Quick question, why does it not seem to matter whether I set ssh_private_key_file or not?
On Thursday, February 23, 2017 at 10:09:53 PM UTC, notmyrealname wrote: > > Wow! I knew it would be something dumb :-) > > Thanks a lot. > > On Thursday, February 23, 2017 at 8:52:16 AM UTC, Rickard von Essen wrote: >> >> Most likely it's because you have the first key loaded in you ssh agent. >> What's the printout of: >> >> ssh-add -l >> aws ec2 describe-key-pairs --output text >> >> On 22 February 2017 at 22:04, notmyrealname <[email protected]> >> wrote: >> >>> Hi Rickard. I just ran the build again, this time >>> with ssh_private_key_file set to the location of the key and unfortunately >>> it still failed (see log file >>> <https://gist.github.com/newtonne/014629e976326c7cd6365b54b82dfb48>). >>> Note that the build works for aws-key even if I don't >>> set ssh_private_key_file. >>> >>> On Wednesday, February 22, 2017 at 8:25:48 PM UTC, Rickard von Essen >>> wrote: >>>> >>>> When you set ssh_keypair_name to server_key you also have to update >>>> ssh_private_key_file. But from the logs it looks like you haven't done >>>> that. >>>> >>>> On 22 February 2017 at 20:11, notmyrealname <[email protected]> >>>> wrote: >>>> >>>>> Packer v0.12.2 >>>>> Mac OS X 10.11.6 >>>>> >>>>> As suggested, I've moved this from the Github issues page to here as >>>>> this is probably the best place for it. >>>>> >>>>> Here are my 2 AWS key pairs on the host machine with sensible >>>>> permissions: >>>>> >>>>> ls -l ~/.ssh | grep key >>>>> -rw-------@ server_key.pem >>>>> -rw-r--r-- server_key.pub >>>>> -rw-------@ aws-key.pem >>>>> -rw-r--r-- aws-key.pub >>>>> >>>>> Here they are existing in AWS: >>>>> >>>>> aws ec2 describe-key-pairs >>>>> { >>>>> "KeyPairs": [ >>>>> { >>>>> "KeyName": "server_key", >>>>> "KeyFingerprint": "xxxxxxxxxx" >>>>> }, >>>>> { >>>>> "KeyName": "aws-key", >>>>> "KeyFingerprint": "xxxxxxxxxx" >>>>> } >>>>> ] >>>>> } >>>>> >>>>> The build part of my packer.json. The ami is stock ubuntu. >>>>> >>>>> { >>>>> "variables": { >>>>> "env": null >>>>> }, >>>>> "builders": [{ >>>>> "type": "amazon-ebs", >>>>> "region": "eu-west-1", >>>>> "source_ami": "ami-98ecb7fe", >>>>> "instance_type": "t2.micro", >>>>> "ssh_username": "ubuntu", >>>>> "ssh_agent_auth": true, >>>>> "ssh_keypair_name": "aws-key", >>>>> "ami_name": "{{user `env`}}-server-{{isotime >>>>> \"2006-01-02_15-04-05\"}}", >>>>> "run_tags": {"Name": "{{user `env`}}-server"}, >>>>> "run_volume_tags": {"Name": "{{user `env`}}-server"} >>>>> }] >>>>> } >>>>> >>>>> Everything runs fine when I set "ssh_keypair_name": "aws-key" (full >>>>> log >>>>> <https://gist.github.com/newtonne/be9c1bf107eadf3e5ff1daad2a4f18be>) >>>>> >>>>> 2017/02/21 19:54:04 ui: ==> amazon-ebs: Using SSH Agent for existing key >>>>> pair aws-key >>>>> ==> amazon-ebs: Using SSH Agent for existing key pair aws-key >>>>> 2017/02/21 19:54:04 ui: ==> amazon-ebs: Creating temporary security group >>>>> for this instance... >>>>> ... >>>>> ... >>>>> 2017/02/21 19:54:21 ui: ==> amazon-ebs: Waiting for SSH to become >>>>> available... >>>>> ==> amazon-ebs: Waiting for SSH to become available... >>>>> 2017/02/21 19:54:36 packer: 2017/02/21 19:54:36 [DEBUG] TCP connection to >>>>> SSH ip/port failed: dial tcp 34.249.20.107:22: i/o timeout >>>>> 2017/02/21 19:54:41 packer: 2017/02/21 19:54:41 [DEBUG] TCP connection to >>>>> SSH ip/port failed: dial tcp 34.249.20.107:22: getsockopt: connection >>>>> refused >>>>> 2017/02/21 19:54:46 packer: 2017/02/21 19:54:46 [INFO] Attempting SSH >>>>> connection... >>>>> 2017/02/21 19:54:46 packer: 2017/02/21 19:54:46 reconnecting to TCP >>>>> connection for SSH >>>>> 2017/02/21 19:54:46 packer: 2017/02/21 19:54:46 handshaking with SSH >>>>> 2017/02/21 19:54:46 packer: 2017/02/21 19:54:46 handshake complete! >>>>> 2017/02/21 19:54:46 packer: 2017/02/21 19:54:46 opening new ssh session >>>>> 2017/02/21 19:54:47 packer: 2017/02/21 19:54:47 [INFO] agent forwarding >>>>> enabled >>>>> 2017/02/21 19:54:47 ui: ==> amazon-ebs: Connected to SSH! >>>>> >>>>> However, for any new keys that I create and then set as my >>>>> "ssh_keypair_name" (in this case "server_key"), I get the following ssh >>>>> authentication error: (full log >>>>> <https://gist.github.com/newtonne/0c2ed30182e058fcac18f2217f21c494>) >>>>> >>>>> 2017/02/21 19:50:59 ui: ==> amazon-ebs: Using SSH Agent for existing key >>>>> pair server_key >>>>> 2017/02/21 19:50:59 ui: ==> amazon-ebs: Creating temporary security group >>>>> for this instance... >>>>> ==> amazon-ebs: Using SSH Agent for existing key pair server_key >>>>> ... >>>>> ... >>>>> 2017/02/21 19:51:16 ui: ==> amazon-ebs: Waiting for SSH to become >>>>> available... >>>>> ==> amazon-ebs: Waiting for SSH to become available... >>>>> 2017/02/21 19:51:31 packer: 2017/02/21 19:51:31 [DEBUG] TCP connection to >>>>> SSH ip/port failed: dial tcp 34.251.38.229:22: i/o timeout >>>>> 2017/02/21 19:51:39 packer: 2017/02/21 19:51:39 [DEBUG] TCP connection to >>>>> SSH ip/port failed: dial tcp 34.251.38.229:22: getsockopt: connection >>>>> refused >>>>> 2017/02/21 19:51:44 packer: 2017/02/21 19:51:44 [DEBUG] TCP connection to >>>>> SSH ip/port failed: dial tcp 34.251.38.229:22: getsockopt: connection >>>>> refused >>>>> 2017/02/21 19:51:49 packer: 2017/02/21 19:51:49 [INFO] Attempting SSH >>>>> connection... >>>>> 2017/02/21 19:51:49 packer: 2017/02/21 19:51:49 reconnecting to TCP >>>>> connection for SSH >>>>> 2017/02/21 19:51:49 packer: 2017/02/21 19:51:49 handshaking with SSH >>>>> 2017/02/21 19:51:50 packer: 2017/02/21 19:51:50 handshake error: ssh: >>>>> handshake failed: ssh: unable to authenticate, attempted methods >>>>> [publickey none], no supported methods remain >>>>> 2017/02/21 19:51:50 packer: 2017/02/21 19:51:50 [DEBUG] SSH handshake >>>>> err: ssh: handshake failed: ssh: unable to authenticate, attempted >>>>> methods [publickey none], no supported methods remain >>>>> 2017/02/21 19:51:50 packer: 2017/02/21 19:51:50 [DEBUG] Detected >>>>> authentication error. Increasing handshake attempts. >>>>> 2017/02/21 19:51:57 packer: 2017/02/21 19:51:57 [INFO] Attempting SSH >>>>> connection... >>>>> 2017/02/21 19:51:57 packer: 2017/02/21 19:51:57 reconnecting to TCP >>>>> connection for SSH >>>>> 2017/02/21 19:51:57 packer: 2017/02/21 19:51:57 handshaking with SSH >>>>> 2017/02/21 19:51:57 packer: 2017/02/21 19:51:57 handshake error: ssh: >>>>> handshake failed: ssh: unable to authenticate, attempted methods [none >>>>> publickey], no supported