From 27e5733c9302350e782585b1d3006fecb760cf08 Mon Sep 17 00:00:00 2001
From: robcholz <84130577+robcholz@users.noreply.github.com>
Date: Fri, 6 Feb 2026 21:15:57 -0500
Subject: [PATCH] fix: now fixed ssh problem

---
 src/instance.rs  |  2 +-
 src/provision.sh | 24 ++++++++++++++++-
 src/ssh.sh       | 70 +++++++++++++++++++++++++++++-------------------
 3 files changed, 66 insertions(+), 30 deletions(-)

diff --git a/src/instance.rs b/src/instance.rs
index 8ec3d39..6b0a1be 100644
--- a/src/instance.rs
+++ b/src/instance.rs
@@ -31,7 +31,7 @@ const SSH_KEY_NAME: &str = "ssh_key";
 const SERIAL_LOG_NAME: &str = "serial.log";
 const SSH_GUEST_DIR: &str = "/root/.vibebox";
 const DEFAULT_SSH_USER: &str = "vibebox";
-const SSH_CONNECT_RETRIES: usize = 20;
+const SSH_CONNECT_RETRIES: usize = 30;
 const SSH_CONNECT_DELAY_MS: u64 = 500;
 const SSH_SETUP_SCRIPT: &str = include_str!("ssh.sh");
 
diff --git a/src/provision.sh b/src/provision.sh
index 22db145..c61d018 100644
--- a/src/provision.sh
+++ b/src/provision.sh
@@ -15,13 +15,35 @@ apt-get install -y --no-install-recommends      \
         git                                     \
         ripgrep                                 \
         openssh-server                          \
+        locales                                 \
         sudo
 
 # Set hostname to "vibe" so it's clear that you're inside the VM.
 hostnamectl set-hostname vibe
 
-# Enable SSH server so instances can use key-based auth.
+# Locale (fix: setlocale: LC_CTYPE ... UTF-8)
+sed -i 's/^# *en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen
+locale-gen
+update-locale LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8
+
+# SSH: host keys + base config (doesn't depend on runtime user)
+ssh-keygen -A
+mkdir -p /etc/ssh/sshd_config.d
+cat >/etc/ssh/sshd_config.d/10-vibebox-base.conf <<'EOF'
+PasswordAuthentication no
+KbdInteractiveAuthentication no
+ChallengeResponseAuthentication no
+PubkeyAuthentication yes
+PermitRootLogin no
+
+# Speed up logins / avoid DNS delays
+UseDNS no
+GSSAPIAuthentication no
+EOF
+
+sshd -t
 systemctl enable ssh
+systemctl restart ssh
 
 # Set this env var so claude doesn't complain about running as root.'
 echo "export IS_SANDBOX=1" >> .bashrc
diff --git a/src/ssh.sh b/src/ssh.sh
index f6ad408..8f8c131 100644
--- a/src/ssh.sh
+++ b/src/ssh.sh
@@ -1,46 +1,60 @@
 #!/bin/sh
+set -eu
 
 SSH_USER="__SSH_USER__"
-SUDO_PASSWORD="__SUDO_PASSWORD__"
 PROJECT_NAME="__PROJECT_NAME__"
 KEY_PATH="__KEY_PATH__"
 
-if [ -d /root/${PROJECT_NAME}/.vibebox ]; then
-  mount -t tmpfs tmpfs /root/${PROJECT_NAME}/.vibebox
+# 1) tmpfs mount
+TARGET="/root/${PROJECT_NAME}/.vibebox"
+if [ -d "$TARGET" ] && ! mountpoint -q "$TARGET"; then
+  mount -t tmpfs tmpfs "$TARGET"
 fi
 
-if ! command -v sshd >/dev/null 2>&1; then
-  apt-get update && apt-get install -y openssh-server sudo
+# 2)
+if ! id -u "$SSH_USER" >/dev/null 2>&1; then
+  useradd -m -s /bin/bash -U "$SSH_USER"
+  usermod -aG sudo "$SSH_USER" || true
 fi
 
-systemctl enable ssh >/dev/null 2>&1 || true
-id -u ${SSH_USER} >/dev/null 2>&1 || useradd -m -s /bin/bash ${SSH_USER}
-echo "${SSH_USER}:${SUDO_PASSWORD}" | chpasswd
-usermod -aG sudo ${SSH_USER}
-install -d -m 700 /home/${SSH_USER}/.ssh
-install -m 600 ${KEY_PATH} /home/${SSH_USER}/.ssh/authorized_keys
-chown -R ${SSH_USER}:${SSH_USER} /home/${SSH_USER}/.ssh
-rm -f /home/${SSH_USER}/.bash_logout
-mkdir -p /etc/ssh/sshd_config.d
-cat >/etc/ssh/sshd_config.d/vibebox.conf <<'VIBEBOX_SSHD'
-PasswordAuthentication no
-KbdInteractiveAuthentication no
-ChallengeResponseAuthentication no
-PubkeyAuthentication yes
-PermitRootLogin no
-AllowUsers __SSH_USER__
-VIBEBOX_SSHD
-systemctl restart ssh
+install -d -m 700 -o "$SSH_USER" -g "$SSH_USER" "/home/${SSH_USER}/.ssh"
+install -m 600 -o "$SSH_USER" -g "$SSH_USER" "$KEY_PATH" "/home/${SSH_USER}/.ssh/authorized_keys"
+
+# 3)
+systemctl start ssh >/dev/null 2>&1 || true
+
+# 4)
+i=0
+while :; do
+  if ss -lnt 2>/dev/null | awk '{print $4}' | grep -qE '(:22)$'; then
+    break
+  fi
+  i=$((i+1))
+  [ "$i" -ge 40 ] && break   # ~4s
+  sleep 0.1
+done
+
 echo VIBEBOX_SSH_READY
 
-echo "=== generated network file ==="
-sed -n '1,200p' /run/systemd/network/10-netplan-all-en.network || true
+find_ip() {
+  if command -v ip >/dev/null 2>&1; then
+    ip -4 -o addr show scope global 2>/dev/null | awk '{print $4}' | cut -d/ -f1 | head -n 1
+    return
+  fi
+  if command -v hostname >/dev/null 2>&1; then
+    hostname -I 2>/dev/null | awk '{print $1}'
+    return
+  fi
+}
 
-while true; do
-  ip=$(ip -4 -o addr show scope global | awk '{print $4}' | cut -d/ -f1 | head -n 1)
+i=0
+while :; do
+  ip="$(find_ip || true)"
   if [ -n "$ip" ]; then
     echo VIBEBOX_IPV4=$ip
     break
   fi
-  sleep 1
+  i=$((i+1))
+  [ "$i" -ge 60 ] && break
+  sleep 0.5
 done