Error creating machine: Error in driver during machine creation: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none password], no supported methods remain

[zhangsean]

Hi mhermosi,

I have got an error when starting a docker with rancheros-proxmoxve-autoformat.iso following the guide steps in Readme.md, the error seems like I provide no password.
As I know, RancherOS start with a user rancher without password in console, there isn't a pretty ssh method unless create an password in console or wget ssh public key to rancher. So which private and public keys shoud I provide to creating a docker with RancherOS without manual steps in console?
Btw, had you ever add this node driver docker-machine-driver-proxmoxve to Rancher 2.x and create a k8s cluster with it? Rancher 2.x will create some nodes in PVE cluster and start a k8s cluster automatically by your setting. I had test the feature with this driver, but got the same error.

Thanks for helping!

Env:

• OS: MacOS
• PVE:

proxmox-ve: 6.0-2 (running kernel: 5.0.21-2-pve)
pve-manager: 6.0-7 (running version: 6.0-7/28984024)

• docker-machine: 0.16.1, build cce350d7

Steps:

PRIVATE_KEY=$(cat <<EOF
-----BEGIN RSA PRIVATE KEY----- 
MIIEowIBAAK...
-----END RSA PRIVATE KEY-----
EOF
)

PUBLIC_KEY=$(cat <<EOF
ssh-rsa AAAAB3Nza...
EOF
)

AUTH_KEYS=$(cat <<EOF
ssh-rsa AAAAB3Nza...
EOF
)

docker-machine create pve \
    -d proxmoxve \
    --debug \
    --proxmoxve-host "10.0.2.11" \
    --proxmoxve-port "8006" \
    --proxmoxve-node "pve1" \
    --proxmoxve-user "root" \
    --proxmoxve-realm "pam" \
    --proxmoxve-password "pve-pasw" \
    --proxmoxve-net-model "virtio" \
    --proxmoxve-net-bridge "vmbr0" \
    --proxmoxve-cpu-type "kvm64" \
    --proxmoxve-cpu-numa \
    --proxmoxve-cpu-pcid \
    --proxmoxve-cpu-spec-ctrl \
    --proxmoxve-cpu-sockets 1 \
    --proxmoxve-cpu-cores 1 \
    --proxmoxve-disksize-gb 16 \
    --proxmoxve-image-file "local:iso/rancheros-proxmoxve-autoformat.iso" \
    --proxmoxve-storage "local-lvm" \
    --proxmoxve-storage-type "raw" \
    --proxmoxve-guest-username "rancher" \
    --proxmoxve-memory-gb 1 \
    --proxmoxve-driver-debug \
    --proxmoxve-resty-debug \
    --proxmoxve-guest-ssh-authorized-keys "${AUTH_KEYS}" \
    --proxmoxve-guest-ssh-private-key "${PRIVATE_KEY}" \
    --proxmoxve-guest-ssh-public-key "${PUBLIC_KEY}"

Logs:

