ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

[prologic]

Why are you providing the public key?

[0xtavian]

@prologic You can see in the above even with no key provided it still fails, but good point.

orgalorg -o [email protected]:2266  -C id -k /Users/desktop/.ssh/id_rsa
2021-07-24 00:43:32 [FATAL] connecting to cluster failed
                            └─ connection to 1 of 1 nodes failed
                               └─ can't connect to nodes
                                  └─ can't connect to address: [[email protected]:2266]
                                     └─ ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

ls -la
total 24
drwx------   5 desktop  staff   160 Jul 23 23:23 .
drwxr-xr-x+ 65 desktop  staff  2080 Jul 24 00:45 ..
-rw-------   1 desktop  staff  2635 Jul  7 18:49 id_rsa
-rw-r--r--   1 desktop  staff   590 Jul  7 18:49 id_rsa.pub
-rw-r--r--   1 desktop  staff  2174 Jul 23 23:11 known_hosts

[prologic]

Is your key passphrase protected?

[0xtavian]

@prologic No

[prologic]

I'll try on my Mac soon and see

[prologic]

Seems to work okay for me:

(⎈ |local:default)
prologic@Jamess-iMac
Sat Jul 24 16:08:06
~
 130
$ killall ssh-agent
(⎈ |local:default)
prologic@Jamess-iMac
Sat Jul 24 16:08:08
~
 0
$ ps aux | grep ssh-agent
prologic         16843   0.0  0.0  4361304    784 s002  U+    4:08PM   0:00.00 grep ssh-agent
(⎈ |local:default)
prologic@Jamess-iMac
Sat Jul 24 16:08:10
~
 0 0
$ orgalorg -u rancher -o dm1 -k ~/.ssh/rancher_rsa -C id
dm1 uid=1100(rancher) gid=1100(rancher) groups=1100(rancher),27(sudo),1101(docker)

[0xtavian]

I regenerated my SSH key and created a new cloud VSI, made sure orgalorg is up to date but still unable to auth with orgalorg.

orgalorg -o [email protected]:2266 -C id                               
2021-07-24 01:22:54 [FATAL] connecting to cluster failed
                            └─ connection to 1 of 1 nodes failed
                               └─ can't connect to nodes
                                  └─ can't connect to address: [[email protected]:2266]
                                     └─ ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
➜  ~                                         
➜  ~ 
➜  ~ 
➜  ~ 
➜  ~ 
➜  ~ ssh [email protected] -p2266            
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

op@mclean21:~$ id
uid=1000(op) gid=1000(op) groups=1000(op),27(sudo)
op@mclean21:~$ exit
logout
Connection to 167.172.27.115 closed.

uname -a
Darwin DESKTOPs-MBP 20.5.0 Darwin Kernel Version 20.5.0: Sat May  8 05:10:33 PDT 2021; root:xnu-7195.121.3~9/RELEASE_X86_64 x86_64

go version
go version go1.16.6 darwin/amd64

echo $SHELL
/bin/zsh

[0xtavian]

Tried with -u argument, still no dice.

./orgalorg -u op -o [email protected]:2266 -C id                               

2021-07-24 01:32:19 [FATAL] connecting to cluster failed
                            └─ connection to 1 of 1 nodes failed
                               └─ can't connect to nodes
                                  └─ can't connect to address: [[email protected]:2266]
                                     └─ ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
➜  bin ./orgalorg -u op -o 167.172.231.169:2266 -C id                                

2021-07-24 01:32:24 [FATAL] connecting to cluster failed
                            └─ connection to 1 of 1 nodes failed
                               └─ can't connect to nodes
                                  └─ can't connect to address: [[email protected]:2266]
                                     └─ ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
➜  bin ssh [email protected] -p2266
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

op@perl27:~$ id
uid=1000(op) gid=1000(op) groups=1000(op),27(sudo)
op@perl27:~$ exit
logout
Connection to 167.172.231.169 closed.

[prologic]

Does verbose logging -v give you any hints as to what's going on for you?

[0xtavian]

@prologic No, that would be great to add.

