Juju ssh is not working for me

I’m getting a strange issue when trying to run:

erik@frozen:~$ juju ssh haproxy/1
ERROR permission denied (unauthorized access)

It works when I’m using normal ssh:

ssh ubuntu@
Welcome to Ubuntu 20.04.4 LTS (GNU/Linux 5.4.0-109-generic x86_64)

What can I do to resolve this?

Can you share some more detail about the setup:

  • juju client version
  • juju controller version
  • juju model version
  • output running command with --debug
  • any relevant controller logs
  • is this a JAAS controller?

Client version


Controller version

agent-version: 2.9.32
controller-model-version: 2.9.32
mongo-version: 4.0.9

Model version

  agent-version: 2.9.32
  description: the version of Juju used by the model
  version: 2.9.32

Command with --debug

erik@frozen:~$ juju ssh 0 --debug
ERROR permission denied (unauthorized access)

This is a private controller, lxd-only (not JAAS)

controller log (/var/log/juju/audit.log)

{"conversation":{"who":"admin","what":"/snap/juju/19681/bin/juju ssh haproxy/1","when":"2022-07-17T14:53:56Z","model-name":"haproxy-rpc","model-uuid":"6de86d45-3670-4b11-8444-c0ca9839d2ea","conversation-id":"03175c8fcc1dd70c","connection-id":"E204"}}
{"errors":{"conversation-id":"03175c8fcc1dd70c","connection-id":"E204","request-id":2,"when":"2022-07-17T14:53:56Z","errors":[{"message":"permission denied","code":"unauthorized access"}]}}

The logged in Juju user does need “admin” permission on the model to be able to use juju ssh. Is that the case here? That’s the only obvious reason I can see for the error.

The logged in user is admin on the controller but that maybe matters still?

So, controller admins should be considered model admins on all models on that controller. But looking at the permission check for the SSH functions, the extra controller permission check is missing. It will be a simple fix.

1 Like

Do I need to do something here?

No, bug filed

1 Like