Access via ssh (puTTY)

dreamcompute

#1

This is my first day with DreamCompute. Sounds like exactly what I have been looking for. I am confused on how to connect via ssh. I created the ssh keypair on my local CentOS server and posted the public to my instance on DreamCompute. I am trying to connect via ssh with this command from my local CentOS machine:

ssh -i cloud.key root@(ip.address)

I get this error:
reverse mapping checking getaddrinfo for miaaromas.ca [ip.address] failed - POSSIBLE BREAK-IN ATTEMPT!
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

Thank you in advance for helping me get over this bump in the road.


#2

Thanks for choosing DreamCompute! It looks like you are very close to the right command. Please make sure to use “dhc-user” for all of the operating system images (except coreos) for those initial logins. From there you can “sudo su -” to become root and do what you need.

The reverse mapping error is odd, but could be just a reverse dns issue. If it continues after the first login let us know via a support ticket and we can see about fixing up the reverse dns for you.


#3

hi there,

one thing pops up is that the ssh command should be:

$ ssh -i cloud.key dhc-user@$IP

not root@. But that wouldn’t cause the issue you’re seeing. Did you create a DNS entry for the $IP address of the DreamCompute server? Where/how did you do that? The domain miaaromas.ca doesn’t resolve on my machine so I don’t understand where that comes from. Maybe if you share the IP address you’re referring to we can help you out… IP addresses are public anyway, there is no strong reason not to advertise them.


#4

Thanks so much for the fast reply. I was able to fix most of the problem by following these instructions from Red Hat:

https://access.redhat.com/solutions/83933

Now I am getting this error:

[pms1@linux1 ~]$ ssh -i cloud.key dhc-user@208.113.128.122
Permission denied (publickey).

Something is wrong with my keypair. The private key is on linux1. I added the public key to linux5. Maybe I corrupted the public key. I will import it again, if I can figure out how.
[hr]

I have created a DNS A record for linux5.pm-systems.com pointing to this IP address. I also changed the hostname in CentOS to linux5.pm-systems.com.

I have re-imported the cloud.key.pub from our linux1 server, this time including the user@linux1.beausanders.org user name on the end. I still cannot log in remotely except through the dashboard console which is not going to be a long term solution. Please advise on what to do next. Thanks.


#5

one thing at the time…

The private key needs to be on the same machine where the ssh command is being issued from. If you ssh from pms1@linux1 then the cloud.key file needs to be on linux1. The content of the corresponding public key (whose default filename is cloud.key.pub) needs to be copied in the virtual server before the server boots. You can look at this screencast to get an idea of how to do this http://demo-uploads.objects.dreamhost.com/QuickLaunch.mp4

If you have started a cloud server but you either forgot to add a keypair to it or you have created a new keypair meanwhile, or you suspect the keypair is not working you need restart: there is no way to inject a new key into a running virtual server.

Try again, destroy the virtual machine and create a new one making sure you assign the existing keypair to it. You can use the Quick Launch panel, it’s much faster.

Remember that the IP address will likely change… I suggest you to get familiar with SSH first and then do the hostname part.


#6

All good advice. Thank you. I missed some instructions yesterday. Is the use of the “cloud.key” mandatory? How do I deactivate the key pair feature if I just want to use passwords?


#7

I personally advice against using passwords. Really: passwords are a relict of the '60s and are extremely inconvenient to remember… Think about it: you will probably have tens or more of computers, common sense says you should not use the same passwords… so you’ll soon have to remember tens or more of passwords. Insane.

SSH and its crypto keys are extremely convenient and while it takes a little to get used to them, the investment in learning pays off very quickly. Think of it this way: you generate one keypair (one private key and its corresponding public one) with simple commands (instructions for putty. You create one (1) single password for that key. You keep you private key private and put the public key in as many servers as you want… From then on, all you need to remember to login into all those servers is the password of your private key… and maybe not even that one if you use ssh-agent (an advanced topic :)).

Do yourself a favor and learn to use SSH and manage the keys: your future self will thank you later.


#8

Thank you for your help.


#9

I followed your instructions, created a new CentOS6 instance, imported the public key from my local machine, and after the instance was spawned, I attempted to connect remotely using the exact syntax in your video:

[pms1@linux1 .ssh]$ ssh -i cloud.key dhc-user@208.113.129.32
ssh: connect to host 208.113.129.32 port 22: Connection refused
[pms1@linux1 .ssh]$

This is starting to approach frustrating. I have worked with Linux servers for years and never had any trouble connecting remotely. There is something different going on here. I will keep digging.

Thank you again for your help.


#10

That’s strange … The machine is up and port 22 open and I can connect via ssh (although I cannot login, obviously).

