I am using the Remote-SSH extension in Visual Studio Code to connect to a remote machine. This remote machine is protected by Duo's two-factor authentication. When I SSH in a terminal (outside of VS Code), I'm able to log-in perfectly - the terminal prompts me through the 2FA process. However, inside VS Code when I'm using the extension, I am not able to log-in. After typing in my SSH hostname and ID, the VS Code interface prompts me for my password over and over again, and does not proceed beyond that point.
Has anyone encountered this issue before? I'd love to know if there is an existing solution. Unfortunately, 2FA is managed by my company and I can't turn it off.
I run into the same problem and fixed it by using SSH ControlMaster for Single Singe-On.
If you connect to the relevant machine using <user_name>#<host_name> you can simply add the following to your ~/.ssh/config:
Host <nickname>
User <user_name>
HostName <host_name>
ControlMaster auto
ControlPath ~/.ssh/%r#%h:%p
If you now open up a new session in your terminal running ssh <nickname> you will be asked for the password and the 2FA key. But all other subsequent ssh sessions (including svn, rsync, etc. that run over ssh) will piggyback off the initial connection without the need for re-authentication.
You can now in VS Code, select Remote-SSH: Connect to Host... from the Command Palette (F1, ⇧⌘P) and simply enter: <nickname> and ControlMaster will automatically connect you using the already standing connection.
In my case, the nickname that I choose is "ody". After connecting VSC's Remote Development extension shows the following in the bottom left corner and lets me browse the files on the remote machine.
From the FASCR:
Note that all subsequent connections are dependent on the initial connection — if you exit or kill the initial connection all other ones die, too. This can obviously be annoying if it happens accidentally. It’s easily avoided by setting up a master connection in the background:
ssh -CX -o ServerAliveInterval=30 -fN <nickname>
The -fN make it go into the background and sit idle, after authenticating. (C for compression,Y for X forwarding, and o ServerAliveInterval=30 to prevent dropped connections have nothing to do with the ControlMaster but are almost always helpful.)
Note that all port forwarding, including X display forwarding, must be setup by the initial connection and cannot be changed.
Got to settings in VS Code and enable this setting, remote.SSH.showLoginTerminal. This pulls up the terminal so that sign in via 2FA that way.
You can use ~/.ssh/config file to configure your hostnames and keys. But I don't know if there is a way to save passwords for convenience.
Related
I have a remote host and because Jetbrains Gateway Pycharm is not free and not as good as pycharm, I am going to use vscode on my mac to do remote development.
On my remote host that is a gcp VM sandbox I have two project that I want to have them open at the same time, and if possible, in the same windows in vscode to be able to easily navigate between them
How can I have two different connections active at the same time?
I tried this:
in my mac I modified ~/.ssh/config as below:
suppose the ip address of my Sandbox is 10.100.36.54
Host A1
HostName 10.100.36.54
IdentityFile ~/.ssh/google_compute_engine
User myuser
Host A2
HostName 10.100.36.54
IdentityFile ~/.ssh/google_compute_engine
User myuser
I do I the setup on vscode
It is now showing me two different connections in my vscode each pointing to a different directory. but once I open one of them the other one is deactivated (is not green)
I also dont know how to open both of them in the same window in vscode.
I also tried workspace. both directories are showing there but none of them are connected to ssh; both are showing yellow which means the connection is not established
My workflow is: I ssh into machine A from my local, then into machine B from machine A.
I wish to develop on machine B using VScode remote functionality but this two-level ssh doesn't look straight forward in VScode and a google search didn't yield much info on it either.
Is there a way to do this?
Thanks!
The key word is ProxyJump here.
ssh hostb -o ProxyJump=hosta
For using it with vscode, you should edit your .ssh/config
HOST my_alias_name_for_host_a
hostname ip_or_hostname
user my_username_on_host_a
HOST my_alias_name_for_host_b
hostname ip_or_hostname
user my_username_on_host_b
ProxyJump my_alias_name_for_host_a
vscode will work without even knowing that there is an intermediate host
I have connected to a remote Ubuntu host from Windows using VS Code and using it for remote development. Often times I open different code repositories in VS Code but every time I have to open a different folder despite having the connection established the VS Code ask for password.
