Terraform: Error connecting to SSH_AUTH_SOCK: dial unix /tmp/ssh-EZc62lEbliJm/agent.8824: An address incompatible with the requested protocol was used
I'm using a Windows workstation and when trying to use the chef provisioner in my Terraform script I receive the following error upon "apply";
aws_instance.jenkins_server: Provisioning with 'chef'...
Error applying plan:
1 error(s) occurred:
* Error connecting to SSH_AUTH_SOCK: dial unix /tmp/ssh-EZc62lEbliJm/agent.8824: An address incompatible with the requested protocol was used.`
Here is my block in code for the provisioning;
connection {
user = "ec2-user"
key_file = "chef_keys/chef.pem"
}
provisioner "chef" {
attributes {
"jenkins" {
"master" {
"install_method" = "package"
}
}
}
environment = "${var.chef_environment}"
run_list = ["jenkins::master"]
node_name = "jenkins_server"
server_url = "${var.chef_server}"
validation_client_name = "cof-cloud-validator"
validation_key_path = "cof-cloud-validator.pem"
skip_install = true
}
(within the aws.instance resource).
Is this error happening because the chef provisioner is attempting to use SSH to upload my validation key and it's not supported by Terraform from a Windows workstation?
james-s-nduka
All 8 comments
+1 having this issue on OS X. Standing up ~100 servers and seeing the following errors-
Error applying plan:
24 error(s) occurred:
* Failed to read key file "~/Keys/us-west-2.pem": open /Users/amorris/Keys/us-west-2.pem: too many open files
* Error connecting to SSH_AUTH_SOCK: dial unix /private/tmp/com.apple.launchd.EW9CyxJYmv/Listeners: too many open files
* Failed to read key file "~/Keys/ap-southeast-2.pem": open /Users/amorris/Keys/ap-southeast-2.pem: too many open files
* Error connecting to SSH_AUTH_SOCK: dial unix /private/tmp/com.apple.launchd.EW9CyxJYmv/Listeners: too many open files
* Error connecting to SSH_AUTH_SOCK: dial unix /private/tmp/com.apple.launchd.EW9CyxJYmv/Listeners: too many open files
* Error connecting to SSH_AUTH_SOCK: dial unix /private/tmp/com.apple.launchd.EW9CyxJYmv/Listeners: too many open files
* Error connecting to SSH_AUTH_SOCK: dial unix /private/tmp/com.apple.launchd.EW9CyxJYmv/Listeners: too many open files
andrew-morris
on 20 Oct 2015
+1 Having this issue on Windows as well:
- Error connecting to the SSH_AUTH_SOCK: dial unix C:/Users/bmartino/AppData/Local/Temp/ssh-5I5AiE1pUPN7/agent.10696: An address incompatible with the requested protocol was used.
brendon-martino
on 2 Nov 2015
:+1: this is a big issue
danielcbright
on 2 Nov 2015
possibly related: https://github.com/hashicorp/otto/issues/144
brendon-martino
on 2 Nov 2015
:+1: have customers needing windows support
ckelner
on 2 Nov 2015
The Terraform provisioner makes a connection which uses an ssh agent. There is no option to specify the TYPE of agent or a PATH to a specific agent.
In our use case scenario, we are configuring a bastion server and a backend/frontend combo via the bastion server. We use SSH agent to forward our keys through the bastion server to the others.
This works for Mac/*nix systems, but not for a windows ssh agent ...
attempting to use Pageant as the agent:
- SSH Requested but SSH_AUTH_SOCK not-specified
attempting to use gitbash as the agent:
- Error connecting to the SSH_AUTH_SOCK: dial unix C:/Users/bmartino/AppData/Local/Temp/ssh-5I5AiE1pUPN7/agent.10696: An address incompatible with the requested protocol was used.
attempting to use cygwin as the agent:
- Error connecting to SSH_AUTH_SOCK: dial unix /tmp/ssh-3altBgpWGMsT/agent.9380: An address incompatible with the requested protocol was used.
The reason for this appears to have to do with the reason that Putty works (on Windows) in this respect:
https://github.com/hashicorp/otto/issues/144
"Windows (I'm using Window 7) doesn't support Unix domain sockets.... otto uses golang.org/x/crypto/ssh/agent... Putty ... seems that it communicates with Pageant (ssh-agent) using the Windows SendMessage mechanism....I downloaded the putty-src and found that ssh.c calls (on line 8834, say) agent_query(...) There seems to be a Unix version in uxagentc.c, which makes a unix domain socket. Then there's a winpgntc.c version of agent_query(...) which uses SendMessage."
So basically, Putty is smartly coded to create the appropriate Unix sockets from the Windows Environment, but Terraform can't handle this approach and expects only unix-like sockets without the ability to specify a tool that will auto-convert them for you.
Thus, we would most likely need a PR created to fix the TF code in order to get ssh agents working properly on Windows.
I would suggest a couple of new options for the connection provisioner:
-agent_path (/path/to/specific/agent/to/use/)
-agent_type (windows|unix)
If coded correctly, this would allow you to specify a Windows-y way to connect via an SSH agent, instead of assuming that the default agent will work verbatim.
brendon-martino
on 3 Nov 2015
Try adding agent = "false" to your connection. I found that when agent is omitted from the connection object it fails to connect all together, and with agent = "true" you get the sock error. This is exhibited in 0.6.8.
johnt337
on 8 Dec 2015
I'm going to lock this issue because it has been closed for _30 days_ โณ. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
![hashibot[bot] picture](https://avatars2.githubusercontent.com/in/8332?v=4&s=40)
hashibot[bot]
on 29 Apr 2020
Related issues
allomov
ยท
3Comments
Seraf
ยท
3Comments
rnowosielski
ยท
3Comments
ketzacoatl
ยท
3Comments
carl-youngblood
ยท
3Comments
Most helpful comment
Try adding agent = "false" to your connection. I found that when agent is omitted from the connection object it fails to connect all together, and with agent = "true" you get the sock error. This is exhibited in 0.6.8.