Remove obsolete troubleshooting entries (#14896)

* Remove obsolete troubleshooting entries

Remove 3 troubleshooting entries that are no longer relevant:

1. DigitalOcean: error tagging resource
   - Fixed in 2018 when tagging was moved to droplet creation
   - The separate tagging step that caused this error no longer exists

2. Docker: Failed to connect to the host via ssh
   - 6+ years old workaround for control_path_dir
   - Modern Docker deployments don't exhibit this issue
   - The workaround was never added to ansible.cfg

3. Ubuntu Error: unable to write 'random state'
   - OpenSSL 3.x (Ubuntu 22.04) doesn't use .rnd files
   - Algo now uses Ansible community.crypto modules instead of
     shell openssl commands

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>

* Reorganize Installation Problems section by category

Group related troubleshooting entries for easier navigation:

- General Setup: Python, Ansible, SSL certs, SSH permissions
- Cloud Providers: Region availability, AWS (3), Azure (2), Linode (1)
- Windows: WSL keyData issue, VPN connection error
- Local Deployment: Symlinks, WireGuard configs
- Network: Firewall timeout

Moves Linode stackscript issue to be grouped with other cloud providers
instead of at the end of the section.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>

---------

Co-authored-by: Claude <[email protected]>

Author: dguido

docs/troubleshooting.md

@@ -3,24 +3,27 @@
 First of all, check [this](https://github.com/trailofbits/algo#features) and ensure that you are deploying to Ubuntu 22.04 LTS, the only supported server platform.
 
   * [Installation Problems](#installation-problems)
-     * [Python version is not supported](#python-version-is-not-supported)
-     * [Error: "ansible-playbook: command not found"](#error-ansible-playbook-command-not-found)
-     * [Fatal: "Failed to validate the SSL certificate for ..."](#fatal-failed-to-validate-the-SSL-certificate)
-     * [Bad owner or permissions on .ssh](#bad-owner-or-permissions-on-ssh)
-     * [The region you want is not available](#the-region-you-want-is-not-available)
-     * [AWS: SSH permission denied with an ECDSA key](#aws-ssh-permission-denied-with-an-ecdsa-key)
-     * [AWS: "Deploy the template" fails with CREATE_FAILED](#aws-deploy-the-template-fails-with-create_failed)
-     * [AWS: not authorized to perform: cloudformation:UpdateStack](#aws-not-authorized-to-perform-cloudformationupdatestack)
-     * [DigitalOcean: error tagging resource 'xxxxxxxx': param is missing or the value is empty: resources](#digitalocean-error-tagging-resource)
-     * [Azure: The client xxx with object id xxx does not have authorization to perform action Microsoft.Resources/subscriptions/resourcegroups/write' over scope](#azure-deployment-permissions-error)
-     * [Windows: The value of parameter linuxConfiguration.ssh.publicKeys.keyData is invalid](#windows-the-value-of-parameter-linuxconfigurationsshpublickeyskeydata-is-invalid)
-     * [Docker: Failed to connect to the host via ssh](#docker-failed-to-connect-to-the-host-via-ssh)
-     * [Windows: "The parameter is incorrect" error when connecting](#windows-the-parameter-is-incorrect-error-when-connecting)
-     * [Error: Failed to create symlinks for deploying to localhost](#error-failed-to-create-symlinks-for-deploying-to-localhost)
-     * [Wireguard: Unable to find 'configs/...' in expected paths](#wireguard-unable-to-find-configs-in-expected-paths)
-     * [Ubuntu Error: "unable to write 'random state'" when generating CA password](#ubuntu-error-unable-to-write-random-state-when-generating-ca-password)
-     * [Timeout when waiting for search string OpenSSH in xxx.xxx.xxx.xxx:4160](#old-networking-firewall-in-place)
-     * [Linode Error: "Unable to query the Linode API. Saw: 400: The requested distribution is not supported by this stackscript.; "](#linode-error-uable-to-query-the-linode-api-saw-400-the-requested-distribution-is-not-supported-by-this-stackscript)
+     * General Setup
+        * [Python version is not supported](#python-version-is-not-supported)
+        * [Error: "ansible-playbook: command not found"](#error-ansible-playbook-command-not-found)
+        * [Fatal: "Failed to validate the SSL certificate for ..."](#fatal-failed-to-validate-the-SSL-certificate)
+        * [Bad owner or permissions on .ssh](#bad-owner-or-permissions-on-ssh)
+     * Cloud Providers
+        * [The region you want is not available](#the-region-you-want-is-not-available)
+        * [AWS: SSH permission denied with an ECDSA key](#aws-ssh-permission-denied-with-an-ecdsa-key)
+        * [AWS: "Deploy the template" fails with CREATE_FAILED](#aws-deploy-the-template-fails-with-create_failed)
+        * [AWS: not authorized to perform: cloudformation:UpdateStack](#aws-not-authorized-to-perform-cloudformationupdatestack)
+        * [Azure: No such file or directory .azure/azureProfile.json](#azure-no-such-file-or-directory-homeusernameazureazureprofilejson)
+        * [Azure: Deployment Permissions Error](#azure-deployment-permissions-error)
+        * [Linode: Stackscript error](#linode-error-unable-to-query-the-linode-api-saw-400-the-requested-distribution-is-not-supported-by-this-stackscript-)
+     * Windows
+        * [Windows: The value of parameter linuxConfiguration.ssh.publicKeys.keyData is invalid](#windows-the-value-of-parameter-linuxconfigurationsshpublickeyskeydata-is-invalid)
+        * [Windows: "The parameter is incorrect" error when connecting](#windows-the-parameter-is-incorrect-error-when-connecting)
+     * Local Deployment
+        * [Error: Failed to create symlinks for deploying to localhost](#error-failed-to-create-symlinks-for-deploying-to-localhost)
+        * [Wireguard: Unable to find 'configs/...' in expected paths](#wireguard-unable-to-find-configs-in-expected-paths)
+     * Network
+        * [Timeout when waiting for search string OpenSSH](#old-networking-firewall-in-place)
   * [Connection Problems](#connection-problems)
      * [I'm blocked or get CAPTCHAs when I access certain websites](#im-blocked-or-get-captchas-when-i-access-certain-websites)
      * [I want to change the list of trusted Wifi networks on my Apple device](#i-want-to-change-the-list-of-trusted-wifi-networks-on-my-apple-device)
@@ -121,25 +124,6 @@ fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "msg": "User:
 
