This may be a dummy question: Can you create an instance from the same AMI using a different key or the public key is hardcode?
On Tue, Feb 21, 2012 at 12:06 PM, gerrit germis <[email protected]>wrote: > Hi Andrei, > > I tried starting the instance with whirr.bootstrap-user=ec2-user, but I get > the same issue: > > 2012-02-21 13:03:04,269 ERROR [net.schmizz.concurrent.Promise] (user thread > 2) <<authenticated>> woke to: net.schmizz.sshj.userauth.UserAuthException: > publickey auth failed > 2012-02-21 13:03:04,270 INFO [net.schmizz.sshj.userauth.UserAuthImpl] > (user thread 2) `publickey` auth failed > 2012-02-21 13:03:04,272 INFO [jclouds.ssh] (user thread 2) << > > (ec2-user:rsa[fingerprint(6e:40:92:20:fa:4e:7f:12:5f:91:d4:a7:8b:f3:c7:c8),sha1(11:35:0a:35:29:fe:66:11:17:d2:b6:c8:75:5c:be:92:75:ca:74:83)]@ > 204.236.154.23:22) error acquiring SSHClient(timeout=60000) (attempt 1 of > 7): Exhausted available authentication methods > > If i login manually with the user ec2-user, i can sudo without a password > > cheers, > Gerrit > > > On Tue, Feb 21, 2012 at 11:53 AM, Andrei Savu <[email protected]> > wrote: > > > Only the ability to do sudo without a password is a requirement for > Whirr. > > > > On Tue, Feb 21, 2012 at 10:50 AM, gerrit germis < > [email protected] > > >wrote: > > > > > Using a different image (us-west-1/ami-31fba674) (with which i can log > in > > > through ssh with the root user) it seems to work. I guess that's a > > > precondition for whirr ? > > > > > > cheers, > > > Gerrit > > > > > > On Tue, Feb 21, 2012 at 10:43 AM, gerrit germis < > > [email protected] > > > >wrote: > > > > > > > Hi Andrei > > > > > > > > I am using the trunk version of whirr (from > > > > https://svn.apache.org/repos/asf/whirr/trunk): > > > > > > > > $ svn update > > > > At revision 1291671. > > > > > > > > I tried launching an m1.large instance of that AMI > > > > (us-west-1/ami-e792cba2) but unfortunately got the same result. I > tried > > > > launching with whirr.bootstrap-user=whirr and without the option > > > > > > > > The AMI disallows logging in with the root user through ssh. That's > > why I > > > > thought I had to change the bootstrap-user parameter. Does whirr > expect > > > > some particular ssh options to be set perhaps? the > > /etc/sshd/sshd_config > > > > file looks like: > > > > > > > > Protocol 2 > > > > SyslogFacility AUTHPRIV > > > > PermitRootLogin no > > > > PasswordAuthentication yes > > > > ChallengeResponseAuthentication no > > > > GSSAPIAuthentication yes > > > > GSSAPICleanupCredentials yes > > > > UsePAM yes > > > > AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY > > > > LC_MESSAGES > > > > AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT > > > > AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE > > > > AcceptEnv XMODIFIERS > > > > X11Forwarding yes > > > > Subsystem sftp /usr/libexec/openssh/sftp-server > > > > > > > > > > > > This is what i get if i log in manually from the commandline with the > > > > private key I started the image with manually: (logging in as > > "ec2-user") > > > > > > > > debug1: Next authentication method: publickey > > > > debug1: Trying private key: /home/gerrit/.aws/certs/gerrit.pem > > > > debug1: read PEM private key done: type RSA > > > > debug3: sign_and_send_pubkey: RSA > > > > 3b:e6:b5:0b:ba:51:42:66:76:e7:39:68:82:5c:01:5d > > > > debug2: we sent a publickey packet, wait for reply > > > > debug1: Authentication succeeded (publickey). > > > > > > > > > > > > cheers > > > > Gerrit > > > > > > > > > > > > > > > > On Tue, Feb 21, 2012 at 10:09 AM, Andrei Savu <[email protected] > > > >wrote: > > > > > > > >> Gerrit if you are using 0.7.0 I recommend you give it another try > > with a > > > >> larger instance type (at least m1.small). Let