[code]~$ nmap -p 22 208.113.129.32

Starting Nmap 6.47 ( http://nmap.org ) at 2016-05-11 14:44 PDT
Nmap scan report for ip-208-113-129-32.dreamhost.com (208.113.129.32)
Host is up (0.094s latency).
PORT STATE SERVICE
22/tcp open ssh[/code]

~$ ssh dhc-user@208.113.129.32
The authenticity of host '208.113.129.32 (208.113.129.32)' can't be established.
RSA key fingerprint is SHA256:mTLYxH4PxJzXr2zMsjF4GbiEt4UKig0S9aUepvqXtPk.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '208.113.129.32' (RSA) to the list of known hosts.
Permission denied (publickey).

It should work, there is really nothing different in DreamCompute from any other remote Linux server except the lack of username/password.


#11

This is not working. After starting over, I am back at the same place I was yesterday:

[pms1@linux1 .ssh]$ ssh -i cloud.key hdc-user@208.113.129.32
Permission denied (publickey).
[pms1@linux1 .ssh]$

I am not sure I can invest anymore time in a system that is not accessible. Any final suggestions?
[hr]

I believe we have both gotten the same result to this point. What is the dhc-user password?


#12

I’m as puzzled as you are… do you feel comfortable doing a screenshare with me? I will contact you privately.


#13

Well, I guess I do not need the password since we are not using passwords anymore because they are old fashioned. The only thing I can think of at this point is to blow up the keys and the instance and try again later.
[hr]

I will get back on this project tomorrow afternoon when I have some time. Maybe you can debug this then. Thanks.


#14

AH! I just saw something that explains all. Check below

it should be dhc-user@$IP not hdc. Try this instead:

ssh -i cloud.key dhc-user@208.113.129.32

#15

I admit I am a terrible typist…but I do not think this is the problem either:

[pms1@linux1 ~]$
[pms1@linux1 ~]$ ssh -i cloud.key dhc-user@208.113.129.32
Permission denied (publickey).
[pms1@linux1 ~]$

Darn. It should not be this hard.


#16

RESOLVED: First I want to thank my new friend at Dreamhost, Stef, for guiding us through our first setup. We resolved this problem by doing the following:

[list=1]
[]First we deleted the original keypair we were trying to use that was generated by a local CentOS6 machine
[
]Next we generated a new keypair using DHC’s key generator
[]We downloaded the private key to a Windows 10 machine
[
]Next we downloaded puttygen.exe from puTTY’s site which is need to convert a .pem file to a puTTY key
[]Then we imported the converted .pem file in to puTTY using the instructions at the link below
[
]We copied the private key to the .ssh directory belonging to dhc-user (created locally on CentOS6 machine)
[*]Now we can log in from our Windows 10 machine using puTTY or using ssh on our CentOS6 machine
[/list]

Log in with an SSH Private Key on Windows Using puTTY

Download puTTY.exe and puttygen.exe Here

I hope this is helpful to other DHC newbies trying to get started.


#17

Thanks for the tips but I’ve seemed to try everything about 5 times (from nuking the instances to creating 20 new key-pairs) and am still receiving “server refused our key” "PuTTy Fatal Error - Disconnected: No supported authentication methods available (server sent: publickey).

Anyone have any ideas? Would gladly screenshare to resolve this issue.

Trying to connect from Windows 10 with PuTTy. No issues with the connection going through, it seems to be solely key-pair related…


#18

One minor suggestion…the private key that you are moving around to your local machines is actually one long string. If there are any line breaks or spaces in it, the key is corrupted. This is an easy mistake to make and it will prevent you from authenticating.

-BeauS


#19

BeauS, thanks for the quick reply. However I’m not copy & pasting any of the keys.

I simply downloaded the .pem when I generated the key-pair in the DHC panel. I open that file in puttygen so it converts to a .ppk and save it to my desktop. I then boot up putty and select that key-pair that was generated (.ppk) from puttygen and am getting the error seen above.


#20

Sorry for the issues illusive101. From your ticket, I was able to fix your issue. I’ll post the info here as well for future customers who may run into the same issue.

When you check out your instance loaded here:

https://iad2.dreamcompute.com/project/instances/

If the “key pair” column shows “-” as the key pair, this means none was selected when the instance was created. The dashboard (the OpenStack component called “horizon”) doesn’t force you to select a key, but we require it, so if that step is missed you end up with an unusable instance. The instance will not be usable without a key, and one cannot be assigned after it is created. I would suggest destroying it and starting a new one, selecting a key. If only one key exists on your account, it will default select it. If multiple, it will not select one automatically.

If you still have trouble after deleting the instance and re-creating it, please let me know.