 This error indicates you already have Algo deployed to Cloudformation. Need to [delete it](cloud-amazon-ec2.md#cleanup) first, then re-deploy.
 
-### DigitalOcean: error tagging resource
-
-You tried to deploy Algo to DigitalOcean and you received an error like this one:
-
-```
-TASK [cloud-digitalocean : Tag the droplet] ************************************
-failed: [localhost] (item=staging) => {"failed": true, "item": "staging", "msg": "error tagging resource '73204383': param is missing or the value is empty: resources"}
-failed: [localhost] (item=dbserver) => {"failed": true, "item": "dbserver", "msg": "error tagging resource '73204383': param is missing or the value is empty: resources"}
-```
-
-The error is caused because Digital Ocean changed its API to treat the tag argument as a string instead of a number.
-
-1. Download [doctl](https://github.com/digitalocean/doctl)
-2. Run `doctl auth init`; it will ask you for your token which you can get (or generate) on the API tab at DigitalOcean
-3. Once you are authorized on DO, you can run `doctl compute tag list` to see the list of tags
-4. Run `doctl compute tag delete environment:algo --force` to delete the environment:algo tag
-5. Finally run `doctl compute tag list` to make sure that the tag has been deleted
-6. Run algo as directed
-
 ### Azure: No such file or directory: '/home/username/.azure/azureProfile.json'
 
