Cisco VPN: ssh: handshake failed: ssh: unable to authenticate.. no supported methods remain

[davisford]

Hi, not sure how useful this issue is, or what you could do to work around it, but I figured I'd document it -- maybe it will help someone else.

So, I've happily constructed my minikube environment and been playing with k8s clusters for several days, but today I noticed it just hang. I could not get minikube status to return, and kubectl was totally unresponsive (also hangs).

I realized shortly after that it was a result of the Cisco VPN Client I'm using which happens to hi-jack the entire network stack -- and forces all traffic through its tunnel.

I've run into this issue before -- working at other companies that use this client and trying to run Virtual Machines like VMWare. Even if you setup networking in a VM to use bridged or hosted -- the VPN prevents you from reaching it when you are connected.

Perhaps there's an event from the OS you could trap on to let you know when the network is re-configured and then you could gracefully shutdown or pause? That's really the purpose of me posting this issue. Hope it is helpful

ml-dford:kube-dashboard dford$ minikube ip
💣  Error getting IP: IP address is not set

😿  Sorry that minikube crashed. If this was unexpected, we would love to hear from you:
👉  https://github.com/kubernetes/minikube/issues/new

ml-dford:kube-dashboard dford$ minikube logs
💣  command runner: getting ssh client for bootstrapper: Error dialing tcp via ssh client: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

😿  Sorry that minikube crashed. If this was unexpected, we would love to hear from you:
👉  https://github.com/kubernetes/minikube/issues/new

Mac OS 10.13.6 High Sierra

[balopat]

Thank you @davisford for opening this.

1. It is a good idea and can fall into the category of detecting known errors that @tstromberg started developing. Maybe we can offer some extra debugging info using scutil?
2. minikube shouldn't just crash on ssh errors

Any PRs, thoughts welcome!

[aidagha]

Hi I also have exact same issue (minikube 1.2.0) hyperkit on mac os, when VPN is up, kubectl version times out. if I turn off the VPN it works just fine !

@davisford did you figure out how to reroute the traffic not to go through vpn ?

[davisford]

@aidagha with the Cisco VPN I indicated above, there is no way. It hijacks the complete network stack. I believe it can be configured to allow local LAN access when using VPN (see pic):

But note the (if configured) -- mine doesn't allow it. If you can convince whoever set up your VPN to allow that, then it might work?

[tstromberg]

Just as a heads up - there is some integration with hyperkit and VPN's that may resolve this now. Expect it to still be broken with VirtualBox however.