maas-devel team mailing list archive

["Francis J. Lacoste" <francis.lacoste@xxxxxxxxxxxxx>]

On 12-04-19 04:53 PM, Diogo Matsubara wrote:
>>> For the user created by `sudo maas createsuperuser`. Are you logging
>>> >> into MAAS using that user?
>> >
>> > I am logging into the web interface as that user, yes. The ssh key I
>> > generated was done within my normal user account (not root, not
>> > 'superuser'... does superuser even has login privileges via ssh?)
> This is correct. We just found a bug in the documentation. An
> important part of the step after generating your ssh-key is to add
> that key in your user's MAAS preferences page. The same page used to
> get the API key you used on your .juju/environment.yaml
> 

That's a misunderstanding. You don't need to associate your SSH key with
your account in MAAS to use Juju. Juju will automatically add the user's
SSH key to the ubuntu account. Associating SSH keys is only required if
you want to manage the instance without Juju.

So as long as the user running juju has SSH keys generated, you'll be
able to log into the instances started through juju.


> So what I think is happening:
> 
> - node boots
> - node talks to maas server and identifies itself
> - maas server sees the user associated with that node
> - node ask for the public ssh key for that user
> - It can't find the key
>   maas.log: MAASAPINotFound: No registered public keys
>   access.log: 172.23.1.161 - - [19/Apr/2012:11:38:32 -0500] "GET
> /MAAS/metadata//2012-03-01/meta-data/public-keys HTTP/1.1" 404 249 "-"
> "Python-urllib/2.7"
> - it continues booting but the nodes become inacessible to that user
> since there's no user/pass set and auth should happen through pubkey
> authentication
> 
> If you have registered your ssh key into the MAAS interface, then it's
> probably another bug.

Right, the MAASAPINotFound error is because there is no SSH keys present
in the MAAS. But like I said, that's not a problem if you are using
Juju. (We should probably make that error go away as it is confusing.
It's not really an error if a user doesn't have registered any public keys.)
> 


>> >
>>> >>
>>>> >>> SSH host key and reported:
>>>> >>> cloud-init boot finished at Thu... Up 23.35 seconds.
>>>> >>> Followed shortly by:
>>>> >>> Skipping profile in /etc/aparmor.d/disable: usr.sbin.rsyslogd
>>>> >>> landscape-client is not configured...
>>>> >>>
>>> >>
>>> >> Can you ssh into the instance?
>> >
>> > No:
>> > $ ssh 172.23.1.5
>> > Permission denied (publickey).
>> > $
>> >
>> > I couldn't ssh into it anyway could I? I don't know the
>> > username/password that the nodes use.
> Yes, you can only ssh into the node using public key authentication. I
> don't think there's a user/pass set
> 


That's right, that you can only log into instances using public key
auth, but the user you need to log into is ubuntu.

So use ubuntu@172.23.1.5




-- 
Francis J. Lacoste
francis.lacoste@xxxxxxxxxxxxx

Attachment: signature.asc
Description: OpenPGP digital signature