no ssh to instance from neutron-gateway/0 - error “Permission denied (publickey)”
My network scheme is like the one shown here:
https://ask.openstack.org/en/question/119783/no-ping-destination-host-unreachable-to-instance-from-neutron-gateway0/ (network plan)
I can't use SSH connection to the instance, I made this procedure
$: juju ssh neutron-gateway/0
ubuntu@os-compute03:~$ sudo ip netns
qrouter-fc288112-3fce-405d-9c3f-5451253de4f0 (id: 4)
qdhcp-fcfc4529-79db-40e5-9d23-0af9c3411a3f (id: 3)
to create a SSH keypair I've used this command:
ubuntu@os-compute03: ssh-keygen -t rsa -f .ssh/cloud.key
ping the instance
ubuntu@os-compute02:~$ sudo ip netns exec qrouter-fc288112-3fce-405d-9c3f-5451253de4f ping 10.1.0.9
PING 10.1.0.9 (10.1.0.9) 56(84) bytes of data.
64 bytes from 10.1.0.9: icmp_seq=1 ttl=64 time=0.441 ms
64 bytes from 10.1.0.9: icmp_seq=2 ttl=64 time=0.385 ms
then I've imported the public key on Openstack, created a new instance and then I tried to run the connection from neutron-gateway.
ubuntu@os-compute03:~$ sudo ip netns exec qrouter-fc288112-3fce-405d-9c3f-5451253de4f0 ssh -i .ssh/cloud.key.pub -p 22 ubuntu@10.0.0.9 -v
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 10.0.0.9 [10.0.0.9] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file .ssh/cloud.key.pub type 0
debug1: key_load_public: No such file or directory
debug1: identity file .ssh/cloud.key.pub-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6p1 Ubuntu-4
debug1: match: OpenSSH_7.6p1 Ubuntu-4 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 10.0.0.9:22 as 'ubuntu'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:uhk/YW8LX1R8ZDaMtpg0093Qqtvuh1zBiM/JZ9cCAHQ
debug1: Host '10.1.0.13' is known and matches the ECDSA host key.
debug1: Found key in /root/.ssh/known_hosts:2
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:MkeQaw9euGwwKRu9Ck54BeoLlH1zctL0Fh7SUTelRDc .ssh/id_rsa.pub
debug1: Server accepts key: pkalg rsa-sha2-512 blen 279
Load key ".ssh/cloud.key.pub": invalid format
debug1: No more authentication methods to try.
ubuntu@10.0.0.9: Permission denied (publickey).
in the input there is this error:
Load key ".ssh/cloud.key.pub": invalid format
why?
In ssh client you need the private key , the pub must be in the server's authorized_keys and can be instert there manually or with cloud-init and metadata service in cloud environments.