Open
Description
openedon Nov 1, 2024
Expected behavior:
You should be able to connect to an agentless node by hostname via ssh w/ default tsh config.
Current behavior:
$ tsh config > ~/.ssh/config
$ tsh ls
tsh ls
Node Name Node ID Address Labels
------------------- ------------------------------------ ---------------- --------------------------------------------------------------------
brians-mbp-2 f0170101-f997-4698-a3d3-dc46f48451d5 local.openssh:22 env=dev
$ ssh brians-mbp-2.root.example.com
ERROR: failed connecting to host brians-mbp-2:3022: failed to receive cluster details response
failed to dial target host
direct dialing to nodes not found in inventory is not supported
Connection closed by UNKNOWN port 65535
Using the node UUID, this works as expected:
$ ssh f0170101-f997-4698-a3d3-dc46f48451d5.root.example.com
### success ###
Additionally, changing the tsh config to use Port 22 instead of Port 3022 works. This changes the tsh proxy ssh call to use :22:
$ tsh proxy ssh bjoerger@brians-mbp-2.root.example.com:22
SSH-2.0-Go
Additional note:
I remember this working in the past, but this may have been a false positive. In part of my testing for v17 I changed the hostname to local.openssh which is mapped to 127.0.0.1 in my /etc/hosts. Strangely, running ssh local.openssh.root.example.com actually connects me to the Teleport node, but at first I thought I had successfully connected to the agentless node and almost checked off the test plan.
$ ssh local.openssh.root.example.com
Certificate invalid: name is not a listed principal
### Connects to Teleport node, notice no message of day + cert warning ###
Bug details:
- Teleport version: Tested back to v14
- Recreation steps: register an agentless node with
teleport join openssh
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment