Forums | Admin Discussion Forums: help Start New Thread Nested Flat Threaded Ultimate Show 25 Show 50 Show 75 Show 100   By: Frederic Donnat RE: trouble with keypair / private key [ reply ]   2012-01-26 11:08 Hi Mike, It's quite difficult to debug your issue without the full logs of the scripts or being able analyse created volume, etc.. (for example to mount the volume from the launched instance from the new AMI). Is there a way that you share your original AMI (or a clean copy of it), so that we can internally test and reproduce the problem? Regards, Fred By: mike snyder RE: trouble with keypair / private key [ reply ]   2012-01-18 23:55 Upon launching the copied AMI in the new region, I am unable to hit port 22, and the instance status checks are failing. oh no! By: mike snyder RE: trouble with keypair / private key [ reply ]   2012-01-18 23:25 I'm actually getting a copy of the AMI in the new region, but not a graceful script exit. I have not tested the new AMI yet either. 0: new progress message = instance i-06a6db36 is terminated 0: new progress message = going to delete volume vol-a11fc8ca (no longer needed)... D, [2012-01-18T15:22:21.768550 #28265] DEBUG -- : delete volume vol-a11fc8ca state change notification: new state = FailedState (terminated) W, [2012-01-18T15:22:22.011330 #28265] WARN -- : StateMachine exception during execution: Volume vol-a11fc8ca is currently attached to i-06a6db36 W, [2012-01-18T15:22:22.011437 #28265] WARN -- : /usr/lib/ruby/gems/1.8/gems/amazon-ec2-0.9.17/lib/AWS.rb:365:in `aws_error?' /usr/lib/ruby/gems/1.8/gems/amazon-ec2-0.9.17/lib/AWS.rb:300:in `make_request' /usr/lib/ruby/1.8/net/http.rb:543:in `start' /usr/lib/ruby/gems/1.8/gems/amazon-ec2-0.9.17/lib/AWS.rb:274:in `make_request' /usr/lib/ruby/gems/1.8/gems/amazon-ec2-0.9.17/lib/AWS.rb:324:in `response_generator' /usr/lib/ruby/gems/1.8/gems/amazon-ec2-0.9.17/lib/AWS/EC2/volumes.rb:47:in `delete_volume' /usr/lib/ruby/gems/1.8/gems/CloudyScripts-2.14.50/lib/help/state_transition_helper.rb:430:in `delete_volume' /usr/lib/ruby/gems/1.8/gems/CloudyScripts-2.14.50/lib/scripts/ec2/copy_ami.rb:270:in `enter' /usr/lib/ruby/gems/1.8/gems/CloudyScripts-2.14.50/lib/help/script_execution_state.rb:37:in `start_state_machine' /usr/lib/ruby/gems/1.8/gems/CloudyScripts-2.14.50/lib/scripts/ec2/ec2_script.rb:64:in `start_script' ./splunk_copy_ami.rb:125:in `run' ./splunk_copy_ami.rb:141 == > Results of Copy AMI: true New AMI ID: ami-4a41cc7a done in 1141s By: Frederic Donnat RE: trouble with keypair / private key [ reply ]   2012-01-18 14:28 Hi Mike, Sorry for the delay answering you. It sounds like the private key problem for SSH is related to the Operating system or the ruby installation. Could you please provide us the full logs? In fact after preparing the everything in the source region, we are launching an Helper AMI in the target region (for copying volume, etc...). The sample script doest not support all regions as you could see. Could you check that the region is supported? I have just commited an updated sample_copy_ami script. /fred By: mike snyder RE: trouble with keypair / private key [ reply ]   2012-01-17 17:48 It's 'just working' on Fedora in regards to the ssh keys. Gave up on the mac. I'm looking into some other issues. It's not finding my AMI after the state goes to SourceVolumeReadyState By: mike snyder RE: trouble with keypair / private key [ reply ]   2012-01-16 16:48 I just re-installed cloudy scripts, (as I was mucking with things) , and I just noticed a different error message. I, [2012-01-16T08:45:00.004929 #7675] INFO -- : connecting using keydata I, [2012-01-16T08:45:00.005216 #7675] INFO -- : connection failed due to invalid option(s): key_data D, [2012-01-16T08:45:00.005501 #7675] DEBUG -- : /Library/Ruby/Gems/1.8/gems/CloudyScripts-2.14.50/lib/help/state_transition_helper.rb:62:in `connect' Same permissions and inputs as before. -> invalid option(s): key_data, we had a connection due to root before . I must be a support nightmare! By: mike snyder RE: trouble with