Ask Your Question
1

Unable to ssh with key pair - Ubuntu (permission denied)

asked 2015-06-05 22:08:09 -0500

beinghuman gravatar image

updated 2015-06-08 00:25:11 -0500

uts9 gravatar image

Hi Everyone,

I am unable to login to Ubuntu instance i created using key based auth from horizon. Before launching i created the key, saved on the private key on my MAC and then allocated a floating IP. I am allowing all traffic from security rules but when i try to SSH into it fails with "Permission denied (Public key) error. I have pasted the verbose logs to provide more info. Has anyone faced this issue? I will appreciate if someone can help with this issue please.

root@network:~# ssh -i .ssh/user.pem -vvv root@10.173.8.15

OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: /etc/ssh/ssh_config line 19: Applying options for *

debug2: ssh_connect: needpriv 0

debug1: Connecting to 10.173.8.15 [10.173.8.15] port 22.

debug1: Connection established.

debug1: permanently_set_uid: 0/0

debug3: Incorrect RSA1 identifier

debug3: Could not load ".ssh/user.pem" as a RSA1 public key

debug1: identity file .ssh/user.pem type -1

debug1: identity file .ssh/user.pem-cert type -1

debug1: Enabling compatibility mode for protocol 2.0

debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2

debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2

debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 pat OpenSSH_6.6.1* compat 0x04000000

debug2: fd 3 setting O_NONBLOCK

debug3: load_hostkeys: loading entries for host "10.173.8.15" from file "/root/.ssh/known_hosts"

debug3: load_hostkeys: found key type ECDSA in file /root/.ssh/known_hosts:1

debug3: load_hostkeys: loaded 1 keys

debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug1: SSH2_MSG_KEXINIT sent

debug1: SSH2_MSG_KEXINIT received

debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-ed25519,ssh-rsa,ssh-dss

debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se

debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se

debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96

debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96

debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib

debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib

debug2: kex_parse_kexinit: 

debug2: kex_parse_kexinit: 

debug2: kex_parse_kexinit: first_kex_follows 0 

debug2: kex_parse_kexinit: reserved 0 

debug2: kex_parse_kexinit: curve25519-sha256 ...
(more)
edit retag flag offensive close merge delete

Comments

Hi, thank you. I tried ec2-user but it gave me the same error. Also when i looked at the logs on openstack dashboard i see following logs,

ci-info: no authorized ssh keys fingerprints found for user ubuntu.

Ubuntu 14.04.2 LTS ubuntu ttyS0

ubuntu login: �

How can i find out the user name?

beinghuman gravatar imagebeinghuman ( 2015-06-06 02:19:20 -0500 )edit

2 answers

Sort by » oldest newest most voted
1

answered 2015-06-06 01:06:09 -0500

sandlbn gravatar image

updated 2015-06-06 01:06:54 -0500

Are you sure that your Ubuntu image have a root account ? Normal cloud image should only have ec2-user account. ssh -i .ssh/user.pem -vvv ec2-user@10.173.8.15

edit flag offensive delete link more

Comments

Yes, you're right, by default you can access server under non-root account. To able login as root you have to set root password on server and edit your SSH config /etc/ssh/sshd_config

set PermitRootLogin to yes

and make sure that your private key has 600 permissions

Pavel Kutishchev gravatar imagePavel Kutishchev ( 2015-06-06 02:30:24 -0500 )edit
0

answered 2017-03-07 23:23:23 -0500

amitabh sinha gravatar image

I have encountered the same issue earlier. Its because of MTU szie, kindly change the instance mtu to 1400. sudo ip link set eth0 mtu 1400

Refer the below question for more details

https://ask.openstack.org/en/question...

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-06-05 22:08:09 -0500

Seen: 2,463 times

Last updated: Mar 07 '17