keypair issues and identity file not accessible message

Latest response

Hello,

In going through the getting started guide section 7.2, it says to use ssh -i and a keypair to to ssh into my newly launched instance. I've tried this but I am not having much luck. I created the keypair by running:

nova keypair-add --pub_key ~/.ssh/id_rsa.pub mykey

This seemed to work as the "nova keypair-list" output displays the mykey and its fingerprint.

Now, here is the result of running different ssh -i commands:

ssh -i mykey.priv 192.168.32.2
Warning: Identity file mykey.priv not accessible: No such file or directory.
(then prompted to provide password and I can successfully log in)

ssh -i mykey.pub 192.168.32.2
Warning: Identity file mykey.pub not accessible: No such file or directory.
(then prompted to provide password and I can successfully log in)

ssh 192.168.32.2
(prompted to provide password and I can successfully log in)

Am I missing something? The getting started guide does not have the command line info for creating the keypair so I used some other documentation to create the keypair.

Dave

Responses

I think I figured out that the keypair file must exist in the directory where I run the ssh command from. That would be good to know in the documentation.

Also, the name of the file may not be .priv - it'll be .pem if the key is created from the gui (which downloads the file to ~/Downloads unless one specifies another location).

If I create the key from the command line - I don't know where the file is located. I see it in the gui and using the nova keypair-list command but there is no .pem file that I could see in the nova directory. So, how does one use the key if it's generated by the command line?

Dave

Hi Vlad, the keypair creation step is definitely missing in the Getting Started Guide, and there's a bug to fix that. I've passed on your question to the dev team, someone will get back to you here.
cheers, Summer

Dave,

If you are running:
nova keypair-add --pub_key ~/.ssh/id_rsa.pub mykey
ssh -i mykey.priv 192.168.32.2

This is incorrect, since the identity is linked to the file name of the ssh-keypair. The correct command to run would be:

ssh -i id_rsa 192.168.32.2
(assuming your private key is in ~/.ssh/id_rsa. Usually there is no .priv extension on private keys when they are created using the ssh-keygen command)

The 'mykey' name is one that is used in OpenStack to identify the keypair, but from the ssh command line perspective it has no idea what 'mykey' is (unless of course your key is called ~/.ssh/mykey.pub)

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.