Solved

SSH error "Permission Denied (publickey)" Cloudstack

Posted on 2012-03-23
4
2,567 Views
Last Modified: 2012-06-21
Hi,

I have installed a Cloudstack environment whereby we have a 1 management server and 2 Xenserver hosts. I have recently been advised to update a Cloudstack securty certificate in order to fix a previous issue I was having, however in doing so I have been left unable to ssh in to my console proxy VM, or any other virtual machines for that matter. The error I am recieving is "Permission Denied (publickey)".

# ssh -i /root/.ssh/id_rsa.cloud -p 3922 root@169.254.3.143
Permission denied (publickey).


Shown below is a debug of the ssh connection:
[root@yds-clvm1 /]# ssh -vT -i /root/.ssh/id_rsa.cloud -p 3922 root@169.254.3.143
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 169.254.3.143 [169.254.3.143] port 3922.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa.cloud type -1
debug1: loaded 1 keys
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.5p1 Debian-6
debug1: match: OpenSSH_5.5p1 Debian-6 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '169.254.3.143' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa.cloud
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).

Before applying the certificate update I was able to access using SSH fine.

This is the update I applied:
http://docs.cloudstack.org/Knowledge_Base/Updating_the_SSL_certificate_for_realhostip_domain

Any help would be great.

Thanks,
Adam
0
Comment
Question by:YorkData
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 11

Expert Comment

by:legolasthehansy
ID: 37757100
Have you tried the toubleshooting section on the link you provided. This looks like a customized setup and you would need to get help from support
0
 
LVL 7

Expert Comment

by:expert1010
ID: 37760935
Check that your public key (/root/.ssh/id_rsa.cloud.pub) is in 169.254.3.143:/root/.ssh/authorized_keys

I've sometimes had problems with wrong ownership on .ssh or .ssh/authorized_keys. Mostly that has been my own fault like copying with wrong user or permissions.
0
 

Accepted Solution

by:
YorkData earned 0 total points
ID: 37861452
Apologies about abandon of question. I was able to revert the connecting sevrer back to a prevous snapshot (VM) and also had to re-build the Xen VM on which the Console Proxy was sitting. Not an ideal solution, or one that will help others however fixed my problem in the end.

Thanks,
Adam
0
 

Author Closing Comment

by:YorkData
ID: 37879972
Fixed my issue.
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Need to grow your business through quality cloud solutions? With everything required to build a cloud platform and solution, you may feel like the distance between you and the cloud is quite long. Help is here. Spend some time learning about the Con…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question