#bastion (2019-10)
Discuss cloudposse/bastion
2019-10-15
guigo2k
after working fine for several months, bastion is now showing error
{"job":"syncUsers","level":"error","msg":"Access denied","subsystem":"jobs","time":"2019-10-15T12:17:08Z"}
guigo2k
using the docker-compose example at https://github.com/cloudposse/bastion/blob/master/examples/compose/gak.env.example
guigo2k
any ideas?
Erik Osterman (Cloud Posse)
Github rate limits?
Erik Osterman (Cloud Posse)
Github token revoked
2019-10-17
julien M.
Hi, i try to use the cloudposse bastion with docker-compose but i have this error when i try to ssh connect ssh [[email protected]](mailto:[email protected]) -i loadServer -p 1234
[email protected]: Permission denied (publickey).
julien M.
i see this error on bastion container :
bastion_1 | AuthorizedKeysCommand /usr/bin/github-authorized-keys jmenan failed, status 7
bastion_1 | AuthorizedKeysCommand /usr/bin/github-authorized-keys jmenan failed, status 7
bastion_1 | Connection closed by authenticating user jmenan x.x.x.x port 50845 [preauth]
julien M.
this is my bastion.env :
API_URL=<http://gak:301/user/%s/authorized_keys>
MFA_PROVIDER=google-authenticator
SSH_AUDIT_ENABLED=false
SSH_AUTHORIZED_KEYS_COMMAND=/usr/bin/github-authorized-keys
SSH_AUTHORIZED_KEYS_COMMAND_USER=root
LOGLEVEL=DEBUG
julien M.
and my gak.env
GITHUB_API_TOKEN=xxx
GITHUB_ORGANIZATION=xxx
GITHUB_TEAM=ssh
SYNC_USERS_GID=500
SYNC_USERS_GROUPS=sudo
SYNC_USERS_SHELL=/bin/bash
SYNC_USERS_ROOT=/
SYNC_USERS_INTERVAL=30
ETCD_ENDPOINT=<http://etcd:2379>
ETCD_TTL=30
ETCD_PREFIX=github-authorized-keys
LISTEN=:301
INTEGRATE_SSH=true
LOG_LEVEL=debug
LINUX_USER_ADD_TPL=adduser -D -s {shell} {username}
LINUX_USER_ADD_WITH_GID_TPL=adduser -D -s {shell} -u {gid} {username}
LINUX_USER_ADD_TO_GROUP_TPL=addgroup {group}
SSH_AUTHORIZED_KEYS_COMMAND_USER=root
SSH_RESTART_TPL=echo "/usr/sbin/service ssh force-reload"
cjbrignac000
We’re experiencing pretty much the same issue