Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

SSH error "Permission Denied (publickey)" Cloudstack

Posted on 2012-03-23
4
Medium Priority
?
2,633 Views
Last Modified: 2012-06-21
Hi,

I have installed a Cloudstack environment whereby we have a 1 management server and 2 Xenserver hosts. I have recently been advised to update a Cloudstack securty certificate in order to fix a previous issue I was having, however in doing so I have been left unable to ssh in to my console proxy VM, or any other virtual machines for that matter. The error I am recieving is "Permission Denied (publickey)".

# ssh -i /root/.ssh/id_rsa.cloud -p 3922 root@169.254.3.143
Permission denied (publickey).


Shown below is a debug of the ssh connection:
[root@yds-clvm1 /]# ssh -vT -i /root/.ssh/id_rsa.cloud -p 3922 root@169.254.3.143
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 169.254.3.143 [169.254.3.143] port 3922.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa.cloud type -1
debug1: loaded 1 keys
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.5p1 Debian-6
debug1: match: OpenSSH_5.5p1 Debian-6 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '169.254.3.143' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa.cloud
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).

Before applying the certificate update I was able to access using SSH fine.

This is the update I applied:
http://docs.cloudstack.org/Knowledge_Base/Updating_the_SSL_certificate_for_realhostip_domain

Any help would be great.

Thanks,
Adam
0
Comment
Question by:YorkData
  • 2
4 Comments
 
LVL 11

Expert Comment

by:legolasthehansy
ID: 37757100
Have you tried the toubleshooting section on the link you provided. This looks like a customized setup and you would need to get help from support
0
 
LVL 7

Expert Comment

by:expert1010
ID: 37760935
Check that your public key (/root/.ssh/id_rsa.cloud.pub) is in 169.254.3.143:/root/.ssh/authorized_keys

I've sometimes had problems with wrong ownership on .ssh or .ssh/authorized_keys. Mostly that has been my own fault like copying with wrong user or permissions.
0
 

Accepted Solution

by:
YorkData earned 0 total points
ID: 37861452
Apologies about abandon of question. I was able to revert the connecting sevrer back to a prevous snapshot (VM) and also had to re-build the Xen VM on which the Console Proxy was sitting. Not an ideal solution, or one that will help others however fixed my problem in the end.

Thanks,
Adam
0
 

Author Closing Comment

by:YorkData
ID: 37879972
Fixed my issue.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There is no doubt that cloud is gaining importance. Many of you must have read about this technology and its growing importance. More and more organisations are embracing this technology not forgetting start-ups. The process begins by dipping …
You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question