Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

How do I ssh to an OpenStack instance?

I have an OpenStack component server running Ubuntu. I created a Cirros instance via OpenStack's GUI. I associated an IP address with the Cirros instance using the OpenStack GUI. I can SSH from the Cirros instance to the Ubuntu server. But I cannot SSH from the Ubuntu server to the Cirros server. I get "Connection timed out." I can ping the Cirros instance's associated IP address. The echo comes from its original IP address.

I used nmap from the Ubuntu server to the Cirros server. Every port appears to be filtered (or blocked) on the target Cirros machine including port 135. That is, port 22 is not open between the Ubuntu server and the Cirros server. I can ssh from the Ubuntu server to other Linux machines (but not instances).

On the Cirros instance, I can ssh to the loopback IP address. I get prompted for a password. It works fine. What can I do to ssh from my Ubuntu machine to the Cirros instance?

I don't think a security group is blocking port 22. nova secgroup-list shows these rules were in place:

Protocol From Port       To Port
tcp            22            22     0.0.0.0/0    
icmp           -1            -1     0.0.0.0/0

What does port -1 do? It is an icmp rule. So it likely is irrelevant. But I am curious.

Could a neutron security group be blocking port 22 to the instance? How do I identify and modify such a rule?