Vagrant insecure key detected

buretta · September 7, 2015, 4:31pm

I’ve messed up my SSL and now I continually get

Vagrant insecure key detected. Vagrant will automatically replace default: this with a newly generated keypair for better security.

This then results in an insure connection which the browser won’t allow to load. I’m at a loss on how to remove this issue.

RiFi2k · September 7, 2015, 9:36pm

It’s really ok, it’s just because it’s a self signed SSL so you need to go in and loosen up your browser security and trust the SSL.

I have to do it every time I spin up a new local VM.

Tell me what browser you use and I’ll tell you how to trust the SSL cert and you will be good to go.

Edit: It probably says something like “Get me out of here!” then on the left side in smaller print it says something about continuing, then it will bring up a pop-up screen and just accept it. You will have a dumb red X over the SSL in your menu but it’s only because it’s self signed. For a live server you get a real SSL then it is signed by a provider. Honestly there isn’t much of a difference between the two, and a signed cert if you get it emailed to you is almost more insecure than if you made your own from your server. I use self signed SSLs all the time for the backend of websites nobody will be logging into but me.

buretta · September 8, 2015, 4:16pm

No this is different, the browser won’t even allow me to “proceed to xyz.domain”. Also I can’t ssh into Vagrant with ssh vagrant@xyzdomain.dev since it creates a new certificate on vagrant up.

DemaniClassic · September 9, 2015, 2:29pm

buretta,

What is your Operating System and SSH client?

buretta · September 9, 2015, 3:22pm

OSX 10.10.4
Sequel Pro 1.0.2

DemaniClassic · September 9, 2015, 5:34pm

Have you tried navigating to

sitename.com\.vagrant\machines\default\virtualbox

And importing the private_key file into your ssh client?

The newest versions of Trellis have vagrant generate new SSH Keys on new VMs.

I’m not familiar with your SSH program, but you may need to convert the private_key file into one your client can use with the PuttyGen program.

Doing the above should fix your SSH issue.

If that doesn’t work, also try disabling SSL in your configuration file to see if that’s the only thing causing you an error (make sure to run ’ vagrant reload --provision ')

buretta · September 9, 2015, 6:38pm

I’ve tried the private_key, but no luck. I’m on a Mac, Putty is windows I believe.

I know if I disable the SSL I can then SSH in fine.