hashicorp/bionic64 tutorial image requests a password for user vagrant upon ssh'ing into the image.

[AMDphreak]

Actual behavior

While connecting to the machine, it detects an "insecure SSH key" and then generates a new key to replace it, but then, after connecting to the virtual machine, it asks for a password for the user named "vagrant".

Expected behavior

As shown in the tutorial, it should login to the virtual machine and not ask for a password. It's supposed to use the local SSH keys.
IN ADDITION TO THIS ISSUE, the tutorial should contain information for the user to login when the SSH key is ignored. The fact that the tutorial does not have this is an issue in its own right.

My diagnosis of the problem

Vagrant generates insecure SSH keys over and over and over. The SSH key that vagrant creates needs to have its permissions set properly before Vagrant uses it. This is not something the user should be doing.

I discovered the true culprit of the problem by trying to manually SSH into the machine:

PS C:\Users\rjamd> ssh -i "S:/Google Drive/Programming/Projects/Windows-Theme-Daemon/.vagrant/machines/default/virtualbox/private_key" [[email protected]](mailto:[email protected]) -p 2222
The authenticity of host '[127.0.0.1]:2222 ([127.0.0.1]:2222)' can't be established.
ED25519 key fingerprint is SHA256:VPx7mYuBsJ55P9/hfFuuYIjMx9XjpMRWIy4wC5fiG4Y.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[127.0.0.1]:2222' (ED25519) to the list of known hosts.
Bad permissions. Try removing permissions for user: NT AUTHORITY\\Authenticated Users (S-1-5-11) on file S:/Google Drive/Programming/Projects/Windows-Theme-Daemon/.vagrant/machines/default/virtualbox/private_key.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions for 'S:/Google Drive/Programming/Projects/Windows-Theme-Daemon/.vagrant/machines/default/virtualbox/private_key' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "S:/Google Drive/Programming/Projects/Windows-Theme-Daemon/.vagrant/machines/default/virtualbox/private_key": bad permissions
[[email protected]](mailto:[email protected])'s password:

Problem is related to or same as #13309
I created this submission because nobody produced detailed information in that thread. Mark that one as duplicate of this one.

Also, you should include a note in the tutorial telling users to use 'vagrant' as the login and 'vagrant' as the password in the event that the SSH key created by vagrant is rejected.

Work-around for those stuck with this dumb behavior

Windows may sometimes set incorrect file permissions on the private key file, causing SSH to reject it. Fix this by setting appropriate permissions:

1. Open PowerShell as an administrator.
2. Navigate to the key directory:
   powershell
   cd "<YOUR_PROJECT_DIRECTORY>/.vagrant/machines/default/virtualbox/"
3. Restrict permissions on the private_key file:
   powershell
   icacls private_key /inheritance:r
icacls private_key /grant:r "%username%:(R)"

Reproduction information

Vagrant version

2.4.3

Host operating system

Windows 11 Pro

Guest operating system

hashicorp/bionic64

Steps to reproduce

1. Attempt to connect to VM.
2. Watch SSH key fail.
3. Watch it ask user for password

Vagrantfile

I don't think this is applicable. I didn't make a vagrant file. This is all premade by your organization. I'm debugging your failures.