[Openstack] Can't ssh into instance

Anton Haldin ahaldin at griddynamics.com
Thu May 24 14:00:21 UTC 2012 

it can be an issue of openssh:

one more link
http://www.gossamer-threads.com/lists/openssh/dev/51483?do=post_view_threaded#51483


On Thu, May 24, 2012 at 5:48 PM, Anton Haldin <ahaldin at griddynamics.com>wrote:

> what you can try to do:
>     you can mount machine image and check /var/log/auth.log
>
> it can be kind of network issue
> for example like this one
> http://fixunix.com/ssh/74058-ssh-hang-after-ssh2_msg_kexinit-sent.html
> if so you can try to change net.ipv4.tcp_rmem
>
> nova-compute.log is looking fine.
>
>
> On Thu, May 24, 2012 at 5:30 PM, Leander Bessa Beernaert <
> leanderbb at gmail.com> wrote:
>
>> I've tried bot root and ubuntu as account names (ssh -i key.pem
>> root at 10.1.2.3 and  ssh -i key.pem ubuntu at 10.1.2.3) and the result is
>> still "Read from socket failed: Connection reset by peer"
>>
>> On Thu, May 24, 2012 at 2:27 PM, Anton Haldin <ahaldin at griddynamics.com>wrote:
>>
>>> I'm sorry Leander
>>> I did not note that you are using ubuntu and try to connect by using
>>> root account
>>>
>>> I thought it may be better to use ubuntu account.
>>> But in my machine when I was trying to use root account , ssh client
>>> told me about it.
>>>
>>>
>>> On Thu, May 24, 2012 at 5:19 PM, Anton Haldin <ahaldin at griddynamics.com>wrote:
>>>
>>>> I doubt you have desktop components on this host ( compute node) with
>>>> GUI.
>>>>
>>>> in this case you can check that file injection of ssh_key was
>>>> successfully in nova-compute.log
>>>>
>>>>
>>>> On Thu, May 24, 2012 at 5:13 PM, Leander Bessa Beernaert <
>>>> leanderbb at gmail.com> wrote:
>>>>
>>>>> I currently can't access the vnc console directly due to routing
>>>>> issues. The instances is running private ip's over on vlan and public ip
>>>>> over another vlan (the host machine only has 1 network interface). There is
>>>>> no routing information available to guide all traffic to the host machine,
>>>>> and the network administrator isn't around to set up the routing in our
>>>>> firewall at the moment.
>>>>>
>>>>>
>>>>> On Thu, May 24, 2012 at 2:04 PM, Anton Haldin <
>>>>> ahaldin at griddynamics.com> wrote:
>>>>>
>>>>>> it looks like OS was running successfully.
>>>>>>
>>>>>> if you have network access to this host ( compute node) you can to
>>>>>> try use vnc client to connect to your instance.
>>>>>> you can find port number  from libvirt.xml: virsh dumpxml
>>>>>> instance-0000....
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Thu, May 24, 2012 at 4:57 PM, Leander Bessa Beernaert <
>>>>>> leanderbb at gmail.com> wrote:
>>>>>>
>>>>>>>
>>>>>>> Complete log: http://paste.openstack.org/show/18144/
>>>>>>>
>>>>>>> On Thu, May 24, 2012 at 1:49 PM, Anton Haldin <
>>>>>>> ahaldin at griddynamics.com> wrote:
>>>>>>>
>>>>>>>> you can try to look in  console.log for this instance
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Thu, May 24, 2012 at 4:41 PM, Leander Bessa Beernaert <
>>>>>>>> leanderbb at gmail.com> wrote:
>>>>>>>>
>>>>>>>>> No, at the moment the vnc console isn't working yet. I haven't
>>>>>>>>> gotten that far yet.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Thu, May 24, 2012 at 1:29 PM, Anton Haldin <
>>>>>>>>> ahaldin at griddynamics.com> wrote:
>>>>>>>>>
>>>>>>>>>> t can be an issue on OS side in instance ?
>>>>>>>>>>
>>>>>>>>>> do you have vnc access for this instance?
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Thu, May 24, 2012 at 2:56 PM, Leander Bessa Beernaert <
>>>>>>>>>> leanderbb at gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>>> Hello,
>>>>>>>>>>>
>>>>>>>>>>> I'm having trouble sshing into the created instances. At first i
>>>>>>>>>>> was getting the following error:
>>>>>>>>>>>
>>>>>>>>>>> ssh -i testkey.pem root at 10.1.1.3 -v
>>>>>>>>>>>>
>>>>>>>>>>>> OpenSSH_5.9p1 Debian-5ubuntu1, OpenSSL 1.0.1 14 Mar 2012
>>>>>>>>>>>>
>>>>>>>>>>>> debug1: Reading configuration data /etc/ssh/ssh_config
>>>>>>>>>>>>
>>>>>>>>>>>> debug1: /etc/ssh/ssh_config line 19: Applying options for *
>>>>>>>>>>>>
>>>>>>>>>>>> debug1: Connecting to 10.1.1.3 [10.1.1.3] port 22.
>>>>>>>>>>>>
>>>>>>>>>>>> debug1: Connection established.
>>>>>>>>>>>>
>>>>>>>>>>>> debug1: identity file testkey.pem type -1
>>>>>>>>>>>>
>>>>>>>>>>>> debug1: identity file testkey.pem-cert type -1
>>>>>>>>>>>>
>>>>>>>>>>>> debug1: Remote protocol version 2.0, remote software version
>>>>>>>>>>>>> OpenSSH_5.8p1 Debian-7ubuntu1
>>>>>>>>>>>>
>>>>>>>>>>>> debug1: match: OpenSSH_5.8p1 Debian-7ubuntu1 pat OpenSSH*
>>>>>>>>>>>>
>>>>>>>>>>>> debug1: Enabling compatibility mode for protocol 2.0
>>>>>>>>>>>>
>>>>>>>>>>>> debug1: Local version string SSH-2.0-OpenSSH_5.9p1
>>>>>>>>>>>>> Debian-5ubuntu1
>>>>>>>>>>>>
>>>>>>>>>>>> debug1: SSH2_MSG_KEXINIT sent
>>>>>>>>>>>>
>>>>>>>>>>>> Read from socket failed: Connection reset by peer
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>> I then proceeded to reboot the machine and all it's services.
>>>>>>>>>>> However, now i can't even get that far. I'm alway faced with a connection
>>>>>>>>>>> refused.
>>>>>>>>>>>
>>>>>>>>>>> I've added the permissions for port 22 and icmp in the default
>>>>>>>>>>> security group and i'm also able to ping the instances.
>>>>>>>>>>>
>>>>>>>>>>> I'm using the openstack packages provided with ubuntu 12.04.
>>>>>>>>>>>
>>>>>>>>>>> Regards,
>>>>>>>>>>>
>>>>>>>>>>> Leander
>>>>>>>>>>>
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> Mailing list: https://launchpad.net/~openstack
>>>>>>>>>>> Post to     : openstack at lists.launchpad.net
>>>>>>>>>>> Unsubscribe : https://launchpad.net/~openstack
>>>>>>>>>>> More help   : https://help.launchpad.net/ListHelp
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120524/044906bd/attachment.html>

More information about the Openstack mailing list