Using ssh with Inspec via the docker container


#1

Guys,

A couple of caveats - I am new to both Inspect and Docker so I am bound to be doing something wrong.

I have created a bunch of tests in Inspec and attempted to test them on a target host using SSH and keys. I am using the containerised version of Inspec but I can’t get it to authenticate. I’m sure it’s obvious but my head is getting sore banging on the desk.

So here’s what I’m doing

Daves-MacBook-Pro:InSpec dave$ docker run -it --rm -v $(pwd):/share chef/inspec exec initial -t ssh://dave@distribution --key-files=~/.ssh/id_rsa --user=dave --log-level=debug
D, [2018-06-12T21:20:25.321296 #1] DEBUG – : [SSH] dave@distribution<{:user_known_hosts_file=>"/dev/null", :port=>22, :compression=>false, :compression_level=>0, :keepalive=>true, :keepalive_interval=>60, :timeout=>15, :auth_methods=>[“none”, “publickey”], :keys_only=>true, :keys=>["~/.ssh/id_rsa"], :password=>"", :forward_agent=>nil, :proxy_command=>nil, :verify_host_key=>false}> (uname -s)
D, [2018-06-12T21:20:25.321553 #1] DEBUG – : [SSH] opening connection to dave@distribution<{:user_known_hosts_file=>"/dev/null", :port=>22, :compression=>false, :compression_level=>0, :keepalive=>true, :keepalive_interval=>60, :timeout=>15, :auth_methods=>[“none”, “publickey”], :keys_only=>true, :keys=>["~/.ssh/id_rsa"], :password=>"", :forward_agent=>nil, :proxy_command=>nil, :verify_host_key=>false}>
I, [2018-06-12T21:20:25.709652 #1] INFO – : [SSH] connection failed, retrying in 1 seconds (#<Net::SSH::AuthenticationFailed: Authentication failed for user dave@distribution>)
D, [2018-06-12T21:20:26.711534 #1] DEBUG – : [SSH] opening connection to dave@distribution<{:user_known_hosts_file=>"/dev/null", :port=>22, :compression=>false, :compression_level=>0, :keepalive=>true, :keepalive_interval=>60, :timeout=>15, :auth_methods=>[“none”, “publickey”], :keys_only=>true, :keys=>["~/.ssh/id_rsa"], :password=>"", :forward_agent=>nil, :proxy_command=>nil, :verify_host_key=>false}>
I, [2018-06-12T21:20:26.863483 #1] INFO – : [SSH] connection failed, retrying in 1 seconds (#<Net::SSH::AuthenticationFailed: Authentication failed for user dave@distribution>)
D, [2018-06-12T21:20:27.863964 #1] DEBUG – : [SSH] opening connection to dave@distribution<{:user_known_hosts_file=>"/dev/null", :port=>22, :compression=>false, :compression_level=>0, :keepalive=>true, :keepalive_interval=>60, :timeout=>15, :auth_methods=>[“none”, “publickey”], :keys_only=>true, :keys=>["~/.ssh/id_rsa"], :password=>"", :forward_agent=>nil, :proxy_command=>nil, :verify_host_key=>false}>
I, [2018-06-12T21:20:28.135679 #1] INFO – : [SSH] connection failed, retrying in 1 seconds (#<Net::SSH::AuthenticationFailed: Authentication failed for user dave@distribution>)
D, [2018-06-12T21:20:29.137781 #1] DEBUG – : [SSH] opening connection to dave@distribution<{:user_known_hosts_file=>"/dev/null", :port=>22, :compression=>false, :compression_level=>0, :keepalive=>true, :keepalive_interval=>60, :timeout=>15, :auth_methods=>[“none”, “publickey”], :keys_only=>true, :keys=>["~/.ssh/id_rsa"], :password=>"", :forward_agent=>nil, :proxy_command=>nil, :verify_host_key=>false}>
I, [2018-06-12T21:20:29.389034 #1] INFO – : [SSH] connection failed, retrying in 1 seconds (#<Net::SSH::AuthenticationFailed: Authentication failed for user dave@distribution>)
D, [2018-06-12T21:20:30.392144 #1] DEBUG – : [SSH] opening connection to dave@distribution<{:user_known_hosts_file=>"/dev/null", :port=>22, :compression=>false, :compression_level=>0, :keepalive=>true, :keepalive_interval=>60, :timeout=>15, :auth_methods=>[“none”, “publickey”], :keys_only=>true, :keys=>["~/.ssh/id_rsa"], :password=>"", :forward_agent=>nil, :proxy_command=>nil, :verify_host_key=>false}>
W, [2018-06-12T21:20:30.736623 #1] WARN – : [SSH] connection failed, terminating (#<Net::SSH::AuthenticationFailed: Authentication failed for user dave@distribution>)
Transport error, can’t connect to ‘ssh’ backend: SSH session could not be established

To prove that the key file is valid

Daves-MacBook-Pro:InSpec dave$ ssh distribution -i ~/.ssh/id_rsa
Last login: Tue Jun 12 22:18:24 2018 from 192.168.1.150
Distribution-Server:~ dave$

What am I doing wrong - apologies if it’s really obvious :slight_smile:

Regards

Dave