|
Discussion Forums
|
Thread: CentOS 5, ID# ami-07ca2f6e, can not SSH in
 |
This question is not answered.
Helpful answers available: 0.
Correct answers available: 1.
|
|
|
|
Replies:
4
-
Pages:
1
-
Last Post:
Jan 17, 2008 1:18 AM
by: Eden@AWS
|
|
|
Posts:
36
Registered:
1/1/08
|
|
|
|
CentOS 5, ID# ami-07ca2f6e, can not SSH in
Posted:
Jan 16, 2008 1:23 PM PST
|
|
|
Has anybody used this image? I'm having endless troubles installing CentOS5 locally to package and send up to EC2; and there's no CentOS5 image other than this.
I started an instance, and tried to SSH in; but I can't get in - it asks for a password, even with the key provided. I have no idea what to put.
Does anybody know what I should be using here?
|
|
Posts:
36
Registered:
1/1/08
|
|
|
Posts:
633
Registered:
3/24/06
|
|
|
|
Re: CentOS 5, ID# ami-07ca2f6e, can not SSH in
Posted:
Jan 17, 2008 12:10 AM PST
in response to: Elliott Cable
|
 |
Helpful |
|
|
We have been making our CentOS 5 RightImages available for a long time including scripts to automatically build them. Please see
http://info.rightscale.com/2007/10/23/64-bit-centos5-image-release for more info. If there's something wrong with our images, please let us know and we'll be glad to fix.
Thorsten - www.rightscale.com
|
|
Posts:
36
Registered:
1/1/08
|
|
|
|
Re: CentOS 5, ID# ami-07ca2f6e, can not SSH in
Posted:
Jan 17, 2008 12:52 AM PST
in response to: Thorsten von Ei...
|
|
|
I actually started with your images, but they are configured a bit odd if I remember rightly. That was a while back though, at least as far as my two-day-maximum memory is concerned. I've gotten to the point where I just installed the 100% absolute base minimum CentOS5 install on a virtual machine on my personal computer, and am now uploading it to S3. I'm no good at this, but I think I got it right this time; hopefully, I can finally start setting up my development server without having to terminate the instance (and lose all my work).
I'm not marking this question as answered, because it's not - but it's no longer relevant to my situation. If you answer it, I'll mark the response as such; but I personally don't need the answer any more.
|
|
Posts:
75
Registered:
1/5/07
|
|
|
|
Re: CentOS 5, ID# ami-07ca2f6e, can not SSH in
Posted:
Jan 17, 2008 1:18 AM PST
in response to: Elliott Cable
|
|
Helpful |
|
|
You cannot connect via SSH with a private key most likely because you have not installed the public key "gsg-keypair" with which you launched the instance in the set of authorized_keys.
If looked at the startup scripts that run in an instance of a typical EC2 AMI you will notice that a script called /usr/local/sbin/get-credentials.sh gets run which fetches and installs in the authorized_keys file the public key the instance was launched with so that you can login with a public key. Take a look at that and add such functionality. Hope that helps.
________________________
For your convenience, variants of the scripts are reproduced below:
[root@domU-12-31-36-00-36-03 ~]# cat /etc/rc.local
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.
touch /var/lock/subsys/local
# Get your chosen keypair credentials
/usr/local/sbin/get-credentials.sh
[root@domU-12-31-36-00-36-03 ~]# cat /usr/local/sbin/get-credentials.sh
#!/bin/bash
# Retreive the credentials from relevant sources.
# Fetch any credentials presented at launch time and add them to
# root's public keys
PUB_KEY_URI=http://169.254.169.254/1.0/meta-data/public-keys/0/openssh-key
PUB_KEY_FROM_HTTP=/tmp/openssh_id.pub
PUB_KEY_FROM_EPHEMERAL=/mnt/openssh_id.pub
ROOT_AUTHORIZED_KEYS=/root/.ssh/authorized_keys
# We need somewhere to put the keys.
if [ ! -d /root/.ssh ] ; then
mkdir -p /root/.ssh
chmod 700 /root/.ssh
fi
# Fetch credentials...
# First try http
curl --retry 3 --retry-delay 0 --silent --fail -o $PUB_KEY_FROM_HTTP $PUB_KEY_URI
if [ $? -eq 0 -a -e $PUB_KEY_FROM_HTTP ] ; then
if ! grep -q -f $PUB_KEY_FROM_HTTP $ROOT_AUTHORIZED_KEYS
then
cat $PUB_KEY_FROM_HTTP >> $ROOT_AUTHORIZED_KEYS
echo "New key added to authrozied keys file from parameters"|logger -t "ec2"
fi
chmod 600 $ROOT_AUTHORIZED_KEYS
rm -f $PUB_KEY_FROM_HTTP
elif [ -e $PUB_KEY_FROM_EPHEMERAL ] ; then
# Try back to ephemeral store if http failed.
# NOTE: This usage is deprecated and will be removed in the future
if ! grep -q -f $PUB_KEY_FROM_EPHEMERAL $ROOT_AUTHORIZED_KEYS
then
cat $PUB_KEY_FROM_EPHEMERAL >> $ROOT_AUTHORIZED_KEYS
echo "New key added to authrozied keys file from ephemeral store"|logger -t "ec2"
fi
chmod 600 $ROOT_AUTHORIZED_KEYS
chmod 600 $PUB_KEY_FROM_EPHEMERAL
fi
if [ -e /mnt/openssh_id.pub ] ; then
if ! grep -q -f /mnt/openssh_id.pub /root/.ssh/authorized_keys
then
cat /mnt/openssh_id.pub >> /root/.ssh/authorized_keys
echo "New key added to authrozied keys file from ephemeral store"|logger -t "ec2"
fi
chmod 600 /root/.ssh/authorized_keys
fi
|
|
|
|
Sign in to the AWS Management Console
Create an AWS Account
