Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Issue withthe Ambari installation on AWS

Highlighted

Issue withthe Ambari installation on AWS

New Contributor

Hi,

I have an issue regarding my installation in AWS to configure ssh.

I create an user: ambari

useradd ambari echo "ambari ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/ambari

and generate a private key:

ssh-keygen -t rsa

When i try a ssh with my public IP address:

ssh ambari@52.31.236.46

i get an error:

Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

and with debug:

[ambari@ip-172-31-21-232 ~]$ ssh -v ambari@52.31.236.46 OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 56: Applying options for * debug1: Connecting to 52.31.236.46 [52.31.236.46] port 22. debug1: Connection established. debug1: identity file /home/ambari/.ssh/id_rsa type 1 debug1: identity file /home/ambari/.ssh/id_rsa-cert type -1 debug1: identity file /home/ambari/.ssh/id_dsa type -1 debug1: identity file /home/ambari/.ssh/id_dsa-cert type -1 debug1: identity file /home/ambari/.ssh/id_ecdsa type -1 debug1: identity file /home/ambari/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/ambari/.ssh/id_ed25519 type -1 debug1: identity file /home/ambari/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.6.1 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1 debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none debug1: kex: curve25519-sha256@libssh.org need=16 dh_need=16 debug1: kex: curve25519-sha256@libssh.org need=16 dh_need=16 debug1: sending SSH2_MSG_KEX_ECDH_INIT debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ECDSA 3b:a5:43:31:83:2d:57:52:cb:c0:0a:b4:a9:91:f1:9c debug1: Host '52.31.236.46' is known and matches the ECDSA host key. debug1: Found key in /home/ambari/.ssh/known_hosts:1 debug1: ssh_ecdsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic debug1: Next authentication method: gssapi-keyex debug1: No valid Key exchange context debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information No Kerberos credentials available (default cache: KEYRING:persistent:1001)

debug1: Unspecified GSS failure. Minor code may provide more information No Kerberos credentials available (default cache: KEYRING:persistent:1001)

debug1: Next authentication method: publickey debug1: Offering RSA public key: /home/ambari/.ssh/id_rsa debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic debug1: Trying private key: /home/ambari/.ssh/id_dsa debug1: Trying private key: /home/ambari/.ssh/id_ecdsa debug1: Trying private key: /home/ambari/.ssh/id_ed25519 debug1: No more authentication methods to try. Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

Any suggestion on how to fix this issue?

Thanks

1 REPLY 1

Re: Issue withthe Ambari installation on AWS

Super Mentor

@Farhad Heybati

Have you already added public key for each user's "~/.ssh/authorized_keys" file ?

Also can you please check your "/etc/ssh/sshd_confg" file and check if you have the following property Uncommented? If not then edit it and then restart sshd service.

PasswordAuthentication yes 

.

Also you might want to take a look at the AWS lab doc: http://aws-labs.com/configure-ssh-key-based-authentication-linux-server/

Don't have an account?
Coming from Hortonworks? Activate your account here