← Back to team overview

openstack team mailing list archive

Re: ssh from VM to VM

 

You probably also copied the private key when you did this, which from your
description, is the bit you were missing. I.e., you were going from a
hostA(with private key X) -> hostB (pub key X in authorized_keys, no copy
of private key X) -> hostC (pub key X in authorized_keys), hostC was
denying you access because you did not have private key X that it could
authenticate with.

Sounds like you probably want to be using ssh auth forwarding see "ssh -A"
when using ssh-agent, this way you're not proliferating copies of your
private key!

Cheers,


On 17 March 2013 06:47, Chathura M. Sarathchandra Magurawalage <
77.chathura@xxxxxxxxx> wrote:

> I solved the issue by copying the rsa public key of the first VM to the
> second VM. Thought I did not have to do this.
>
> Thanks.
>
> On 16 March 2013 12:34, Pranav <pps.pranav@xxxxxxxxx> wrote:
>
>> I think you need not exchange key pairs for Cirros image.
>> Regards,
>> Pranav
>>
>>
>> On Sat, Mar 16, 2013 at 4:32 PM, Chathura M. Sarathchandra Magurawalage <
>> 77.chathura@xxxxxxxxx> wrote:
>>
>>> Thanks for your reply.
>>>
>>> I have inserted PasswordAuthentication yes to the ssh config file. All
>>> VMs have the same metadata including the ssh public key of the controller.
>>> So I cant see why only cirros vms can do this.
>>>
>>> Still does not work.
>>>
>>>
>>>
>>> On 16 March 2013 06:24, Aaron Rosen <arosen@xxxxxxxxxx> wrote:
>>>
>>>> I suspect that that host 10.5.5.6 has ssh configured for
>>>> PasswordAuthentication set to no and you don't have your public key of the
>>>> host you are on, in the authorized_key file of 10.5.5.6.
>>>>
>>>> Aaron
>>>>
>>>>  On Fri, Mar 15, 2013 at 7:26 PM, Chathura M. Sarathchandra
>>>> Magurawalage <77.chathura@xxxxxxxxx> wrote:
>>>>
>>>>> Hello,
>>>>>
>>>>> I can't ssh from Ubuntu cloud VM to other VM. I get following
>>>>>
>>>>> ubuntu@master:~$ ssh cirros@10.5.5.6 -v
>>>>> OpenSSH_5.9p1 Debian-5ubuntu1, OpenSSL 1.0.1 14 Mar 2012
>>>>> debug1: Reading configuration data /etc/ssh/ssh_config
>>>>> debug1: /etc/ssh/ssh_config line 19: Applying options for *
>>>>> debug1: Connecting to 10.5.5.6 [10.5.5.6] port 22.
>>>>> debug1: Connection established.
>>>>> debug1: identity file /home/ubuntu/.ssh/id_rsa type -1
>>>>> debug1: identity file /home/ubuntu/.ssh/id_rsa-cert type -1
>>>>> debug1: identity file /home/ubuntu/.ssh/id_dsa type -1
>>>>> debug1: identity file /home/ubuntu/.ssh/id_dsa-cert type -1
>>>>> debug1: identity file /home/ubuntu/.ssh/id_ecdsa type -1
>>>>> debug1: identity file /home/ubuntu/.ssh/id_ecdsa-cert type -1
>>>>> debug1: Remote protocol version 2.0, remote software version
>>>>> OpenSSH_5.9p1 Debian-5ubuntu1
>>>>> debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1 pat OpenSSH*
>>>>> debug1: Enabling compatibility mode for protocol 2.0
>>>>> debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1
>>>>> debug1: SSH2_MSG_KEXINIT sent
>>>>> debug1: SSH2_MSG_KEXINIT received
>>>>> debug1: kex: server->client aes128-ctr hmac-md5 none
>>>>> debug1: kex: client->server aes128-ctr hmac-md5 none
>>>>> debug1: sending SSH2_MSG_KEX_ECDH_INIT
>>>>> debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
>>>>> debug1: Server host key: ECDSA
>>>>> 7b:8f:6a:ee:ba:e5:0a:c5:04:01:ca:bd:e5:38:69:55
>>>>> debug1: Host '10.5.5.6' is known and matches the ECDSA host key.
>>>>> debug1: Found key in /home/ubuntu/.ssh/known_hosts:4
>>>>> debug1: ssh_ecdsa_verify: signature correct
>>>>> debug1: SSH2_MSG_NEWKEYS sent
>>>>> debug1: expecting SSH2_MSG_NEWKEYS
>>>>> debug1: SSH2_MSG_NEWKEYS received
>>>>> debug1: Roaming not allowed by server
>>>>> debug1: SSH2_MSG_SERVICE_REQUEST sent
>>>>> debug1: SSH2_MSG_SERVICE_ACCEPT received
>>>>> debug1: Authentications that can continue: publickey
>>>>> debug1: Next authentication method: publickey
>>>>> debug1: Trying private key: /home/ubuntu/.ssh/id_rsa
>>>>> debug1: Trying private key: /home/ubuntu/.ssh/id_dsa
>>>>> debug1: Trying private key: /home/ubuntu/.ssh/id_ecdsa
>>>>> debug1: No more authentication methods to try.
>>>>> Permission denied (publickey).
>>>>>
>>>>> But I can ssh from to my Cirros VMs. Also I can ssh from Ubuntu VM to
>>>>> Cirros VM.
>>>>>
>>>>> Any Idea?
>>>>>
>>>>> Thanks.
>>>>>
>>>>> _______________________________________________
>>>>> Mailing list: https://launchpad.net/~openstack
>>>>> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
>>>>> Unsubscribe : https://launchpad.net/~openstack
>>>>> More help   : https://help.launchpad.net/ListHelp
>>>>>
>>>>>
>>>>
>>>
>>> _______________________________________________
>>> Mailing list: https://launchpad.net/~openstack
>>> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
>>> Unsubscribe : https://launchpad.net/~openstack
>>> More help   : https://help.launchpad.net/ListHelp
>>>
>>>
>>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
>
>


-- 
Cheers,
~Blairo

References