Streisand: SSH key not accepted on Amazon AWS

Created on 1 Mar 2017  Â·  6Comments  Â·  Source: StreisandEffect/streisand

I'm trying to spin up a new Streisand instance on Amazon, but the install fails at the step where the setup process tries to connect to the new instance via SSH.

TASK [Wait for cloud-init to complete] *************
fatal: [52.39.161.141]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Warning: Permanently added '52.39.161.141' (ECDSA) to the list of known hosts.\r\nPermission denied (publickey).\r\n", "unreachable": true}
to retry, use: --limit @/home/ubuntu/streisand/playbooks/amazon.retry

  • I can verify that the instance has been created through the AWS web management platform.
  • I can verify that the SSH key is present in ~/.ssh/id_rsa.pub
  • I cannot directly connect to the instance via SSH from the machine that is running the setup program

Per other suggestions, I extended the wait time at the problem step from 90 to 300 seconds and this did not help. I've tried to run the setup from a number of difference linux machines and in different networks, all resulting in the same error. Using --limit @/home/ubuntu/streisand/playbooks/amazon.retry to retry did not solve the problem.

areprovisioning aressh provideamazon statuinformation-needed

Most helpful comment

If you have the key file associated with the AWS instance, just add the following options to the inventory file:

ansible_ssh_private_key_file=path of the .pem file associated with the instance

replace
ansible_user=ubuntu with ansible_ssh_user=ubuntu

save and run the playbook again. it should continue with the installation

All 6 comments

If you have the key file associated with the AWS instance, just add the following options to the inventory file:

ansible_ssh_private_key_file=path of the .pem file associated with the instance

replace
ansible_user=ubuntu with ansible_ssh_user=ubuntu

save and run the playbook again. it should continue with the installation

@timXTM - Have you had a chance to try @blizzbhaller's suggestions? Were they effective?

Not yet. Will try this weekend. Thanks for the tip!

Tim

On Fri, Apr 7, 2017 at 9:29 AM, Daniel McCarney notifications@github.com
wrote:

@timXTM https://github.com/timXTM - Have you had a chance to try
@blizzbhaller https://github.com/blizzbhaller's suggestions? Were they
effective?

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/jlund/streisand/issues/529#issuecomment-292390769,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AS2dYbcx1sRly0PhlaZDCjZnEm5rYqSnks5rtZFugaJpZM4MPS9A
.

--
Tim Sietman
习天明
Phone (China): 136-3291-5001
Phone (US): 1-937-490-9846

@blizzbhaller Thanks for this solution. It was exactly what I was looking for.

I'd love to see some documentation of this in the ansible.cfg and inventory files.

My use case was running the Ansible playbook on a Lightsail VM, which requires a .pem file to connect, or at least that was the quickest solution I could think of without changing SSH settings or something.

I had the same problem: try deleting old keys, and creating a new ssh key, as per the streisand manual instructions, in the ~/.ssh/ folder. There should be two files generated: ~/.ssh/id_rsa.pub and ~/.ssh/id_rsa.pub.pub. It worked for me after that.

It seems like there isn't any action for the project to take right now based on the latest comments in this issue, so I'm going to close this issue. If you think there is a process or documentation improvement to be made related to this problem please open a new issue describing the work required (or even better, submit a PR!). Thanks!

Was this page helpful?
0 / 5 - 0 ratings

Related issues

obilodeau picture obilodeau  Â·  4Comments

juneyao picture juneyao  Â·  6Comments

Lexy2 picture Lexy2  Â·  5Comments

dandaka picture dandaka  Â·  4Comments

Vonkenator picture Vonkenator  Â·  5Comments