If key type is defined as :auto, detect best key type to use. If no
acceptable key type is detected as supported by the server, raise an
error. If unable to determine supported key types from the server,
fallback to original behavior of rsa type key.
If key type is defined as custom value, use that type if the server
supports it, or if the supported types cannot be read. Otherwise, raise
an error informing the user that the key type is not supported.
Adds a new `key_type` option to the Vagrantfile ssh configuration. It
defaults to :auto which allows auto detection of key type to use.
Otherwise it can be set to an explicit type supported by Vagrant.
When the reported architecture is unknown and the provider is listed as
the default architecture, add the box without architecture information
so it is installed without architecture information on the path within
the collection.
With the initial layout of `provider/architecture`, after installing a
box with architecture support downgrading Vagrant would result in it
being unable to process the box collection. Swapping the layout to be
`architecture/provider` allows downgrades to still properly process the
box collection.
When expanding the box url, prefer the API endpoint which is updated to
include provider architecture information. Test the API endpoint and the
legacy endpoint and use which ever is valid, with the API taking
precedence. This allows Vagrant to continue with non Vagrant Cloud
servers that do not implement the API endpoint.
Updates existing test coverage to use insecure private key collection
and adds testing for behavior changes within the communicator and the
keypair utility.
When performing a request via curl on Windows using schannel, ssl
certificate revocation checks does not handle verification failures
gracefully when an error is encountered that is unrelated to the actual
revocation of a certificate.
A new option is available to perform best effort revocation checks on
curl, so this is enabled by default on the Windows platform. A new
config option (`box_download_disable_ssl_revoke_best_effort`) has also
been added which can be optionally enabled to restore previous behavior
which results in a hard error if any error is encountered.
The keyboard-interactive authentication method was added due to a
mis-reading of a reported issue where the box was not properly
configured for Vagrant. This removes the keyboard-interactive
authentication method which resolves a password prompting issue caused
by its addition.
Recent versions of OpenSSH remove support of ssh-rsa key types and host
key algorithms from the default conection configuration. Set options to
enable them and provide a configuration option which can disable them if
required.
Don't rely on `/sbin/ip` to fetch the docker bridge ip address, instead
first attempt to use the docker command to fetch it. If it fails, fall
back to previous behavior.
The VirtualBox driver sets the LANG env var to prevent localized output
being returned when executing CLI commands. If the `locale` command is
present, do a best effort lookup to determine the properly value to use
for the LANG environment variable.
Checks to make sure that a docker container is running before determining
whether or not the port is in use. This prevents the a port on an inactive
container from being treated as if it is use.
Fixes https://github.com/hashicorp/vagrant/issues/13110
When connecting over ssh using net-ssh use the non_interactive
argument must be set when authenticating with a password.
Add the keyboard-interactive default auth method
ref: 8a176a6ea0/lib/net/ssh/config.rb (L52)
This change will prepend "^" and append "/" if a start anchor is
detected in the regex string. This allows users to specify
relative paths to exclude.
It also removes replacing occurences of "*" with "[^/]*". "*"
already expresses itself accurately.
In the VM config file port forward information is captured in the
Snapshot defition as well as the VM definition. This causes duplicates
in port forward entries if the file is queried for all available
network adapters. Querying the VM config file for the the Network
Adapters only part of the Machine definition resolves this and
yields the most up to date port forward info.
Before installing dependencies run a check for the python-dev-is-python3
package and only install it if found (otherwise use python-dev). This
allows older versions of debian (and derivatives) to properly install
the defined dependencies.
Rescue any address errors logging them and ignoring the address. Update
how the host address is determined based on the network configuration.
Host address will be either the lowest address assignable via dhcp
configuration or first address available within the configured subnet.
