Cannot reach ubuntu cloud image instance with floating IP but can ssh it with private IP

asked 2015-02-18 23:04:06 -0600

I setup a test 3 nodes openstack test environment. I can launch, ping and ssh to CirrOS instance with floating IP. After that I created a instance with ubuntu cloud image. When launch the instance I create a new user and write the instance SSHD config file to enable password auth with cloud config script .

Now I can ping the ubuntu instance, but can not ssh to the instance with floating IP. I can ssh to the CirrOS instance first and in the cirros instance I can ssh to the ubuntu instance with private IP.

I checked the security group. The CirrOS and ubuntu instance are in the same group. When I ssh to the ubuntu instance with private IP, I checked the iptables, the iptables is disabled.

Any ideas about that?

answered 2015-02-19 06:42:18 -0600

I've isolated the problem to the client/server SSH interaction. I found that on the client side (ubuntu 14.04) when I add the following parameter to ssh_config:

MACs hmac-md5,hmac-sha1,,hmac-ripemd160

I can successfully login to both the cirros and the ubuntu precise instances! Strangely, even with this configuration parameter, SSH still hangs on the fedora instance after

debug1: SSH2_MSG_KEXINIT sent

I really don't know why specifying this MACs list in ssh_config is working, since on several of any successful ssh connections I've looked at, they always seem to be using hmac-md5, which is first in the list both in the config option I set above, and higher in precedence than the others as specified in the man page for ssh_config. Perhaps someone who knows more about SSH can help on this? Better understading this might help with solving the hangup with the fedora instance!

