SSH error "Permission Denied (publickey)" Cloudstack

Hi,

I have installed a Cloudstack environment whereby we have a 1 management server and 2 Xenserver hosts. I have recently been advised to update a Cloudstack securty certificate in order to fix a previous issue I was having, however in doing so I have been left unable to ssh in to my console proxy VM, or any other virtual machines for that matter. The error I am recieving is "Permission Denied (publickey)".

# ssh -i /root/.ssh/id_rsa.cloud -p 3922 root@169.254.3.143
Permission denied (publickey).


Shown below is a debug of the ssh connection:
[root@yds-clvm1 /]# ssh -vT -i /root/.ssh/id_rsa.cloud -p 3922 root@169.254.3.143
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 169.254.3.143 [169.254.3.143] port 3922.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa.cloud type -1
debug1: loaded 1 keys
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.5p1 Debian-6
debug1: match: OpenSSH_5.5p1 Debian-6 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '169.254.3.143' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa.cloud
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).

Before applying the certificate update I was able to access using SSH fine.

This is the update I applied:
http://docs.cloudstack.org/Knowledge_Base/Updating_the_SSL_certificate_for_realhostip_domain

Any help would be great.

Thanks,
Adam
YorkDataAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

legolasthehansyCommented:
Have you tried the toubleshooting section on the link you provided. This looks like a customized setup and you would need to get help from support
0
expert1010Commented:
Check that your public key (/root/.ssh/id_rsa.cloud.pub) is in 169.254.3.143:/root/.ssh/authorized_keys

I've sometimes had problems with wrong ownership on .ssh or .ssh/authorized_keys. Mostly that has been my own fault like copying with wrong user or permissions.
0
YorkDataAuthor Commented:
Apologies about abandon of question. I was able to revert the connecting sevrer back to a prevous snapshot (VM) and also had to re-build the Xen VM on which the Console Proxy was sitting. Not an ideal solution, or one that will help others however fixed my problem in the end.

Thanks,
Adam
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
YorkDataAuthor Commented:
Fixed my issue.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Cloud Computing

From novice to tech pro — start learning today.