My VS Code has a SSH-FS connection with my GCE VM and can view / edit files and folder structures directly from the sidebar of VS Code client app in my MacOS. In strengthening the security of my VM, I enabled 2FA to my VM instance by adding metadata of enable-oslogin-2fa=TRUE and enable-oslogin=TRUE. However, the VS Code SSH, which was working perfectly, now shows an error saying error while connecting to ssh fs all configured authentication methods failed. Is there a way to keep my 2FA setting for VM instance while maintaining automatic SSH connection for my VS Code app?
Source of Google 2FA
https://cloud.google.com/compute/docs/oslogin/setup-two-factor-authentication#configure_2fa
Environment
VS Code: Version: 1.52.1
Google Compute Engine VM Instance: Debian GNU/Linux 9.13 (stretch)
Related
I'm rather new to containerization. I have used Windows Subsystem for Linux 2 (WSL) to make an image containing for example Debian and Node JS.
I've followed these steps to Add a new SSH Key to Your GitHub Account instructions to add a (private) SSH key inside the container (and add that public key to my GitHub account). Was it right to do that inside the container, basically using the terminal in VS Code?
I was able to pull and use this image on MacOS and was able to use the Source Control tab within VS Code (Running Remote-Development Plugin and opened my GitHub repository in my docker container.)
However on Windows, I am unable to use the Source Control tab in VS Code (while running connected to the dev container) for pulling and pushing. I receive the following error.
I am able to push and pull if I use the terminal, rather than the UI, and provide the password for the SSH key. How do I make it not require this, as in MacOS?
I, and provide the password for the SSH key
There is no password, only a passphrase, if you have associated one at the creation of the private key.
I suggest you create one without passphrase for testing.
Also for testing, try in command line (before launching VSCode):
ssh -Tv git#github.com
As long as you don't see a Welcome message, the key won(t work (in a container or outside).
I have an AWS RDS (PostgreSQL) that is inside a private network - only accessible via a VPN and Bastian Host.
I am able to establish connection from PBI Desktop to "PostgreSQL-RDS Instance." By creating SSH tunneling from my Laptop (localhost) to Bastian Host using ODBC Driver. With this approach all the data is imported onto PBI desktop(import mode).
But our requirement is to establish connection through a direct query to refresh data real time and generate the Reports Dynamically which I am not able to.
I entered the database credentials into the Power BI desktop tool, and it not working correctly in the power bi desktop, getting a Timeout Error.
I must use direct query, I can't use import.
Any help is appreciated.
An exact error that you are getting would help get to the root cause of the issue. However, a few basic troubleshooting steps that I'd suggest are:
Ensure that you have a compatible version of the software installed on your machine such as the Npgsql-4.0.9. AT times the latest version of the software usually causes issues.
Ensure that you remove the semicolon at the end of the query.
Once you get the query running successfully on the desktop version, when you publish it to the web version, the visuals will not be able to connect to the database unless an on-premises data gateway is setup. To do so, more details on setting up a data gateway to automatically refresh the dataset for the power bi web version are here:
Refresh AWS RDS database from Power BI Web you are successfully able to query directly
I installed k3s and kubevirt on Fedora33 Server. I create a virtual machine named cirros but while getting console of vm I am facing issue while I can connect with ssh.
KubeVirt gives you access to the graphical and serial console.
But in order for SSH to work you need to manually enable it inside the quest - or via cloud-init.
I have downloaded opshub tool for the migration, trying to migrate from on premises to visualstydio team service. Getting error On the migration summary page with error message:
"Unable to communicate with the required process opshubtfsservice.Because probably it is not running. Restart application & try again"
I verified the opshub service is running as local service. I tried to restart & tried with Network service/local account etc. But no lock.
Can you please help me on this here.
Thank you.
It seems that your machine is behind a proxy and all traffic in-out is being routed through it. (Including the communication of local traffic)
You will have to bypass local addresses from the proxy as well as enable OVSMU to communicate through the proxy.
Please refer the C:\Program Files\OpsHub Visual Studio Migration Utility\Other_Resources\Resources\ProxyUtility.zip to configure OVSMU to utilize your proxy. There should be a user guide document which lists the steps.Keep the bypass local address value as default.
I'm integrating Bitvise client into my winform app. I am using Bitvise SSH Client command line (stnlc.exe in the app's directory) to do so. My app needs to have multiple connections at the same time.
It works well with some addresses, but some other it doesn't. This is the command that I'm using:
"C:\Program Files (x86)\Bitvise SSH Client\stnlc.exe" -profile="C:\Users\AutoOffer\AutoOffer\bin\Debug\data\sshprofile.bscp" -host=<myhost> -port=22 -user=<username> -pw=<password> -ka=y -proxyFwding=y -proxyListIntf=127.0.0.1 -proxyListPort=<port>
And this is the error I got:
Bitvise SSH Client 6.45 - stnlc - free for individual use only, see EULA
Copyright (C) 2000-2015 by Bitvise Limited.
Connecting to SSH2 server XX.XX.XX.XX:22.
Connection established.
Server version: SSH-2.0-dropbear_0.46
First key exchange started.
ERROR: The SSH2 session has terminated with error.
Reason: Error class: LocalSshDisconn, code: KeyExchangeFailed, message: FlowSshTransport: no mutually supported key exchange algorithm.
Local list: "ecdh-sha2-1.3.132.0.10,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group14-sha1".
Remote list: "diffie-hellman-group1-sha1".
I tried to connect manually by the Bitvise app with GUI and it successfully connected!
I also updated my bitvise version to the latest (6.45).
Local list: "ecdh-sha2-1.3.132.0.10,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group14-sha1".
Remote list: "diffie-hellman-group1-sha1".
So it looks like the remote side just supports diffie-hellman-group1-sha1, which is not supported on your side.
On Bitvise SSH Server Version History I read:
The 1024-bit fixed prime Diffie Hellman key exchange methods, diffie-hellman-group1-sha1 and gssapi-group1-sha1 with Kerberos 5, are now disabled by default, due to doubts about continuing security of Diffie Hellman with a 1024-bit fixed prime. Compatibility with most older clients should be retained via the diffie-hellman-group14-sha1 method, which uses a 2048-bit fixed prime. We recommend migrating older SSH clients to new versions supporting ECDH and ECDSA.
So it looks like you have to modify the settings and allow 1024-bit fixed prime Diffie Hellman key exchange methods. Otherwise you will not be able to connect. As explained it is of course better to change the ssh server settings.
Also, please note that running stnlc as a service is a possibility. With it, the tunnel can be started even without the user having to log on, and can be restarted upon dropping.
Be aware that wrapping and running stnlc as a service (using eg. nssm or winsw) absolutely requires adding the unat=y option to prevent the service from going interactive and failing.