I’m getting the following error when trying to do fly ssh console
Error: error connecting to SSH server: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
Then, in the log
unexpected error fetching cert: transient SSH server error: can’t resolve _orgcert.internal
unexpected error: [ssh: no auth passed yet, transient SSH server error: can’t resolve _orgcert.internal]
Is there a command that I’m missing? I tried following the “migrate from Heroku” instructions.
I’ve seen other posts about this, but none of them seemed to give an answer other “it suddenly started working,” so I’m hoping I can get more information, as it isn’t working for me.
Hey if you run ‘fly logs’ do you see any interesting info? If the logs are cut off, they stream; so you could leave that running and try SSHing again to get some more logs.
Also, check out Tutorial on SSH - there’s a good explanation of what might be going on here. There’s a chance it doesn’t apply for you
If none of that helps get you any further could you share some of your dockerfile if you have one, and your fly.toml?
Here is my Dockerfile. It is the generated one, other than adding the line for dropping the openssl security level (I make requests to the chicago transit authority train tracker api, and it started throwing the “dh key too small” error)
# syntax = docker/dockerfile:1
# Make sure RUBY_VERSION matches the Ruby version in .ruby-version and Gemfile
ARG RUBY_VERSION=3.2.2
FROM ruby:$RUBY_VERSION-slim as base
LABEL fly_launch_runtime="rails"
# Rails app lives here
WORKDIR /rails
# Set production environment
ENV RAILS_ENV="production" \
BUNDLE_WITHOUT="development:test" \
BUNDLE_DEPLOYMENT="1"
# Update gems and bundler
RUN gem update --system --no-document && \
gem install -N bundler
RUN echo "CipherString=DEFAULT@SECLEVEL=1" >> /etc/ssl/openssl.cnf
# Throw-away build stage to reduce size of final image
FROM base as build
# Install packages needed to build gems
RUN apt-get update -qq && \
apt-get install --no-install-recommends -y build-essential libpq-dev
# Install application gems
COPY --link Gemfile Gemfile.lock ./
RUN bundle install && \
bundle exec bootsnap precompile --gemfile && \
rm -rf ~/.bundle/ $BUNDLE_PATH/ruby/*/cache $BUNDLE_PATH/ruby/*/bundler/gems/*/.git
# Copy application code
COPY --link . .
# Precompile bootsnap code for faster boot times
RUN bundle exec bootsnap precompile app/ lib/
# Adjust binfiles to set current working directory
RUN grep -l '#!/usr/bin/env ruby' /rails/bin/* | xargs sed -i '/^#!/aDir.chdir File.expand_path("..", __dir__)'
# Precompiling assets for production without requiring secret RAILS_MASTER_KEY
RUN SECRET_KEY_BASE=DUMMY ./bin/rails assets:precompile
# Final stage for app image
FROM base
# Install packages needed for deployment
RUN apt-get update -qq && \
apt-get install --no-install-recommends -y openssl postgresql-client && \
rm -rf /var/lib/apt/lists /var/cache/apt/archives
# Copy built artifacts: gems, application
COPY --from=build /usr/local/bundle /usr/local/bundle
COPY --from=build /rails /rails
# Run and own only the runtime files as a non-root user for security
RUN useradd rails --create-home --shell /bin/bash && \
chown -R rails:rails db log tmp
USER rails:rails
# Deployment options
ENV RAILS_LOG_TO_STDOUT="1" \
RAILS_SERVE_STATIC_FILES="true"
# Entrypoint prepares the database.
ENTRYPOINT ["/rails/bin/docker-entrypoint"]
# Start the server by default, this can be overwritten at runtime
EXPOSE 3000
CMD ["./bin/rails", "server"]
As some background information:
I’m moving this app from Heroku.
I have the application up and running on fly, connecting to the Heroku database. My goal is to go through the last step of exporting/importing the data from the Heroku database to the one in Fly. That’s why I want to get into the shell.
Reading the tutorial, I wonder if I should use something other than ruby 3.2.2-slim as the base image for my Dockerfile. I did use the more full ruby 3.2.2 image, but I got the same error.
