Add lf-network note regarding ssh-agents

When building packer images in AWS, I found I wasn't easily able to
provision them with the ssh_proxy configurations without also disabling
my ssh-agent.

Even setting all at once: ssh_agent_auth=false,
ssh_disable_agent_forwarding=true, and passing '-a' to the ssh proxy
command did not help.

Change-Id: I01df33f1e0f52082ce25098d52b5b50bee0dafa3
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>

diff --git a/docs/lf-network-ssh-multi-key-fail.txt b/docs/lf-network-ssh-multi-key-fail.txt
new file mode 100644 (file)
index 0000000..7883c2a
--- /dev/null
+++ b/docs/lf-network-ssh-multi-key-fail.txt
@@ -0,0 +1,7 @@
+Failed to connect to the host via ssh: Warning: Permanently
+  added '[127.0.0.1]:44502' (RSA) to the list of known hosts.
+Received disconnect from 127.0.0.1 port 44502:2: too many
+  authentication failures
+packet_write_wait: Connection to 127.0.0.1 port 44502: Broken pipe
+muxclient: master hello exchange failed
+Failed to connect to new control master

diff --git a/docs/lf-network.rst b/docs/lf-network.rst
index 14f3321..3677e9b 100644 (file)
--- a/docs/lf-network.rst
+++ b/docs/lf-network.rst
@@ -26,6 +26,17 @@ Connect through the LF network
 
 #. Run packer as usual
 
+.. note::
+
+    If forwarding your ssh-agent and you have more than one ssh key, you may
+    see this error message:
+
+    .. literalinclude:: lf-network-ssh-multi-key-fail.txt
+       :language: bash
+
+    To resolve this start the ssh SOCKS proxy with your agent first, stop your
+    agent, then run packer.
+
 **Bonus**
 
 If you would like to be able to ssh directly to a dynamic system inside of the