Hi,
I have the following setup:
Client → HCP Boundary → Ingress worker (in AWS) → Egress worker (in Azure in private subnet) → Private server
After setting up the target (Private server) I try to connect to it but fails.
$ boundary connect ssh -target-id=tssh_l7NG5VuZB2 -- -l azureuser -i ~/Downloads/server_key.pem
Unable to authorize connection
kex_exchange_identification: read: Connection reset by peer
Connection reset by 127.0.0.1 port 61485
The private key file is there and permissions have been set.
$ ls -l ~/Downloads/server_key.pem
-rw-------@ 1 chris staff 2494 May 8 11:08 /Users/chris/Downloads/server_key.pem
But when I create a (static) credentials store with the azureuser and private key file contents and then inject this into the target, then it somehow does work.
$ boundary connect ssh -target-id=tssh_l7NG5VuZB2
Welcome to Ubuntu 22.04.2 LTS (GNU/Linux 5.15.0-1037-azure x86_64)
(...)
Last login: Mon May 8 09:34:00 2023 from 100.10.0.4
azureuser@server:~$
The journal logs of the ingress worker do show these logs talking about empty credentials.
May 08 10:43:09 ingress boundary-worker[2114]: {"id":"Xpj7lxnLE0","source":"https://hashicorp.com/boundary/ip-172-31-45-69/worker","specversion":"1.0","type":"system","data":{"version":"v0.1","op":"worker.(Worker).handleProxy","data":{"msg":"session successfully activated","session_id":"s_ULXIQJSb92"}},"datacontentype":"application/cloudevents","time":"2023-05-08T10:43:09.790617434Z"}
May 08 10:43:09 ingress boundary-worker[2114]: {"id":"964SSDCyqK","source":"https://hashicorp.com/boundary/ip-172-31-45-69/worker","specversion":"1.0","type":"error","data":{"error":"error authorizing connection: rpc error: code = Unknown desc = handlers.entProtocolContext: handlers.GetEncryptedCredentials: empty credentials: parameter violation: error #100","error_fields":{},"id":"e_reoFVtNeyn","version":"v0.1","op":"worker.(Worker).handleProxy","info":{"msg":"unable to authorize connection"}},"datacontentype":"application/cloudevents","time":"2023-05-08T10:43:09.921966032Z"}
$ boundary version
Version information:
Build Date: 2023-04-04T15:39:15Z
Git Revision: 482cc6879118f94ce32e28740cf0b4da2507d0aa
Version Number: 0.12.2
What am I doing wrong here?