Hello everyone
As stated from the title, i’m basicaly done with the product.
I’ve been trying to make it work for a week without any success, i’m describing all of the steps i’ve done so far here in an attempt to get some help because there’s not enough topic already discussing theses issues and i can’t find any help on the forum/github/docs/online after a day of research
You can see the config i’m using at the end for easier readability
My current state :
- Controller WebUI accessible from internet browser and desktop client ok
- Creation of Org / Project / User / Host / Target via Ansible ok
- Connection with the Desktop Client ok
- Initialisation of session ok
Then, the moment i use the local forwarded port generated for the SSH session, the connexion is forwarded properly to the proxy (port 9202), but then the connexions is being dropped from the proxy and isn’t forwarded toward my target. (with my username specified inside the ssh command + ssh-key loaded inside pageant for forwarding purpose)
I tried enabling debug loggings inside my configuration but i don’t have any logs regarding refused connexion or anything like that. I only have audit logs and nothing else despite activating logs
The only error i have on my end is the following one :
ssh_exchange_identification: read: Software caused connection abort
Or, after trying again (i’m guessing the forwarded port is being dropped after a failure) :
ssh_exchange_identification: read: Connection reset by peer
There’s also no connectivity issue because i can already telnet every ports and they are all responding properly. (from my client host to my boundary host, both on ports 9200 and 9202)
I’m using Ubuntu 24.04.01 on both my boundary host and my target. My client OS is Windows with the boundary desktop client in it’s latest version
I’m also using version 0.19.1 of Boundary on the container
I also tried with the boundary dev command without any success, i’m facing the same issue with no logs whatsoever to help me find the cause of this issue , and i also tested it on 3 different OS all in dev mode and it’s still isn’t working as intended. I’m serously doubting this product works at all, even following the doc 100% and applying all of the different exemples, i still can’t even proxy a connexion on the localhost host.
I went through tenths of pages on google and this forum, i never found something who is having the same issue as me
Here’s my current configuration
disable_mlock = true
controller {
name = "controller-boundary"
description = "Boundary Controller"
database {
url = "env://BOUNDARY_POSTGRES_URL"
}
}
worker {
name = "worker-worker"
description = "Boundary Worker "my-boundary-host.my.domain.local"
public_addr = "my-boundary-host.my.domain.local"
}
listener "tcp" {
address = "boundary"
purpose = "api"
tls_disable = true
}
listener "tcp" {
address = "boundary"
purpose = "cluster"
tls_disable = true
}
listener "tcp" {
address = "boundary"
purpose = "proxy"
tls_disable = true
}
kms "aead" {
purpose = "root"
aead_type = "aes-gcm"
key = "<OBFUSCATED>"
key_id = "global_root"
}
kms "aead" {
purpose = "worker-auth"
aead_type = "aes-gcm"
key = ""<OBFUSCATED>"
key_id = "global_worker-auth"
}
kms "aead" {
purpose = "recovery"
aead_type = "aes-gcm"
key = ""<OBFUSCATED>"
key_id = "global_recovery"
}
events {
audit_enabled = true
observations_enabled = true
sysevents_enabled = true
sink "stderr" {
name = "all-events"
description = "All events sent to stderr"
event_types = ["*"]
format = "cloudevents-json"
}
sink {
name = "worker-audit-sink"
description = "All events sent to a file"
event_types = ["*"]
format = "cloudevents-json"
file {
path = "/boundary"
file_name = "boundary.log"
}
audit_config {
audit_filter_overrides {
secret = "encrypt"
sensitive = "hmac-sha256"
}
}
}
}
Thanks for any future help