Ask Your Question
0

Cannot ssh fedora19 instance

asked 2015-01-12 21:52:50 -0500

ggont gravatar image

Hello,

I just finished installing on a lap top Centos 7 and then openstack allinone. Then made modification to deploy openstack on an existing network. After I followed all the tutorials (config might be messed up because of trials and troubleshooting) I was able to associate a floating IP from external network (my home subnet) to fedora19 instance.

I was about to test the final step, ssh that IP. From the laptop running instance I got the following error: Permission denied(publickey,gsapi-keyex,gsapi-with-mic) From a windows machine on the same network I ssh using putty. I see login prompt but do not know user. Tried fedora as per some other posts but I get error : Disconnected: No supported authentication methods available.

Questions: 1) Since I can see loging prompt, this means that IP config is correct, right? 2) Anyway I can login? 3) Since I am thinking of re-installing packstack for training please include any steps that I should have done before.

Thanks! George

edit retag flag offensive close merge delete

4 answers

Sort by ยป oldest newest most voted
1

answered 2015-01-21 18:36:28 -0500

ggont gravatar image

Hello,

I have resolved the issue. Your comments have gave me valuable hints. I was using a windows laptop to launch horizon and manage openstack. When I created a new user-group and key-pair I noticed that the PEM file was downloaded on windows. SSH from Putty was failing because I needed to import that key from the downloaded folder. You can do that in Putty SSH settings. Once I did that I was able to ssh. User "fedora" provides access to vm instance without asking for a pwd.

Thanks for your support!

edit flag offensive delete link more
0

answered 2015-01-16 23:13:56 -0500

Vukasin gravatar image

updated 2015-01-16 23:14:49 -0500

###Method 1

To be on safe side create security group with explicit allowness of SSH protocol and associete it with your Instance - I had some issues with default sec. group earlier.

Then try to access you VM over web cli console and login into instance.

Configure your SSHD - I'll enable only rsa key auth and disable all other methods. For sure I'll disable root login over SSH.

Export your pub key(e.g. id_rsa.pub) into sudoers account (user with sudo rights)

Try to login into you Fedora Instance ssh -l test_user -i ~/.ssh/id_rsa <floating_ip>

###Method 2

From networking perspective you can access instance from neutron router namespace:

# List IP Namespaces
$ ip netns

choose one with qrouter....... in name

login to router namespace:

$ ip netns exec <qrouter-namespace-id> bash
$ ssh -l test_user -i ~/.ssh/id_rsa instance_ip

If you success to login here you have issue with openstack if not you have issue with your instance config.

edit flag offensive delete link more
0

answered 2015-01-13 12:52:26 -0500

alop gravatar image

PermissionDenined is coming from your VM instance, which means you probably forgot to add your SSH key

edit flag offensive delete link more
0

answered 2015-01-12 23:24:10 -0500

1: First thing, make sure that VM is accessible through public ip to check Ping the VM through Public IP. 2: If Ping is successful, than ssh to VM using key-pair you used to boot up VM as

ssh -l user -i key.pem 172.16.10.52

P.S If you are using fedora cloud image, replace user with ec2-user

edit flag offensive delete link more

Comments

I added an ICMP rule and now I can ping the floating IP. I still cannot ssh. Where is the key.pem file? From putty both user and ec2-user logins fail.

ggont gravatar imageggont ( 2015-01-13 16:39:36 -0500 )edit

can you post the console logs, also did you add a port 22 rule for SSH access ?

omar-munoz gravatar imageomar-munoz ( 2015-01-13 20:25:27 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-01-12 21:52:50 -0500

Seen: 465 times

Last updated: Jan 21 '15