juju ssh --proxy not working on aws when targeting containers with FAN addresses

Bug #1932547 reported by Achilleas Anagnostopoulos
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
juju
Medium
Achilleas Anagnostopoulos
2.8
Medium
Achilleas Anagnostopoulos

Bug Description

When attempting to ssh to a unit with a FAN address, we get the following error from 'juju ssh': 'kex_exchange_identification: Connection closed by remote host)'

To reproduce, bootstrap on aws and run the following commands:

```
$ juju deploy mysql --to lxd
$ juju ssh --proxy mysql/0
```

Changed in juju:
importance: Undecided → Medium
assignee: nobody → Achilleas Anagnostopoulos (achilleasa)
status: New → Triaged
Changed in juju:
milestone: 2.9.6 → 2.9.7
Changed in juju:
assignee: Achilleas Anagnostopoulos (achilleasa) → nobody
milestone: 2.9.7 → 2.8.12
no longer affects: juju/2.9
Changed in juju:
milestone: 2.8.12 → 2.9.7
status: Triaged → In Progress
Revision history for this message
Achilleas Anagnostopoulos (achilleasa) wrote :

PR https://github.com/juju/juju/pull/13108 provides a workaround for 2.8. Once landed it will be forward ported to 2.9

summary: - juju ssh --proxy not working on aws
+ juju ssh --proxy not working on aws when targeting containers with FAN
+ addresses
Revision history for this message
Achilleas Anagnostopoulos (achilleasa) wrote :

PR https://github.com/juju/juju/pull/13110 forward ports the workaround to 2.9.

Note that the workaround has a caveat: copying files (juju scp) between two remote containers using the --proxy flag will not work as the source and destination need a custom (and different) ssh proxy command. However, users can still copy the files from remote A to the local (client) machine and then scp the files over to remote B.

Changed in juju:
assignee: nobody → Achilleas Anagnostopoulos (achilleasa)
status: In Progress → Fix Committed
Changed in juju:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers