How to use pre-created ssh key for overcloud or replace a security key in OpenStack Platform?

Solution Verified - Updated -

Issue

  • I would like to use pre-created ssh key to overcloud.
  • Can not ssh to overcloud nodes
  • overcloud ssh
  • ssh overcloud fails
    If the stack user ssh pub key does not match the default key imported in nova, ssh auth will fail. In that case ssh heat-admin@overcloud_node_ip will ask for a password (since there is no valid ssh key configured).

In order to check, please execute either openstack keypair show default --public-key or nova keypair-show default and compare the key with the stack user public key (cat /home/stack/.ssh/id_rsa.pub). If they mismatch, the nova key in the undercloud should be replaced with the stack user's id_rsa.pub.

In the following output all keys match, i.e. are configured correctly:

[stack@undercloud ~]$ openstack keypair show default --public-key
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCeWqcePhDoTOjin/gzUqhQYM+xwROF8qsyTiIzF9egw3A+W6+7dwr2L2Ob89jA3v+KU2vaAkdzMxNw8E/Ra7AJWCEWG0eYqZdP34EOn7aMtG+I7ZV7cG2uC4u+z7c+jNS7idUZ3PRMRE/dVAEShxJTnLUOvVSq0SqYQZAgo7BK3LH/A81Vcxbjm8OTbdBMRqqnrdzmGppcowosE6DnwDqzCTk0y+Bf4rZ3P0JHT1lK+jZcVbQq9A12oxSwlUolXsjQUWfpBCITakuGPCli6yx/gqBRd/kk3TZrZGSHTrD5VmXhBhSl2Exu0fhrmSsz8G8Y6TYJst+syjLty9qJ0zuj stack@undercloud.default.redhat.local

[stack@undercloud ~]$ nova keypair-show default
+-------------+-------------------------------------------------+
| Property    | Value                                           |
+-------------+-------------------------------------------------+
| created_at  | 2016-10-10T07:51:01.000000                      |
| deleted     | False                                           |
| deleted_at  | -                                               |
| fingerprint | d9:d8:31:1a:e8:85:43:a7:bd:f2:c1:69:51:4d:ad:a9 |
| id          | 3                                               |
| name        | default                                         |
| updated_at  | -                                               |
| user_id     | 88951ae9bafe4aedbe248fd623caae8c                |
+-------------+-------------------------------------------------+
Public key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCeWqcePhDoTOjin/gzUqhQYM+xwROF8qsyTiIzF9egw3A+W6+7dwr2L2Ob89jA3v+KU2vaAkdzMxNw8E/Ra7AJWCEWG0eYqZdP34EOn7aMtG+I7ZV7cG2uC4u+z7c+jNS7idUZ3PRMRE/dVAEShxJTnLUOvVSq0SqYQZAgo7BK3LH/A81Vcxbjm8OTbdBMRqqnrdzmGppcowosE6DnwDqzCTk0y+Bf4rZ3P0JHT1lK+jZcVbQq9A12oxSwlUolXsjQUWfpBCITakuGPCli6yx/gqBRd/kk3TZrZGSHTrD5VmXhBhSl2Exu0fhrmSsz8G8Y6TYJst+syjLty9qJ0zuj stack@undercloud.default.redhat.local

[stack@undercloud ~]$ cat /home/stack/.ssh/id_rsa.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCeWqcePhDoTOjin/gzUqhQYM+xwROF8qsyTiIzF9egw3A+W6+7dwr2L2Ob89jA3v+KU2vaAkdzMxNw8E/Ra7AJWCEWG0eYqZdP34EOn7aMtG+I7ZV7cG2uC4u+z7c+jNS7idUZ3PRMRE/dVAEShxJTnLUOvVSq0SqYQZAgo7BK3LH/A81Vcxbjm8OTbdBMRqqnrdzmGppcowosE6DnwDqzCTk0y+Bf4rZ3P0JHT1lK+jZcVbQq9A12oxSwlUolXsjQUWfpBCITakuGPCli6yx/gqBRd/kk3TZrZGSHTrD5VmXhBhSl2Exu0fhrmSsz8G8Y6TYJst+syjLty9qJ0zuj stack@undercloud.default.redhat.local
[stack@undercloud ~]$

Environment

All versions of Red Hat OpenStack Platform.

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content