CoreOs and ssh login failing

October 23, 2014 3.7k views

Howdy !

ssh login works for all distros except for coreos. Do I need to use a specific algo or a certain key length for coreos ?

Thanx,
Matthias

3 comments
  • I can't login either. This is what I'm typing. :/

    ssh core@1.2.3.4
    

    But, all I get is: "ssh: connect to host 1.2.3.4 port 22: Operation timed out". (Obviously, 1.2.3.4 is my droplet's IP address.)

    I clicked the button to add my id_ecdsa.pub key to the server.

  • For me, I tried to login as [core] user, and failed to get in.

    No response from my droplets, saying "Connection timed out".
    I also added my SSH pub key to my account.

    What's wrong with me?

    Thanks,
    Joshua

  • Run ssh with the '-v' flag to see where it fails. Could be that your access rights are wrong.
    On your DO instance it should look like this:

    269268 4 drwx------ 2 core core 4096 Dec 18 18:58 .ssh

    ls -l .ssh/
    total 4
    -rw------- 1 core core 397 Dec 18 18:58 authorized_keys

2 Answers

Your existing SSH keys should work fine on CoreOS. What user are you connecting as? Try using core instead of root.

I have the similar problem.

It stucks at expecting SSH2MSGKEXDHGEX_REPLY.

chuck@chuck-OptiPlex-3010:~/.ssh % ssh -v root@128.199.68.147
OpenSSH5.9p1 Debian-5ubuntu1.4, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /home/chuck/.ssh/config
debug1: /home/chuck/.ssh/config line 48: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh
config
debug1: /etc/ssh/sshconfig line 19: Applying options for *
debug1: Connecting to 128.199.68.147 [128.199.68.147] port 22.
debug1: Connection established.
debug1: identity file /home/chuck/.ssh/id
rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/chuck/.ssh/idrsa-cert type -1
debug1: identity file /home/chuck/.ssh/id
dsa type 2
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: identity file /home/chuck/.ssh/iddsa-cert type -1
debug1: identity file /home/chuck/.ssh/id
ecdsa type -1
debug1: identity file /home/chuck/.ssh/idecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH
6.6
debug1: match: OpenSSH6.6 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH
5.9p1 Debian-5ubuntu1.4
debug1: SSH2MSGKEXINIT sent
debug1: SSH2MSGKEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2MSGKEXDHGEXREQUEST(1024<1024<8192) sent
debug1: expecting SSH2
MSGKEXDHGEXGROUP
debug1: SSH2MSGKEXDHGEXINIT sent
debug1: expecting SSH2
MSGKEXDHGEXREPLY

When i switch to the 'core' user, It stucked again!

chuck@chuck-OptiPlex-3010:~/Dropbox/Mackup/.ssh % ssh -v core@128.199.68.147
OpenSSH5.9p1 Debian-5ubuntu1.4, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /home/chuck/.ssh/config
debug1: /home/chuck/.ssh/config line 48: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh
config
debug1: /etc/ssh/sshconfig line 19: Applying options for *
debug1: Connecting to 128.199.68.147 [128.199.68.147] port 22.
debug1: Connection established.
debug1: identity file /home/chuck/.ssh/id
rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/chuck/.ssh/idrsa-cert type -1
debug1: identity file /home/chuck/.ssh/id
dsa type 2
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: identity file /home/chuck/.ssh/iddsa-cert type -1
debug1: identity file /home/chuck/.ssh/id
ecdsa type -1
debug1: identity file /home/chuck/.ssh/idecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH
6.6
debug1: match: OpenSSH6.6 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH
5.9p1 Debian-5ubuntu1.4
debug1: SSH2MSGKEXINIT sent

I just can't figure it out what's wrong.

Plz help!

Have another answer? Share your knowledge.