search

zonca / jupyterhub-deploy-kubernetes-jetstream

Configuration files for my tutorials on deploying JupyterHub on top of Kubernetes on XSEDE Jetstream (Openstack)
https://zonca.dev/categories/#jetstream
23 stars 14 forks source link

Permission denied (publickey) when trying to ssh into k8s-master #19

Closed davidedelvento closed 5 years ago

davidedelvento commented 5 years ago

I am strictly following the directions of https://zonca.github.io/2019/02/kubernetes-jupyterhub-jetstream-kubespray.html and everything works until the ssh ubuntu@$IP (I suspect that ansible will not work since it uses ssh).

The final part of ssh -vvv ubuntu@$IP is

debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:<hidden to prevent preimage attacks> /home/ddvento/.ssh/id_rsa
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug1: Trying private key: /home/ddvento/.ssh/id_dsa
debug3: no such identity: /home/ddvento/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /home/ddvento/.ssh/id_ecdsa
debug3: no such identity: /home/ddvento/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /home/ddvento/.ssh/id_ed25519
debug3: no such identity: /home/ddvento/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.

If I go into the Instance Console Log on the https://tacc.jetstream-cloud.org/dashboard/ I see:

updateserver login: ci-info: ++++++++Authorized keys from /home/ubuntu/.ssh/authorized_keys for user ubuntu++++++++
ci-info: +---------+-------------------------------------------------+---------+--------------+
ci-info: | Keytype |                Fingerprint (md5)                | Options |   Comment    |
ci-info: +---------+-------------------------------------------------+---------+--------------+
ci-info: | ssh-rsa | <hidden to prevent preimage attacks>            |    -    | stebird@jbm2 |
ci-info: +---------+-------------------------------------------------+---------+--------------+

And I confirmed with ssh-keygen -lf .ssh/id_rsa.pub -E md5 that this fingerprint is not the one of the ssh public key of the server I am running terraform/openstack from. Why this may be happening? What is stebird@jbm2 and where is it coming from?

@vanderwb small progress, but not enough to make a dent

zonca commented 5 years ago

Cross-check using the openstack client to understand what keys are attached to the instance

zonca commented 5 years ago

please reopen if there is more information