me know if this works > > for > > > >> you. Other than that the recipe looks good to me. > > > >> > > > >> On Tue, Feb 21, 2012 at 4:40 AM, gerrit germis < > > > [email protected] > > > >> >wrote: > > > >> > > > >> > It was there.. i'll add it in the body this time: > > > >> > > > > >> > # Change the cluster name here > > > >> > whirr.cluster-name=upnxt-gge-test > > > >> > > > > >> > whirr.instance-templates=1 script:alexandria-server > > > >> > > > > >> > whirr.client-cidrs=0.0.0.0/0 > > > >> > whirr.firewall-rules=80,443,8080 > > > >> > > > > >> > whirr.hardware-min-ram=1024 > > > >> > whirr.location-id=us-west-1 > > > >> > > > > >> > # 32-bit: > > > >> > #whirr.image-id=us-west-1/ami-eb227eae > > > >> > > > > >> > # CentOS 64-bit: > > > >> > whirr.hardware-id=t1.micro > > > >> > whirr.image-id=us-west-1/ami-e792cba2 > > > >> > > > > >> > # installation alexandria server > > > >> > # - apache2 (proxy) > > > >> > # - java > > > >> > # - jboss > > > >> > # - alexandria ear > > > >> > whirr.script.alexandria-server.startup=install_alexandria_server > > > >> > whirr.script.alexandria-server.startup.param= > > > >> > > > > >> > > > > >> > > > > > > http://upnxt-thirdparty-us-west.s3.amazonaws.com/java/jdk-6u31-linux-i586.tar.gz > > > >> > whirr.script.alexandria-server.startup.param= > > > >> > > > > >> > > > > >> > > > > > > http://upnxt-thirdparty-us-west.s3.amazonaws.com/jboss/jboss-as-web-7.0.2.Final.tar.gz > > > >> > whirr.script.alexandria-server.startup.param= > > > >> > > > > >> > > > > >> > > > > > > http://upnxt-releases.s3.amazonaws.com/alexandria/alexandria-ear-1.0.0-SNAPSHOT.ear > > > >> > whirr.script.alexandria-server.config=configure_alexandria_server > > > >> > whirr.script.alexandria-server.config.params= > > > >> > > > > >> > > > > >> > # > > > >> > # Variables exported to generated functions script > > > >> > # > > > >> > whirr.env.alexAccessKeyId=${env:AWS_ACCESS_KEY_ID} > > > >> > whirr.env.alexSecretAccessKey=${env:AWS_SECRET_ACCESS_KEY} > > > >> > whirr.env.alexBucket=dev-alexandria > > > >> > > > > >> > cheers, > > > >> > Gerrit > > > >> > > > > >> > On Tue, Feb 21, 2012 at 1:18 AM, Andrei Savu < > [email protected] > > > > > > >> > wrote: > > > >> > > > > >> > > I see no script-ec2.properties attachment. Can you add that > > please? > > > >> > > > > > >> > > On Mon, Feb 20, 2012 at 10:27 PM, gerrit germis < > > > >> > [email protected] > > > >> > > >wrote: > > > >> > > > > > >> > > > Hi, > > > >> > > > > > > >> > > > I'm trying to launch a CentOS 6.2 AMI (ami-e792cba2) on EC2, > but > > > the > > > >> > > > instance fails to start claiming that it exhausted all > available > > > >> > > > authentication methods. If I create the instance through the > AWS > > > >> site > > > >> > > > directly, I can login with the "ec2-user" user and can sudo > > bash. > > > I > > > >> > tried > > > >> > > > some of the suggestions on > > > >> > > https://issues.apache.org/jira/browse/WHIRR-378but to no > avail.. > > > >> tried > > > >> > > several combinations of whirr.bootstrap-user and > > > >> > > > whirr.cluster-user. > > > >> > > > > > > >> > > > Attached you can find the recipe file used > > (script-ec2.properties) > > > >> and > > > >> > > the > > > >> > > > output I get (whirr.log) > > > >> > > > The custom service I use is attached as > > > >> "whirr-script-service-1.0.jar". > > > >> > > It > > > >> > > > allows to launch some scripts with some params during the > > > bootstrap > > > >> and > > > >> > > the > > > >> > > > config phases. It makes it easy to quickly try out setups... > > > >> > > > > > > >> > > > Thanks in advance for any insights into this issue > > > >> > > > > > > >> > > > Sincerely, > > > >> > > > Gerrit > > > >> > > > > > > >> > > > > > >> > > > > >> > > > > > > > > > > > > > >
