Re: Trouble enabling diego ssh in cf-release:222 diego:0.1437

Mike Youngstrom <youngm@...>

Yes /v2/info contains "app_ssh_oauth_client: "ssh-proxy"".

Though I didn't set it. It appears CC sets it by default now.

Any other ideas?


On Oct 28, 2015 6:16 PM, "Matthew Sykes" <matthew.sykes(a)> wrote:

Does /v2/info contain the `app_ssh_auth_client` key? If not, it should
be set to the client ID of the ssh proxy. If it's not set, I think that's
one of the symptom.

On Wed, Oct 28, 2015 at 7:36 PM, Mike Youngstrom <youngm(a)> wrote:

I'm working on upgrading to latest cf-release+diego and I'm having
trouble getting ssh working.

When attempting to ssh with the latest cli I get the error:

"Authorization server did not redirect with one time code"

The relevant config is:

ssh_proxy.uaa_token_url=https://{uaa server}/oauth/token

authorized-grant-types: authorization_code
autoapprove: true
override: true
redirect-uri: /login
scope: openid,,cloud_controller.write
secret: secret

When tracing the CLI I see a call to "POST /oauth/token" and a 200. It
appears that the CLI is expecting a redirect and not a 200.

Is "oauth/token" the correct uaa_token_url endpoint? Any idea why UAA
wouldn't be sending a redirect response from /oauth/token when the plugin
is expecting it?


Matthew Sykes

Join { to automatically receive all group messages.