Ask Your Question
0

Cannot ssh fedora19 instance

asked 2015-01-12 21:52:50 -0600

ggont gravatar image

Hello,

I just finished installing on a lap top Centos 7 and then openstack allinone. Then made modification to deploy openstack on an existing network. After I followed all the tutorials (config might be messed up because of trials and troubleshooting) I was able to associate a floating IP from external network (my home subnet) to fedora19 instance.

I was about to test the final step, ssh that IP. From the laptop running instance I got the following error: Permission denied(publickey,gsapi-keyex,gsapi-with-mic) From a windows machine on the same network I ssh using putty. I see login prompt but do not know user. Tried fedora as per some other posts but I get error : Disconnected: No supported authentication methods available.

Questions: 1) Since I can see loging prompt, this means that IP config is correct, right? 2) Anyway I can login? 3) Since I am thinking of re-installing packstack for training please include any steps that I should have done before.

Thanks! George

edit retag flag offensive close merge delete

4 answers

Sort by ยป oldest newest most voted
1

answered 2015-01-21 18:36:28 -0600

ggont gravatar image

Hello,

I have resolved the issue. Your comments have gave me valuable hints. I was using a windows laptop to launch horizon and manage openstack. When I created a new user-group and key-pair I noticed that the PEM file was downloaded on windows. SSH from Putty was failing because I needed to import that key from the downloaded folder. You can do that in Putty SSH settings. Once I did that I was able to ssh. User "fedora" provides access to vm instance without asking for a pwd.

Thanks for your support!

edit flag offensive delete link more
0

answered 2015-01-12 23:24:10 -0600

1: First thing, make sure that VM is accessible through public ip to check Ping the VM through Public IP. 2: If Ping is successful, than ssh to VM using key-pair you used to boot up VM as

ssh -l user -i key.pem 172.16.10.52

P.S If you are using fedora cloud image, replace user with ec2-user

edit flag offensive delete link more

Comments

I added an ICMP rule and now I can ping the floating IP. I still cannot ssh. Where is the key.pem file? From putty both user and ec2-user logins fail.

ggont gravatar imageggont ( 2015-01-13 16:39:36 -0600 )edit

can you post the console logs, also did you add a port 22 rule for SSH access ?

omar-munoz gravatar imageomar-munoz ( 2015-01-13 20:25:27 -0600 )edit
0

answered 2015-01-13 12:52:26 -0600

alop gravatar image

PermissionDenined is coming from your VM instance, which means you probably forgot to add your SSH key

edit flag offensive delete link more
0

answered 2015-01-16 23:13:56 -0600

Vukasin gravatar image

updated 2015-01-16 23:14:49 -0600

###Method 1

To be on safe side create security group with explicit allowness of SSH protocol and associete it with your Instance - I had some issues with default sec. group earlier.

Then try to access you VM over web cli console and login into instance.

Configure your SSHD - I'll enable only rsa key auth and disable all other methods. For sure I'll disable root login over SSH.

Export your pub key(e.g. id_rsa.pub) into sudoers account (user with sudo rights)

Try to login into you Fedora Instance ssh -l test_user -i ~/.ssh/id_rsa <floating_ip>

###Method 2

From networking perspective you can access instance from neutron router namespace:

# List IP Namespaces
$ ip netns

choose one with qrouter....... in name

login to router namespace:

$ ip netns exec <qrouter-namespace-id> bash
$ ssh -l test_user -i ~/.ssh/id_rsa instance_ip

If you success to login here you have issue with openstack if not you have issue with your instance config.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-01-12 21:52:50 -0600

Seen: 454 times

Last updated: Jan 21 '15