in sources/Google.Solutions.IapDesktop.Extensions.Session/ToolWindows/Session/SshView.cs [179:250]
protected override void OnFatalError(Exception e)
{
//
// Translate common exceptions to make them more actionable.
//
if (e.Unwrap() is Libssh2Exception unverifiedEx &&
unverifiedEx.ErrorCode == LIBSSH2_ERROR.PUBLICKEY_UNVERIFIED &&
this.viewModel.Value.Credential is PlatformCredential unverifiedPlatformCredential &&
unverifiedPlatformCredential.AuthorizationMethod == KeyAuthorizationMethods.Oslogin)
{
OnFatalError(new OsLoginAuthenticationFailedException(
"Authenticating to the VM failed. Possible reasons for this " +
"error include:\n\n" +
" - The VM is configured to require 2-step verification,\n" +
" and you haven't set up 2SV for your user account\n" +
" - The guest environment is misconfigured or not running",
e,
HelpTopics.TroubleshootingOsLogin));
}
else if (e.Unwrap() is Libssh2Exception authEx &&
authEx.ErrorCode == LIBSSH2_ERROR.AUTHENTICATION_FAILED &&
this.viewModel.Value.Credential is PlatformCredential failedPlatformCredential)
{
if (failedPlatformCredential.AuthorizationMethod == KeyAuthorizationMethods.Oslogin)
{
var outdatedMessage = failedPlatformCredential.Signer is OsLoginCertificateSigner
? " - The VM is running an outdated version of the guest environment \n" +
" that doesn't support certificate-based authentication\n"
: string.Empty;
var message =
"Authenticating to the VM failed. Possible reasons for this " +
"error include:\n\n" +
" - You don't have sufficient access to log in\n" +
outdatedMessage +
" - The VM's guest environment is misconfigured or not running\n\n" +
"To log in, you need all of the following roles:\n\n" +
" 1. 'Compute OS Login' or 'Compute OS Admin Login'\n" +
" 2. 'Service Account User' (if the VM uses a service account)\n" +
" 3. 'Compute OS Login External User'\n" +
" (if the VM belongs to a different GCP organization)\n\n" +
"Note that it might take several minutes for IAM policy changes to take effect.";
OnFatalError(new OsLoginAuthenticationFailedException(
message,
e,
HelpTopics.GrantingOsLoginRoles));
}
else
{
OnFatalError(new MetadataKeyAuthenticationFailedException(
"Authentication failed. Verify that the Compute Engine guest environment " +
"is installed on the VM and that the agent is running.",
e,
HelpTopics.ManagingMetadataAuthorizedKeys));
}
}
else if (e.Unwrap() is Libssh2Exception kexEx &&
kexEx.ErrorCode == LIBSSH2_ERROR.KEY_EXCHANGE_FAILURE &&
Environment.OSVersion.Version.Build <= 10000)
{
//
// Libssh2's CNG support requires Windows 10+.
//
OnFatalError(new PlatformNotSupportedException(
"SSH is not supported on this version of Windows"));
}
else
{
base.OnFatalError(e);
}
}