Knife troubleshooting

This page provides solutions to common issues you may encounter when using Knife.

Permission errors during installation

If you encounter permission errors during installation, change the ownership of Habitat directories to your user account:

sudo chown -R $(whoami) /hab

If you installed Knife as a standalone application, it doesn’t include Knife cloud provider plugins (knife-ec2, knife-google, or knife-windows).

To get the Knife plugins, install Chef Workstation, which includes Knife and the Knife plugins.

If you encounter SSL certificate errors, you can resolve them in the following ways:

In a development environment, you can skip SSL verification.

To skip SSL verification globally, add the following to your ~/.chef/config.rb file:

echo "ssl_verify_mode :verify_none" >> ~/.chef/config.rb

To skip SSL verification for a single bootstrap operation, use the --node-ssl-verify-mode none option:

knife bootstrap <IP_ADDRESS> --node-ssl-verify-mode none

Replace <IP_ADDRESS> with the IP address of the target node.

To fetch and verify the Chef Infra Server certificates:

knife ssl fetch && knife ssl check

If a bootstrap operation times out, increase the timeout value using the --session-timeout option:

knife bootstrap <IP_ADDRESS> --session-timeout 300

Replace the following:

If you encounter SSH key permission errors, fix the key permissions:

chmod 600 ~/.ssh/<KEY_FILE>

Replace <KEY_FILE> with the name of your SSH key file, for example, certificate.pem.

If WinRM connections fail, test WinRM connectivity from your workstation:

winrs -r:http://<SERVER>:5985 -u:<USERNAME> -p:<PASSWORD> cmd

Replace the following:

If the connection test fails, verify that:

For more information on configuring WinRM, see Bootstrap prerequisites.