...
(pve) structToStringMap: map[command:network-get-interfaces]
(pve)
(pve) DBG | RESTY 2019/10/21 13:49:08
(pve) DBG | ---------------------- REQUEST LOG -----------------------
(pve) DBG | POST  /api2/json/nodes/pve1/qemu/101/agent?command=network-get-interfaces  HTTP/1.1
(pve) DBG | HOST   : 10.0.2.11:8006
(pve) DBG | HEADERS:
(pve) DBG |                    Cookie: PVEAuthCookie=PVE:root@pam:5DAD4666::YHr+KYd252MT4bhHu2uSclqvQ1RKhCSMzELrkSpuc4DykaisT2cW6reQSdJsdz9b4wKIynk69vu/4Y1mErVIjL5kq0MVftZyf5h29Bz/EeMbKBAqiBjoOASpAGqVyHjaB3OMNLbFM0NEXMGmgCGOHX/HmdXL+jWs1wbLYPI7z3OQ3bFie+mNZJyNyHmO1zBuduPtSG4mBgw+8yOJ97NPIfrQXYjtdhi9xuL5la5zIbO937byz2SWPCkg89fNgvsvAGyOFYoJfLQ5FJEBmmZ7zYHqY8btlqrmCoyHaOp9k3+3EBwrGgutm9lZQ5ZvFoyybRhFcJ5/5EYjqRte+BBehA==
(pve) DBG |       Csrfpreventiontoken: 5DAD4666:Oyv55WNINnUtoZ3VJARbWoSag2Z1VP5R/xoVC0Vdo2s
(pve) DBG |                User-Agent: go-resty/1.12.0 (https://github.com/go-resty/resty)
(pve) DBG | BODY   :
(pve) DBG | ***** NO CONTENT *****
(pve) DBG | ----------------------------------------------------------
(pve) DBG | RESTY 2019/10/21 13:49:08
(pve) DBG | ---------------------- RESPONSE LOG -----------------------
(pve) DBG | STATUS 		: 200 OK
(pve) DBG | RECEIVED AT	: 2019-10-21T13:49:08.957246+08:00
(pve) DBG | RESPONSE TIME	: 121.261673ms
(pve) DBG | HEADERS:
(pve) DBG |             Cache-Control: max-age=0
(pve) DBG |            Content-Length: 806
(pve) DBG |              Content-Type: application/json;charset=UTF-8
(pve) DBG |                      Date: Mon, 21 Oct 2019 05:49:08 GMT
(pve) DBG |                   Expires: Mon, 21 Oct 2019 05:49:08 GMT
(pve) DBG |                    Pragma: no-cache
(pve) DBG |                    Server: pve-api-daemon/3.0
(pve) DBG | BODY   :
(pve) DBG | {
(pve) DBG |    "data": {
(pve) DBG |       "result": [
(pve) DBG |          {
(pve) DBG |             "ip-addresses": [
(pve) DBG |                {
(pve) DBG |                   "ip-address": "127.0.0.1",
(pve) DBG |                   "prefix": 8,
(pve) DBG |                   "ip-address-type": "ipv4"
(pve) DBG |                },
(pve) DBG |                {
(pve) DBG |                   "prefix": 128,
(pve) DBG |                   "ip-address-type": "ipv6",
(pve) DBG |                   "ip-address": "::1"
(pve) DBG |                }
(pve) DBG |             ],
(pve) DBG |             "hardware-address": "00:00:00:00:00:00",
(pve) DBG |             "name": "lo"
(pve) DBG |          },
(pve) DBG |          {
(pve) DBG |             "hardware-address": "16:4b:0a:32:34:8e",
(pve) DBG |             "name": "eth0",
(pve) DBG |             "ip-addresses": [
(pve) DBG |                {
(pve) DBG |                   "prefix": 24,
(pve) DBG |                   "ip-address": "10.0.2.188",
(pve) DBG |                   "ip-address-type": "ipv4"
(pve) DBG |                },
(pve) DBG |                {
(pve) DBG |                   "ip-address-type": "ipv6",
(pve) DBG |                   "prefix": 64,
(pve) DBG |                   "ip-address": "fd15:4ba5:5a2b:1002:144b:aff:fe32:348e"
(pve) DBG |                },
(pve) DBG |                {
(pve) DBG |                   "prefix": 64,
(pve) DBG |                   "ip-address-type": "ipv6",
(pve) DBG |                   "ip-address": "fe80::144b:aff:fe32:348e"
(pve) DBG |                }
(pve) DBG |             ]
(pve) DBG |          },
(pve) DBG |          {
(pve) DBG |             "name": "docker-sys",
(pve) DBG |             "hardware-address": "02:42:63:82:84:38",
(pve) DBG |             "ip-addresses": [
(pve) DBG |                {
(pve) DBG |                   "ip-address": "172.18.42.1",
(pve) DBG |                   "prefix": 16,
(pve) DBG |                   "ip-address-type": "ipv4"
(pve) DBG |                }
(pve) DBG |             ]
(pve) DBG |          },
(pve) DBG |          {
(pve) DBG |             "ip-addresses": [
(pve) DBG |                {
(pve) DBG |                   "ip-address": "172.17.0.1",
(pve) DBG |                   "prefix": 16,
(pve) DBG |                   "ip-address-type": "ipv4"
(pve) DBG |                }
(pve) DBG |             ],
(pve) DBG |             "name": "docker0",
(pve) DBG |             "hardware-address": "02:42:dd:55:b5:10"
(pve) DBG |          }
(pve) DBG |       ]
(pve) DBG |    }
(pve) DBG | }
(pve) DBG | ----------------------------------------------------------
(pve) {"time":"2019-10-21T13:49:08.958485+08:00","level":"INFO","prefix":"-","file":"proxmoxdriver.go","line":"153","message":"Creating directory '/home/rancher/.ssh' on client: 10.0.2.188:22"}
Error creating machine: Error in driver during machine creation: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none password], no supported methods remain
notifying bugsnag: [Error creating machine: Error in driver during machine creation: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none password], no supported methods remain]

[zhangsean]

Using boot2docker ISO from https://github.com/lnxbil/boot2docker/releases/tag/2018-09-16, docker-machine run end with successfully. After run eval $(docker-machine env pve), remote docker running normally. While remote .ssh/authorized_keys doesn't contains my auth key $AUTH_KEYS.
Why RancherOS con't start normally with this proxmoxve driver?

[mhermosi]

Using boot2docker ISO from https://github.com/lnxbil/boot2docker/releases/tag/2018-09-16, docker-machine run end with successfully. After run eval $(docker-machine env pve), remote docker running normally. While remote .ssh/authorized_keys doesn't contains my auth key $AUTH_KEYS.
Why RancherOS con't start normally with this proxmoxve driver?

Hi, I have been quite busy and this driver is a work in progress. there some features that still are not working properly some of those functionalities are inherited from the original driver.

going to try to make some space to review this again.

[lnxbil]

I released a new version which works with the recent RancherOS version out-of-the-box. Please try that.

[zhangsean]

Hi @mhermosi,
Everything works well when starting docker machine with parameters --proxmoxve-guest-username docker ----proxmoxve-guest-password tcuser but without parameters which start with --proxmoxve-guest-ssh.
But it seems like unsecurity using the same password for all nodes.

[lnxbil]

Everything works well when starting docker machine with parameters --proxmoxve-guest-username docker ----proxmoxve-guest-password tcuser but without parameters which start with --proxmoxve-guest-ssh.

That's the default, which can be omitted if you use the recent RancherOS Proxmox VE iso images.

But it seems like unsecurity using the same password for all nodes.

It's a limitation of the used OS, that sets the password, we only use it. Built your own RancherOS Iso with your password, provide it with the driver and you're golden.