It seems that once we are commented to a remote host then successive opening of different folder from same host should not prompt for password.
Is there any setting I am missing or should do to resolve this or save password.
I'm assuming you're connecting to an ssh remote.
There are two ways to authenticate an ssh connection, via password and via public/private key. When using the latter you don't need to enter the password each time.
To use the public/private keys here's what you have to do:
You first need a pair (public/private) of ssh keys. On windows you can use ssh-keygen to generate them for you and put them in the default ssh config folder ( ~/.ssh/)
You then have to configure the remote server to allow your ssh key, you can do this in two ways:
with the ssh-copy-id command if available (I think on windows it's not there, but you can try)
by manually add your public key (~/.ssh/id_rsa.pub) to the.ssh/authorized_keys file on the host machine
Here's a link to know more about passwordless logins via ssh: https://www.redhat.com/sysadmin/passwordless-ssh
Open git bash on Windows
cd .ssh
ssh-copy-id -i id_ed25519.pub your-username#your-server
How do i stop this?
Session stopped
- Press <return> to exit tab
- Press R to restart session
- Press S to save terminal output to file
Network error: Software caused connection abort
It looks SSH keepalive setting has no effect there
If you are still looking for the answer like me, here you go!
Settings -> Configuration -> SSH -> SSH keepalive
Restart MobaXTerm after changing the setting for it to take effect.
https://superuser.com/a/1298536
In my case I have SSH keepalive option checked but this happens every now and then.
So what I do is.
Disable (uncheck) SSH keeaplive close MobaXterm
Open MobaXterm and check SSH keeaplive close MobaXterm (again)
Open MobaXterm enjoy the stability for a couple of weeks...
I am using a licensed version on a computer running Windows 10 Professinal version 20H2.
Both solutions posted above (by #helloworld & #jepachecoh) actually work but there may be need for extra work, so here are a few additions.
The two options above work if:
1. You're connecting to a host (destination server) that is running SSH (daemon) but doesn't have any session timeout configurations set for connecting SSH clients.
2. You're connecting to a host that already has SSH client timeout configuration set but the set value (on the remote host) is either higher than, or equal to the "keepalive" value you have set on your SSH client (like MobaXterm, Putty etc).
If the destination server's "SSH keepalive configurations for the clients" are set, they override your remote client SSH keepalive configurations, hence controlling the session timeouts.
To find out if there are any configs set on the destination server's SSH configurations, use the command below (as root, or a user with sudo privileges):
$ cat /etc/ssh/sshd_config | grep "ClientAlive"
The command above works on multiple Linux and Solaris flavours.
If you don't have admin access to the destination server, your Systems administrator may be managing your session timeouts irrespective of the "keepalive" parameters you set on your SSH client before connecting.
Lastly, if you are using VPN software, or connecting to a demilitarized zone (DMZ), sometimes the session timeouts are controlled at that level (firewall level), so involve your Network administrator.
Bottom line, love your administrators. :-)
I'm trying to use Tramp/Emacs-23 in Ubuntu 12.04 in order to edit the remote host files. My remote host has two step authentication (RSA+Passwd). I use multiplexing through .ssh/config to ensure that tramp can directly connect to the remote shell without having to provide passwords.
My problem however is that I have 3 different remote hosts. When I try to connect to remote host through tramp without the initial multiplexing (through terminal), the TRAMP hangs with a message stating "Tramp: Waiting for prompts from remote shell". I used the below mentioned commands in .ssh/config to ensure the connection gets lost after a specified interval upon no prompt.
Host *
ServerAliveCountMax=30
ServerAliveInterval=5
However this doesn't seem to have any effect on the tramp connection. It will be of help if someone can help me in fixing this issue.
Sorry that your question has been left hanging so long.
I can offer a couple of things to try, use the tramp protocol sshx instead of ssh, it seems to cope better with most non-vanilla ssh connections.
e.g.
/sshx:user#host:path/filename
The other thing to try is adding your ssh key passphrase to the session at startup, run an ssh-agent on the machine, and connect to it at startup, then run ssh-add to enter the passphrase once.
As a side note, upgrade your Emacs to 24.3 there's a lot of new/great stuff in there since 23.x