./orgalorg -v -o [email protected]:2266 -C id                               

2021-07-24 01:54:16 [DEBUG] using 16 threads
2021-07-24 01:54:16 [DEBUG] connecting to 1 nodes
2021-07-24 01:54:16 [FATAL] connecting to cluster failed
                            └─ connection to 1 of 1 nodes failed
                               └─ can't connect to nodes
                                  └─ can't connect to address: [[email protected]:2266]
                                     └─ ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

[prologic]

What does the remote end have to say when you attempt this via orgalorg from your Mac? 🤔

[0xtavian]

Jul 24 07:11:23 lamar22 sshd[1021]: rexec line 16: Deprecated option UsePrivilegeSeparation
Jul 24 07:11:23 lamar22 sshd[1021]: rexec line 19: Deprecated option KeyRegenerationInterval
Jul 24 07:11:23 lamar22 sshd[1021]: rexec line 20: Deprecated option ServerKeyBits
Jul 24 07:11:23 lamar22 sshd[1021]: rexec line 31: Deprecated option RSAAuthentication
Jul 24 07:11:23 lamar22 sshd[1021]: rexec line 38: Deprecated option RhostsRSAAuthentication
Jul 24 07:11:23 lamar22 sshd[1021]: reprocess config line 31: Deprecated option RSAAuthentication
Jul 24 07:11:23 lamar22 sshd[1021]: reprocess config line 38: Deprecated option RhostsRSAAuthentication
Jul 24 07:11:24 lamar22 sshd[1021]: Connection closed by authenticating user op [redacted-home-ip] port 50606 [preauth]

[0xtavian]

This is with ssh op@IP -p2266

Jul 24 07:13:01 lamar22 sshd[1089]: rexec line 16: Deprecated option UsePrivilegeSeparation
Jul 24 07:13:01 lamar22 sshd[1089]: rexec line 19: Deprecated option KeyRegenerationInterval
Jul 24 07:13:01 lamar22 sshd[1089]: rexec line 20: Deprecated option ServerKeyBits
Jul 24 07:13:01 lamar22 sshd[1089]: rexec line 31: Deprecated option RSAAuthentication
Jul 24 07:13:01 lamar22 sshd[1089]: rexec line 38: Deprecated option RhostsRSAAuthentication
Jul 24 07:13:02 lamar22 sshd[1089]: reprocess config line 31: Deprecated option RSAAuthentication
Jul 24 07:13:02 lamar22 sshd[1089]: reprocess config line 38: Deprecated option RhostsRSAAuthentication
Jul 24 07:13:02 lamar22 sshd[1089]: Accepted publickey for op from [redacted-home-ip]port 50609 ssh2: RSA SHA256:tNND2kSER6wl60t3PUPABhKsHs8JqWF1HN/Z+wJL7YQ
Jul 24 07:13:02 lamar22 sshd[1089]: pam_unix(sshd:session): session opened for user op by (uid=0)
Jul 24 07:13:02 lamar22 systemd-logind[729]: New session 5 of user op.

[prologic]

Hmmm 🤔 Bit puzzling 🤷‍♂️

[0xtavian]

Same. If im reading the logs right it seems like orgalorg isnt using the key file?

[prologic]

Did you manage to sort this out? 🤔

[kovetskiy]

Does the same setup work on Linux?

[kovetskiy]

Do you have a ssh-agent daemon running? You can start it and check the command again:
eval "$(ssh-agent -s)";

It is not required to have ssh-agent running, but orgalorg has lots of logic required to ssh-agent too.

[AdjectiveAllison]

I'm having the same issue. Yes the same setup works for linux. I'm using orgalorg with our CI/CD from gitlab and it's working in multiple different docker containers as well as on hosts themselves. But I cannot for the life of me get it to work locally on mac os.

[kovetskiy]

@Allieway could you take a look at this question? #32 (comment)

This information could help with the debugging.

[arren-ru]

This all looks strange, I'm operation on cluster with over 300 nodes by using orgalorg and all fine, with key or userpass auth.

[prologic]

I haven't been able to reproduce either 🤔

[joshskidmore]

I hope to debug this issue some more later, but my theory is this is some sort of cipher mismatch or deeper SSH compatibility issue with the instance/machine you're attempting to connect to. If I spin up an instance that has a more modern version of SSH, I get the same issue. But if I attempt to use orgalorg to connect to an older instance, I have no issues.

I also receive this same error if I attempt to use orgalorg to connect to (a newer SSH instance/machine) from a linux host as well - not just MacOS. (Which furthers my belief that this is related to something deeper within SSH.)

[AdjectiveAllison]

I don't have a mac anymore, I'm over a year late on commenting here, and it's been about the same amount of time since I used orgalorg.

But I'll add some more details from my memory.

@kovetskiy Yes, ssh-agent daemon was running when I had the issue.

I believe I tried all forms of authentication orgalorg offered when I tried it.

@joshskidmore I like where you're going with that idea.

I was trying the same hosts from MacOS as I did multiple docker images and some of the hosts themselves. All but MacOS worked. Maybe the linux host josh ran into the same problem with is an older SSH version itself but my docker images and hosts were all newer?

I was able to regularly ssh and scp as well as use pssh with the hosts, maybe that helps somehow?

I hope I helped a tiny bit, I loved using orgalorg when I did and this issue was a blocker to easily test prior to pushing CI changes.