methods remain >>>>> 2017/02/21 19:51:57 packer: 2017/02/21 19:51:57 [DEBUG] SSH handshake >>>>> err: ssh: handshake failed: ssh: unable to authenticate, attempted >>>>> methods [none publickey], no supported methods remain >>>>> 2017/02/21 19:51:57 packer: 2017/02/21 19:51:57 [DEBUG] Detected >>>>> authentication error. Increasing handshake attempts. >>>>> >>>>> >>>>> Also, whilst the instance is up, I am able to SSH into it (note that >>>>> the IP address is different to the above failed log as it was a different >>>>> failed build): >>>>> >>>>> >>>>> ssh [email protected] -i ~/.ssh/server_key.pem >>>>> The authenticity of host '34.250.136.97 (34.250.136.97)' can't be >>>>> established. >>>>> ECDSA key fingerprint is xxxxxx. >>>>> Are you sure you want to continue connecting (yes/no)? yes >>>>> Warning: Permanently added '34.250.136.97' (ECDSA) to the list of known >>>>> hosts. >>>>> Welcome to Ubuntu 16.04.1 LTS (GNU/Linux 4.4.0-62-generic x86_64) >>>>> >>>>> * Documentation: https://help.ubuntu.com >>>>> * Management: https://landscape.canonical.com >>>>> * Support: https://ubuntu.com/advantage >>>>> >>>>> Get cloud support with Ubuntu Advantage Cloud Guest: >>>>> http://www.ubuntu.com/business/services/cloud >>>>> >>>>> 0 packages can be updated. >>>>> 0 updates are security updates. >>>>> >>>>> >>>>> Any idea what's going on here or what I could try? >>>>> >>>>> Thanks. >>>>> >>>>> -- >>>>> This mailing list is governed under the HashiCorp Community Guidelines >>>>> - https://www.hashicorp.com/community-guidelines.html. Behavior in >>>>> violation of those guidelines may result in your removal from this >>>>> mailing >>>>> list. >>>>> >>>>> GitHub Issues: https://github.com/mitchellh/packer/issues >>>>> IRC: #packer-tool on Freenode >>>>> --- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "Packer" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to [email protected]. >>>>> To view this discussion on the web visit >>>>> https://groups.google.com/d/msgid/packer-tool/fec75b8a-4223-4275-adb7-38dfc22b057a%40googlegroups.com >>>>> >>>>> <https://groups.google.com/d/msgid/packer-tool/fec75b8a-4223-4275-adb7-38dfc22b057a%40googlegroups.com?utm_medium=email&utm_source=footer> >>>>> . >>>>> For more options, visit https://groups.google.com/d/optout. >>>>> >>>> >>>> -- >>> This mailing list is governed under the HashiCorp Community Guidelines - >>> https://www.hashicorp.com/community-guidelines.html. Behavior in >>> violation of those guidelines may result in your removal from this mailing >>> list. >>> >>> GitHub Issues: https://github.com/mitchellh/packer/issues >>> IRC: #packer-tool on Freenode >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "Packer" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/packer-tool/c7172e5d-4dce-4904-b32c-efd1b7aa981f%40googlegroups.com >>> >>> <https://groups.google.com/d/msgid/packer-tool/c7172e5d-4dce-4904-b32c-efd1b7aa981f%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/mitchellh/packer/issues IRC: #packer-tool on Freenode --- You received this message because you are subscribed to the Google Groups "Packer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/f9007084-c59d-47eb-a4a2-acf15f35cbc7%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