  ```
@@ -173,6 +157,9 @@ az role assignment create --assignee-object-id THE_OBJECT_ID --scope subscriptio
 
 After this is applied, the Service Principal has permissions to create the resources and you can re-run `ansible-playbook main.yml` to complete the deployment.
 
+### Linode Error: "Unable to query the Linode API. Saw: 400: The requested distribution is not supported by this stackscript.; "
+
+StackScript is a custom deployment script that defines a set of configurations for a Linode instance (e.g. which distribution, specs, etc.). if you used algo with default values in the past deployments, a stackscript that would've been created is 're-used' in the deployment process (in fact, go see 'create Linodes' and under 'StackScripts' tab). Thus, there's a little chance that your deployment process will generate this 'unsupported stackscript' error due to a pre-existing StackScript that doesn't support a particular configuration setting or value due to an 'old' stackscript. The quickest solution is just to change the name of your deployment from the default value of 'algo' (or any other name that you've used before, again see the dashboard) and re-run the deployment.
 
 ### Windows: The value of parameter linuxConfiguration.ssh.publicKeys.keyData is invalid
 
@@ -189,24 +176,6 @@ Target: linuxConfiguration.ssh.publicKeys.keyData"}
 
 This is related to [the chmod issue](https://github.com/Microsoft/WSL/issues/81) inside /mnt directory which is NTFS. The fix is to place Algo outside of /mnt directory.
 
-### Docker: Failed to connect to the host via ssh
-
-You tried to deploy Algo from Docker and you received an error like this one:
-
-```
-Failed to connect to the host via ssh:
-Warning: Permanently added 'xxx.xxx.xxx.xxx' (ECDSA) to the list of known hosts.\r\n
-Control socket connect(/root/.ansible/cp/6d9d22e981): Connection refused\r\n
-Failed to connect to new control master\r\n
-```
-
-You need to add the following to the ansible.cfg in repo root:
-
-```
-[ssh_connection]
-control_path_dir=/dev/shm/ansible_control_path
-```
-
 ### Windows: "The parameter is incorrect" error when connecting
 
 When trying to connect to your Algo VPN on Windows 10/11, you may receive an error stating "The parameter is incorrect". This is a common issue that can usually be resolved by resetting your Windows networking stack.
@@ -297,23 +266,6 @@ rm -rf configs/*
 ```
 Then immediately re-run `./algo`.
 
-### Ubuntu Error: "unable to write 'random state'" when generating CA password
-
-When running Algo, you received an error like this:
-
-```
-TASK [common : Generate password for the CA key] ***********************************************************************************************************************************************************
-fatal: [xxx.xxx.xxx.xxx -> localhost]: FAILED! => {"changed": true, "cmd": "openssl rand -hex 16", "delta": "0:00:00.024776", "end": "2018-11-26 13:13:55.879921", "msg": "non-zero return code", "rc": 1, "start": "2018-11-26 13:13:55.855145", "stderr": "unable to write 'random state'", "stderr_lines": ["unable to write 'random state'"], "stdout": "xxxxxxxxxxxxxxxxxxx", "stdout_lines": ["xxxxxxxxxxxxxxxxxxx"]}
-```
-
-This happens when your user does not have ownership of the `$HOME/.rnd` file, which is a seed for randomization. To fix this issue, give your user ownership of the file with this command:
-
-```
-sudo chown $USER:$USER $HOME/.rnd
-```
-
-Now, run Algo again.
-
 ### Old Networking Firewall In Place
 
 You may see the following output when attemptint to run ./algo from your localhost:
@@ -335,11 +287,6 @@ ok: [localhost] => {
 
 If you see this error then one possible explanation is that you have a previous firewall configured in your cloud hosting provider which needs to be either updated or ideally removed. Removing this can often fix this issue.
 
-### Linode Error: "Unable to query the Linode API. Saw: 400: The requested distribution is not supported by this stackscript.; "
-
-StackScript is a custom deployment script that defines a set of configurations for a Linode instance (e.g. which distribution, specs, etc.). if you used algo with default values in the past deployments, a stackscript that would've been created is 're-used' in the deployment process (in fact, go see 'create Linodes' and under 'StackScripts' tab). Thus, there's a little chance that your deployment process will generate this 'unsupported stackscript' error due to a pre-existing StackScript that doesn't support a particular configuration setting or value due to an 'old' stackscript. The quickest solution is just to change the name of your deployment from the default value of 'algo' (or any other name that you've used before, again see the dashboard) and re-run the deployment.
-
-
 ## Connection Problems
 
 Look here if you deployed an Algo server but now have a problem connecting to it with a client.