Page MenuHomeVyOS Platform

Unable to log in after upgrade to 1.3-rolling-202002080217
Closed, ResolvedPublic

Description

After upgrade from 1.3-rolling-201912110242 to 1.3-rolling-202002080217 I am unable to log in in any way, either via ssh or at the console. The only message printed on the console is "configuration failed!". I had to reboot with init=/bin/bash to examine the config and logs.
The vyos user is missing from /etc/passwd. diff of config.boot with pre-migration shows added quotes around all values in all sections.

vyatta-commit.log contains:

[ system login user vyos authentication public-keys jernej@jernej type ssh-ed25519 ]
Invalid value

Details

Difficulty level
Unknown (require assessment)
Version
1.3-rolling-202002080217
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Event Timeline

jjakob triaged this task as High priority.Feb 9 2020, 6:28 AM
jjakob created this task.
jjakob created this object in space S1 VyOS Public.

HI @jjakob the login method has been migrated to XML/Python. Can you please pass me your pre-migration configuration so I cen re-lab this?

Sorry for the inconvenience but it look slike a corer case was missed.

This is only the login section

login {
    user vyos {
        authentication {
            encrypted-password $6$***
            plaintext-password ""
            public-keys jernej@jernej {
                key ****************
                type ssh-ed25519
            }
        }
        level admin
    }
}

the config version line

/* Warning: Do not remove the following line. */
/* === vyatta-config-version: "broadcast-relay@1:cluster@1:config-management@1:conntrack@1:conntrack-sync@1:dhcp-relay@2:dhcp-server@5:dns-forwarding@2:firewall@5:interfaces@4:ipsec@5:l2tp@1:mdns@1:nat@4:ntp@1:pptp@1:qos@1:quagga@3:snmp@1:ssh@1:system@12:vrrp@2:vyos-accel-ppp@2:wanloadbalance@3:webgui@1:webproxy@2:zone-policy@1" === */
/* Release version: 1.3-rolling-201912110242 */

If you need anything more let me know.

Can you privatley send me the full configuration as it seems a lot of migrators are executed from system@12 to system@16

Okay, there was a type in the regex constraint for the type of SSH key you used.

c-po changed the task status from Open to Needs testing.Feb 9 2020, 12:30 PM

Tested with 1.3-rolling-202002091356, the issue is fixed. Thanks!

erkin set Issue type to Bug (incorrect behavior).Aug 31 2021, 5:45 PM