Docker Community Forums

Share and learn in the Docker community.

Password prompt on Docker for AWS beta

aws

(Ken Snyder) #1

Expected behavior

After creating a new AWS stack, the stack should start up and allow for SSH access using the private key specified in the cloudformation configuration.

Actual behavior

The stack does start up and the SSH port is accessible but even when explicitly passing the private key (see below):

ssh -i “/AWS/xxxx.pem” docker@NAME-us-east1.elb.amazonaws.com

The terminal prompts for a password (to which I have none).


(Michael Friis) #2

Hm, that’s very strange. Could I ask you do try to run ssh with verbose output to see what might be the matter: https://blog.codefront.net/2007/02/28/debugging-ssh-public-key-authentication-problems/


(Ken Snyder) #3

Here’s the output I’m getting:

OpenSSH_6.9p1, LibreSSL 2.1.8
debug1: Reading configuration data /Users/xxxxx/.ssh/config
debug1: /Users/xxxxx/.ssh/config line 1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to firsttest-elb-ssh-1623741990.us-east-1.elb.amazonaws.com [52.206.153.95] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /Users/xxxxx/AWS/xyxyxyx.pem type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/xxxxx/AWS/xyxyxyx.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2-hpn14v4
debug1: match: OpenSSH_7.2p2-hpn14v4 pat OpenSSH* compat 0x04000000
debug1: Authenticating to firsttest-elb-ssh-1623741990.us-east-1.elb.amazonaws.com:22 as 'docker’
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client chacha20-poly1305@openssh.com none
debug1: kex: client->server chacha20-poly1305@openssh.com none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:C71MHTErrgOO336qAuLXah7+nc6dnRSEHFgYzmXoGyQ
debug1: Host ‘firsttest-elb-ssh-1623741990.us-east-1.elb.amazonaws.com’ is known and matches the ECDSA host key.
debug1: Found key in /Users/xxxxx/.ssh/known_hosts:30
Warning: Permanently added the ECDSA host key for IP address ‘52.206.153.95’ to the list of known hosts.
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/xxxxx/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Trying private key: /Users/xxxxx/AWS/xyxyxyx.pem
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: password

Unless I’m reading it wrong it seems to be pointing at the missing “pem” file but I’ve double and triple checked and the file DOES exist.


(Michael Friis) #4

Hm, that’s really strange. Can you confirm that you’ve placed they key in the AWS folder at the root of the filesystem? (eg. /AWS/xxxx.pem). If it’s your user folder, you’d use ~/AWS/xxxx.pem.