[cs615asa] Permission denied (publickey) on every new instance

rweng rweng at stevens.edu
Mon Feb 4 14:26:52 EST 2013 

  

Hi Yan, 

Wish these two could help: 

1. Check the chmod 400 of
id_rsa-hyan2-keypair, 

2. sudo ssh ... 

Sincerely, 

Renjie Weng


rweng at stevens.edu

> Date: Mon, 4 Feb 2013 14:17:48 -0500
> From:
hyan2 at stevens.edu
> To: cs615asa at lists.stevens.edu
> Subject: [cs615asa]
Permission denied (publickey) on every new instance
> 
> Hi Professor,
>

> I created a new instance, use the same key pair of another 
>
instance(Omni OS). That key pair works well when I ssh to Omni OS but 
>
got Permission denied (publickey) error on every new instance I created.

> I searched many solutions from internet but they didn't work for
me.
> 
> The following is the output of ssh, its wired here:
> 
>
debug1: Trying private key: id_rsa-hyan2-keypair
> debug1:
PEM_read_PrivateKey failed
> debug1: read PEM private key done: type 
>

> It seems that my private key is wrong. But when I connected to Omni
OS, 
> I also got this log file but it works well. This key is generated
from 
> ec2-add-keypair hyan2-keypair. It just copy it into a plaintext
file.
> -------------------------------------------------
>
OpenSSH_5.6p1, OpenSSL 0.9.8r 8 Feb 2011
> debug1: Reading configuration
data /etc/ssh_config
> debug1: Applying options for *
> debug1:
Connecting to ec2-184-72-89-154.compute-1.amazonaws.com 
>
[184.72.89.154] port 22.
> debug1: Connection established.
> debug1:
identity file id_rsa-hyan2-keypair type -1
> debug1: identity file
id_rsa-hyan2-keypair-cert type -1
> debug1: Remote protocol version 2.0,
remote software version 
> OpenSSH_5.9p1 Debian-5ubuntu1
> debug1:
match: OpenSSH_5.9p1 Debian-5ubuntu1 pat OpenSSH*
> debug1: Enabling
compatibility mode for protocol 2.0
> debug1: Local version string
SSH-2.0-OpenSSH_5.6
> debug1: SSH2_MSG_KEXINIT sent
> debug1:
SSH2_MSG_KEXINIT received
> debug1: kex: server->client aes128-ctr
hmac-md5 none
> debug1: kex: client->server aes128-ctr hmac-md5 none
>
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024 debug1:
SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting
SSH2_MSG_KEX_DH_GEX_REPLY
> debug1: Host
'ec2-184-72-89-154.compute-1.amazonaws.com' is known and 
> matches the
RSA host key.
> debug1: Found key in /Users/hanyan/.ssh/known_hosts:12
>
debug1: ssh_rsa_verify: signature correct
> debug1: SSH2_MSG_NEWKEYS
sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug1: SSH2_MSG_NEWKEYS
received
> debug1: Roaming not allowed by server
> debug1:
SSH2_MSG_SERVICE_REQUEST sent
> debug1: SSH2_MSG_SERVICE_ACCEPT
received
> debug1: Authentications that can continue: publickey
>
debug1: Next authentication method: publickey
> debug1: Offering RSA
public key: /Users/hanyan/.ssh/created_keypair.pem
> debug1:
Authentications that can continue: publickey
> debug1: Trying private
key: id_rsa-hyan2-keypair
> debug1: PEM_read_PrivateKey failed
> debug1:
read PEM private key done: type 
> debug1: No more authentication
methods to try.
> Permission denied (publickey).
> 
> If I use Amazon's
web based tools to launch a new instances and choose 
> to generate a
new keypair for the new instance. I download that private 
> key and use
it to ssh to such instance. I also got this problem. Here is 
> the
output:
>
---------------------------------------------------------------------------------
>
OpenSSH_5.6p1, OpenSSL 0.9.8r 8 Feb 2011
> debug1: Reading
configuration data /etc/ssh_config
> debug1: Applying options for *
>
debug1: Connecting to ec2-23-22-179-129.compute-1.amazonaws.com 
>
[23.22.179.129] port 22.
> debug1: Connection established.
> debug1:
permanently_set_uid: 0/0
> debug1: identity file
/Users/hanyan/.ssh/created_keypair.pem type -1
> debug1: identity file
/Users/hanyan/.ssh/created_keypair.pem-cert type 
> -1
> debug1: Remote
protocol version 2.0, remote software version 
> OpenSSH_5.9p1
Debian-5ubuntu1
> debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1 pat
OpenSSH*
> debug1: Enabling compatibility mode for protocol 2.0
>
debug1: Local version string SSH-2.0-OpenSSH_5.6
> debug1:
SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex:
server->client aes128-ctr hmac-md5 none
> debug1: kex: client->server
aes128-ctr hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting
SSH2_MSG_KEX_DH_GEX_REPLY
> debug1: Host
'ec2-23-22-179-129.compute-1.amazonaws.com' is known and 
> matches the
RSA host key.
> debug1: Found key in /var/root/.ssh/known_hosts:6
>
debug1: ssh_rsa_verify: signature correct
> debug1: SSH2_MSG_NEWKEYS
sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug1: SSH2_MSG_NEWKEYS
received
> debug1: Roaming not allowed by server
> debug1:
SSH2_MSG_SERVICE_REQUEST sent
> debug1: SSH2_MSG_SERVICE_ACCEPT
received
> debug1: Authentications that can continue: publickey
>
debug1: Next authentication method: publickey
> debug1: Offering RSA
public key: /Users/hanyan/.ssh/created_keypair.pem
> debug1:
Authentications that can continue: publickey
> debug1: Trying private
key: /Users/hanyan/.ssh/created_keypair.pem
> debug1: read PEM private
key done: type RSA
> debug1: Authentications that can continue:
publickey
> debug1: No more authentication methods to try.
> Permission
denied (publickey).
>
---------------------------------------------------------------------------------
>

> Thank you for your help.
> 
> -Han
>
_______________________________________________
> cs615asa mailing
list
> cs615asa at lists.stevens.edu
>
https://lists.stevens.edu/cgi-bin/mailman/listinfo/cs615asa 
  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.stevens.edu/cgi-bin/mailman/private/cs615asa/attachments/20130204/a897e008/attachment-0001.html>

More information about the cs615asa mailing list