keypair / private key [ reply ]   2012-01-16 16:33 Tried 500 too (read only by mike), forgot to list that. By: mike snyder RE: trouble with keypair / private key [ reply ]   2012-01-16 16:26 That was a nice glimmer of hope. The file is owned by me (mike), permissions were at 700 I tried read/x only (555) I tried 777 I even tried to run my script as root. same problem. The keypair does belong to the root user on the instance I'm looking to copy. I still hadn't tried making a key for a non root user. I'll try that and let you know how it goes. I appreciate your ongoing help. This does seem like a really cool script once things are moving. By: Frederic Donnat RE: trouble with keypair / private key [ reply ]   2012-01-16 10:36 Hi Mike, I could reproduce the same error while running a simple ruby program (for a Net::SSH.start()) on my debian as a non-root user while my private key as root read-only permission. Could you check that the user running CloudyScripts sample as read-only permission on the private key file? By: mike snyder RE: trouble with keypair / private key [ reply ]   2012-01-13 22:46 Thanks for noticing my Net::SSH version issues :) . >> Net::SSH::Version::CURRENT => #<Net::SSH::Version:0x101210000 @to_s="2.0.4", @tiny=4, @minor=0, @major=2> I am using a pem file, downloaded from the AWS console. I have proper RSA header and footer. This is on my mac, soon also on Ubuntu. Darwin macslavebox.local 10.8.0 Darwin Kernel Version 10.8.0: Tue Jun 7 16:33:36 PDT 2011; root:xnu-1504.15.3~1/RELEASE_I386 i386 ruby 1.8.7 (2009-06-12 patchlevel 174) [universal-darwin10.0] Here's the debug output : I, [2012-01-13T14:45:13.140980 #4265] INFO -- : connecting using keyfile E, [2012-01-13T14:45:13.970298 #4265] ERROR -- net.ssh.authentication.session[8180c9d4]: all authorization methods failed (tried publickey, hostbased, password, keyboard-interactive) I, [2012-01-13T14:45:13.970742 #4265] INFO -- : connection failed due to root D, [2012-01-13T14:45:13.970959 #4265] DEBUG -- : /Library/Ruby/Gems/1.8/gems/CloudyScripts-2.14.50/lib/help/state_transition_helper.rb:52:in `connect' due to root? I know it's not best practice to login as root, but I didn't think the module would deny it. I think I will try it with a non root key. By: Frederic Donnat RE: trouble with keypair / private key [ reply ]   2012-01-13 13:12 Hi Mike, First of all, thanks for using CloudyScripts and helping us to improve it. If I understand well, you have an issue while connecting to the instance using an RSA private key. In fact this is running on Cloudy_Scripts (https://cloudyscripts.com) Website for more than one year without problem. We are using net-ssh > v2.0.x ruby gem. here is the doc: http://net-ssh.github.com/ssh/v2/api/ Could you please consider updating to a net-ssh v2.0.x ruby gem in not already done? Could you also check that your key file is a PEM formatted file containing an RSA private key? In order to do so, just edit the file and verify that: - it does not contain the text part of the key - it begins with "-----BEGIN RSA PRIVATE KEY-----" and ends with "-----END RSA PRIVATE KEY-----" If this does not solve the problem could you provide us some logs or more informations, on the version of CloudyScripts you are using, the OperatingSystem, the version of Net-SSH and ruby? Regards, Fred By: mike snyder trouble with keypair / private key [ reply ]   2012-01-12 16:38 Using the sample_copy_ami script, I've filled out my own parameters, and the script cannot seem to authenticate with the private key I've provided. Using ssh with -i to include the RSA keyfile works like a champ. is there a problem with RSA specifically? Also, I checked rubydoc Net::SSH manual. and the way you're using Net:SSH.open looks fishy in the key_data use case. @ssh_session = Net::SSH.start(ip, user, :key_data => [key_data], :timeout => timeout, :verbose => :warn) According to http://net-ssh.github.com/ssh/v1/chapter-2.html , that key_data does not even look like a valid parameter. Any suggestions? did I miss a readme somewhere?