Clarification: INFO[0191] dialing sshd

[thornycrackers]

Hello!

I'm running uptermd on a server and when I connect to it with upterm I see the dialing message above. When people try to connect to the session the get permission denied. I'm guessing this is because upterm is trying to do some pubkey authentication with my locally running sshd? I'm guessing that since if I run upterm on a computer that has no sshd running everything seems to work normally and clients connect with no permission problems. I was just wondering how the dialing sshd part works and how to set it up so that other clients can connect to my machine.

On uptermd node:

uptermd --debug --ssh-addr <ip>:<port> --node-addr <ip>:<port>

On upterm host

upterm host --server ssh://<ip>:<port> -- bash

On upterm client

<copied ssh command>
Connection closed by <ip> port <port>

uptdermd logs:

DEBU[0850] connection establishing failed                addr="ip:port" app=uptermd com=ssh-proxy error="error checking user cert: ssh: principal \"blahblahblabh" not in the set of valid principals for given certificate: [\"host\"]" network=mem network-opt="[]" node-addr="<ip>:<port>" ssh-addr="<ip>:<port>"

[thornycrackers]

After some more investigation this occurs with versions 0.5.x but when I build 0.4.6 I can get access to the host without issues.

[owenthereal]

@thornycrackers There were some changes on how cert is issued. Please make sure both the server uptermd and client upterm are up to date and remove the trusted certs in ~/.ssh/known_hosts. Let me know if this works or not. Cheers.

[jamie-pate]

Whenever I try to connect with separate users I get
Permission denied (publickey).

Is there a way to disable public key auth? I just want a simple way to ride along with somebody else's shell session and help them troubleshoot issues...

[jamie-pate]

with 0.6.3 I was able to do something semi-casual by sending them my public key file, which they can authorize like this:
./upterm host --authorized-key=jpate_key.pub --server ssh://<ip>:2222

[ww-daniel-mora]

@jamie-pate @owenthereal I'm stumped on setting up my own host server with this error when I try to run upterm host --serve ssh://<host-ip>

FATA[0000] ssh dial error: dial tcp <some ip> connect: connection refused

I am using an EC2 box to host the uptermd server and I'm fairly confident I have the virtual firewall set up correctly since using an invalid port times out while using the correct port is instantly refused.

Perhaps there is a way to get more verbose logging to see why the connection is refused? I'm not getting anything interesting when I use the --debug flag on the server.

[ww-daniel-mora]

Okay I eventually got this working. I think I had to set the --hostname and then I had to update the service file to not block any ip addresses since I want the filtering done at the virtual firewall level.