Skip to content

Improve logging/messaging around SSH target authentication failure#1677

Merged
Eugeny merged 6 commits intowarp-tech:mainfrom
LarsSven:ls/ssh-failure-message
Jan 26, 2026
Merged

Improve logging/messaging around SSH target authentication failure#1677
Eugeny merged 6 commits intowarp-tech:mainfrom
LarsSven:ls/ssh-failure-message

Conversation

@LarsSven
Copy link
Copy Markdown
Contributor

@LarsSven LarsSven commented Jan 20, 2026
edited
Loading

Currently, it is quite opaque when Warpgate fails to authenticate with an SSH target (So this is talking about the Warpgate -> Target SSH connection and not the Client -> Warpgate SSH connection). The following happens:

  • A message Auth failed is printed to the log
  • No message is printed to the user

This can be both hard to understand when you're initially experimenting/setting up Warpgate and make mistakes with authentication, and creates a suboptimal user experience when a user of Warpgate SSHes into the VM and then accidentally deletes the public key of the Warpgate user (which unfortunately happens a bit too often with our users).

This MR makes the following changes:

  • Expand log message given in admin logs when this happens
  • Add specific message for authentication request failure to print to the user, as it's currently just printed as a generic "Connection Failed"
  • Add a small timeout before disconnecting the client as printed error messages are never received by the user, since their session gets disconnected before the message is sent, which means they never receive the message

This is how it looks to the user when warpgate cannot connect to the SSH target now:
Screenshot From 2026-01-20 13-56-00

Resolves #1667

LarsSven
LarsSven commented Jan 20, 2026
View reviewed changes
@LarsSven LarsSven changed the title Improve failure logging/messaging around SSH target authentication failure Improve logging/messaging around SSH target authentication failure Jan 20, 2026
@LarsSven
Copy link
Copy Markdown
Contributor Author

LarsSven commented Jan 26, 2026
edited
Loading

@Eugeny would you perhaps have an idea on how to best solve the async issue in this PR where the two flows race? Since I'm not sure if the 100ms delay is a very clean solution to this problem (though it's definitely an improvement over not receiving the message at all)

@Eugeny
Copy link
Copy Markdown
Member

Eugeny commented Jan 26, 2026

I've spent an hour trying to figure out a clean way to make the session wait for service output events and decided that the 100ms sleep is worth it.

@Eugeny Eugeny merged commit 492dd6f into warp-tech:main Jan 26, 2026
15 of 16 checks passed
@LarsSven LarsSven mentioned this pull request Mar 31, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Print failure message to terminal when failing to authenticate with target

2 participants

@LarsSven @Eugeny