Welcome to the Linux Foundation Forum!

unable to ssh -i LFD459.pem student@WW.XX.YY.ZZ

arun_subbaramu@lf259-ckad-6555:~$ ssh -i LFD459.pem student@WW.XX.YY.ZZ
41
Warning: Identity file LFD459.pem not accessible: No such file or direc
tory.
The authenticity of host 'WW.XX.YY.ZZ1 (WW.XX.YY.ZZ)' can't be estab
lished.
ECDSA key fingerprint is SHA256:zYacXvFcicc5zscyGfWx8mo0LRabEQg52inkH9A
r960.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'WW.XX.YY.ZZ' (ECDSA) to the list of known
hosts.
Permission denied (publickey)

Need to help to setup the cluster.

Any pointers greatly appreciated.

Comments

  • should we generate the .pem file and sudo to student.

  • Hi,
    You may create your own public/private key pair to use as an identification method when logging in to your cloud instances, together with the desired user account.

    Regards,
    -Chris

  • Hi,

    I have created a public/private key pair to use as an identification to log into cloud instances, and also the student user account.

    but i am unable to sudo to student. Like i am little confused not sure if i am missing someting.

    Thanks,
    Arun

  • The student user account was created only to demonstrate the lab exercise for this course. Any user account should be ok, as long as it is configured for sudo.

    Regards,
    -Chris

  • Thanks Chris, was able to sort out the issue.

  • Ryan-Chase
    Ryan-Chase Posts: 12
    edited March 2020

    @chrispokorni said:
    The student user account was created only to demonstrate the lab exercise for this course. Any user account should be ok, as long as it is configured for sudo.

    Regards,
    -Chris

    @chrispokorni When you say that the user account must be configured for sudo do you mean on our local machine or on the cloud instance? Can you give an example of how we should do this? I don't believe this is communicated in the instructions...

    Thanks.

  • serewicz
    serewicz Posts: 1,000

    Hello,

    The lab exercises will mostly be run as a non-root user. Some commands will require elevated privileges. These commands will use sudo to elevate the privilege. If you are using GCE nodes, and followed the setup video, there should already be a user named "student" who has sudo ability.

    If you are using some other type of instance for the labs, you may need to configure sudo for your non-root user. These steps may help: https://digitalocean.com/community/tutorials/how-to-create-a-new-sudo-enabled-user-on-ubuntu-18-04-quickstart

    Regards,

  • Ryan-Chase
    Ryan-Chase Posts: 12
    edited March 2020

    @serewicz
    I followed the instructions to set up the GCE nodes. I created my own ssh key following the process in Creating a new SSH key (Note that I did not run the ssh-keygen command with sudo), then pasted the .pub key into my VM instance under "SSH Keys":

    ...Is there something else I need to do?

    Thanks,
    Ryan

  • serewicz
    serewicz Posts: 1,000

    Nope, that is perfect. You'll note on the left there is the word "student". Google uses this information to inject a user on your behalf. This will be the login to use. The suggested Ubuntu 18.04 instance includes sudo for this injected user. You should be able to run the labs as listed.

    Please paste the commands and errors you receive if the first part of the lab does not work.

    Regards,

  • @serewicz

    I'm still unable to connect. I'm running the command, ssh -i /Users/ryanchase/.ssh/LFD259-SSH-KEY student@35.225.34.64, and I'm positive that the key I'm referencing is the key associated with the .pub keyfile that I pasted into the SSH Keys field of my GCE instance (I even removed the keys are created new ones...and also deleted everything in ~/.ssh/known_hosts). I'm getting the error, student@35.225.34.64: Permission denied (publickey).

  • serewicz
    serewicz Posts: 1,000

    Hello,

    When you copied and pasted the key into the GCE console, were you using Microsoft Notepad? Microsoft has a different version of ASCII than everyone else so the characters may not be the same. As well they will put end of line characters in when there shouldn't be any. Go one line at a time and copy-paste without whitespace and see if that makes a difference.

    Second check that you have all ports opened. Nothing blocking port 22, or other ports.

    Third, generate a new set of keys. Ensure the key has the proper permission and try again.

    As an FYI, when I just tried to go to that IP it does not show as up. May be you already took it down, just letting you know what I see.

    Regards,

  • serewicz
    serewicz Posts: 1,000

    Also, did you change the names of the key you're using? You'd be using_ .pem_ as part of the ssh command.

  • Hi @serewicz

    I was able to solve the issue. I believe the issues I was facing were due to the GCP Organization my project was created under which has enforcers in place to restrict incoming traffic. I recreated a different project under a different GCP Org and used the same keys and it's working.

    Thanks for your help.
    Ryan

Categories

Upcoming Training