Ask Your Question

heat - access created vm - permission denied (publickey)

asked 2015-01-15 09:20:42 -0500

anonymous user


updated 2015-01-16 10:10:34 -0500


trying to ssh to a vm created through heat I found this error: Permission denied (publickey)

The strange thing is that if I manually start an identical VM (same image, flavor, security_group, keypair, network) I could perfectly access the VM.

Anyone has encountered this issue before?


ISSUE UPDATE I could not explain myself why VM creation works differently through heat... Is there anything I missed?

ISSUE UPDATE2 I tried the same heat template with a cirros image, and I can access to the VM with the key. The not-working image is an ubuntu12.04 with cloud-init (image downloaded from )

ISSUE UPDATE3 I changed approach, trying to create the keypair at runtime, during stack creation. The key is correctly created and I print the private key as template output. When I use the key to access the VM I get same error as before...

    type: OS::Nova::KeyPair
      name: test-kp
      save_private_key: True

    description: keypair private key
    value: { get_attr: [ test-kp, private_key ] }

ISSUE UPDATE4 Same problem with centos template

It seems like the key is not correctly injected when deploying through Heat...

edit retag flag offensive close merge delete


Did you give the key while creating the stack, it takes in the parameter KeyName

Syed Awais Ali gravatar imageSyed Awais Ali ( 2015-01-16 03:28:46 -0500 )edit

yes, I gave the key with the parameter KeyName. It works correctly, in the sense that I see in Horizon the VM with the correct key, but when I try to access it with that key it shows that error...

agti gravatar imageagti ( 2015-01-16 05:25:33 -0500 )edit

What is the username you're using to log in, and does it match the one configured as instance_user in /etc/heat/heat.conf?

zaneb gravatar imagezaneb ( 2015-01-26 14:37:17 -0500 )edit

I think that option is deprecated in Juno. I use ubuntu or centos users accessing corresponding images.

agti gravatar imageagti ( 2015-01-28 05:05:31 -0500 )edit

Currently facing same kind of issue. Did you solve it?

antisrdy gravatar imageantisrdy ( 2015-02-06 13:29:14 -0500 )edit

1 answer

Sort by ยป oldest newest most voted

answered 2015-02-06 14:36:05 -0500

antisrdy gravatar image

Finally got an answer !

In my case, Heat did not use cloud-init param, but it did use meta data config. As a result, user was not ubuntu, as expected, but ec2-user. I figured it out looking at the key repository available in the log.

You can change it using admin_user parameter

edit flag offensive delete link more


Thanks for sharing.

SGPJ gravatar imageSGPJ ( 2015-02-12 06:02:57 -0500 )edit

Worked perfectly! Thanks!

bill-ward gravatar imagebill-ward ( 2015-04-15 15:29:40 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2015-01-15 09:20:42 -0500

Seen: 1,012 times

Last updated: Feb 06 '15