From f9db6651b896cc3d74372e7ba8bf9fa1fea08ad8 Mon Sep 17 00:00:00 2001 From: Ahmon Dancy Date: Tue, 16 Jul 2019 14:07:53 -0700 Subject: [PATCH] Improve ssh connection debug messages 1) Mention the host and port in the "Connecting..." message. 2) Mention the username in the post-connection handshaking message. 3) If handshaking fails, mention the user, host, and port in the error message that will eventually be returned to the user. --- communicator/ssh/communicator.go | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/communicator/ssh/communicator.go b/communicator/ssh/communicator.go index 0c1d4d151..0d5aaf34b 100644 --- a/communicator/ssh/communicator.go +++ b/communicator/ssh/communicator.go @@ -18,6 +18,7 @@ import ( "sync" "time" + "github.com/hashicorp/errwrap" "github.com/hashicorp/terraform/communicator/remote" "github.com/hashicorp/terraform/terraform" "golang.org/x/crypto/ssh" @@ -165,7 +166,8 @@ func (c *Communicator) Connect(o terraform.UIOutput) (err error) { } } - log.Printf("[DEBUG] connecting to TCP connection for SSH") + hostAndPort := fmt.Sprintf("%s:%d", c.connInfo.Host, c.connInfo.Port) + log.Printf("[DEBUG] Connecting to %s for SSH", hostAndPort) c.conn, err = c.config.connection() if err != nil { // Explicitly set this to the REAL nil. Connection() can return @@ -180,10 +182,11 @@ func (c *Communicator) Connect(o terraform.UIOutput) (err error) { return err } - log.Printf("[DEBUG] handshaking with SSH") - host := fmt.Sprintf("%s:%d", c.connInfo.Host, c.connInfo.Port) - sshConn, sshChan, req, err := ssh.NewClientConn(c.conn, host, c.config.config) + log.Printf("[DEBUG] Connection established. Handshaking for user %v", c.connInfo.User) + sshConn, sshChan, req, err := ssh.NewClientConn(c.conn, hostAndPort, c.config.config) if err != nil { + err = errwrap.Wrapf(fmt.Sprintf("SSH authentication failed (%s@%s): {{err}}", c.connInfo.User, hostAndPort), err) + // While in theory this should be a fatal error, some hosts may start // the ssh service before it is properly configured, or before user // authentication data is available.