Ask Your Question
0

Unable to ssh instance with keypair

asked 2014-11-10 21:40:28 -0500

Joe gravatar image

updated 2014-11-11 11:34:20 -0500

larsks gravatar image

I set up Icehouse with a controller and a compute. Instances could be booted successfully, but I didn't create external network for instances. I used "ip netns exec qrouter-xxxxx" to access instances.

All images that I used were downloaded by Chapter 2. Get images, including cirros, ubuntu, fedora and centOS 6.5. I added keypair by following this.

I would like to ssh them by using keypair, but I always got the failed result, as follows.

root@controller:~# ip netns exec qrouter-ba352774-8898-4754-a40c-f425a84fba4f ssh -i ~/.ssh/id_rsa fedora@192.168.1.239
The authenticity of host '192.168.1.239 (192.168.1.239)' can't be established.
RSA key fingerprint is 70:0f:70:73:bb:bd:c2:91:30:8a:02:bd:93:5f:ae:5c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.239' (RSA) to the list of known hosts.
fedora@192.168.1.239's password:

or (centOS 6.5):

root@controller:~# ip netns exec qrouter-ba352774-8898-4754-a40c-f425a84fba4f ssh -i ~/.ssh/id_rsa 192.168.1.240
The authenticity of host '192.168.1.240 (192.168.1.240)' can't be established.
RSA key fingerprint is db:d3:62:c3:e6:e7:30:72:f3:02:12:03:3a:f6:27:71.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.240' (RSA) to the list of known hosts.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

I really couldn't figure out where the problem is and couldn't find any failed log. Is the problem on images? What should I do? Thanks.

edit retag flag offensive close merge delete

Comments

1

How did you start the images? Did you provide an ssh key name? In the second example, you're logging in as root rather than centos or cloud-user (whichever is the default for Centos 6).

larsks gravatar imagelarsks ( 2014-11-11 11:35:32 -0500 )edit

I started instances with nova boot command and also added --key-name to assign keypair, as follows. nova boot --image 59247xxx --flavor m1.small --key-name demo-key --nic net-id=8a848dxxx vm77 --poll I logged in centOS w/ centos and cloud-user, Ubuntu w/ ubuntu and cirrOS with cirros. All failed.

Joe gravatar imageJoe ( 2014-11-11 21:03:47 -0500 )edit

1 answer

Sort by ยป oldest newest most voted
0

answered 2014-11-13 04:48:15 -0500

Joe gravatar image

updated 2014-11-13 04:49:21 -0500

I found the root cause. Region name in /etc/neutron/metadata_agent.ini is wrong. It caused instances couldn't get key from metadata service. Thanks.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2014-11-10 21:40:28 -0500

Seen: 4,044 times

Last updated: Nov 13 '14