Forum Discussion
NimbostratusAWS BigIP VE SSH root login failure
Hello everyone,
I'm following the guide to spin up a F5 BigIP virtual appliance on an EC2 instance listed on the F5/AWS documentation page. I've launched the appliance and according to the steps I'm trying to SSH into the instance to set the admin password. But for the life of me I can't log in with the SSH key I've created the appliance with.
I'm using the following command:
$ ssh -vvv root@[internalIP or EIP] -i .ssh/sshkey.pem
I've tried multiple SSH keys, also ones that work on other machines, the permissions are set correctly on the key files. The security groups are open for SSH and HTTPS on the appliance. But I keep getting a Connection Closed when trying to SSH in.
exact error:
debug1: Offering RSA public key: sshkey.pem debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Server accepts key: pkalg ssh-rsa blen 279 debug2: input_userauth_pk_ok: fp xx:xx:xx:xx:xx:xx debug3: sign_and_send_pubkey: RSA xx:xx:xx:xx:xx:xx Connection closed by [IP address]
What am i doing wrong? How can I SSH into the appliance and change the admin password so I can start configuring the ltm?
Any help is much appreciated!
Thank you.
14 Replies
What_Lies_Bene1Cirrostratus
Are you using the AWS key (I ask as you have said you've tried more than one)?
Did you specify a key that was created in the same region?
Did you use an existing key pair or create a new one when you launched the instance?
Yvonne_132607I have created an SSH key via the AWS console, downloaded it, set the permissions right and used it to launch the appliance with. I thought I was going crazy and later on once I've terminated and relaunched a couple of appliances, I selected a different SSH key to launch the appliance with, an SSH key that I've used to spin up other instances, to make sure that it wasn't something with the key. But unfortunately, the same problem, i can connect to the appliance, it starts the key exchange and then the server closes the connection.
I am supposed to SSH in as root right? I've also tried ec2-user, but that asks for a password that I do not have.
Is there a way to log in to the web interface, a default admin password, that I can use?
- What_Lies_Bene1
The default admin username and password is admin/admin but I have a feeling things are a bit different with AWS and you must SSH in and set your own admin password first.
Yes, you should be specifying root when connecting via SSH.
Could you try from a different machine?
- Yvonne_132607
I've spun up another appliance in a different VPC in a different region, with a different SSH key that I've already used on other EC2 instances, I've tried connecting directly from my mac and via a jumphost. When I try to connect:
$ ssh -i sshkey.pem root@xxx.xxx.xxx.xxx
The authenticity of host 'xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)' can't be established.
RSA key fingerprint is xx:xx:xx:xx:xx:xx.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'xxx.xxx.xxx.xxx' (RSA) to the list of known hosts.
Connection closed by xxx.xxx.xxx.xxx:o(
I must be doing something very very simple, very very wrong. Please enlighten me.
More verbose debug SSH info I can provide.
- What_Lies_Bene1
Can you force use of SSH v2 with the
parameter and see if that helps?-2 - Yvonne_132607
No dice :o( I would almost be tempted to say that permitrootlogin is set to no
$ ssh -i sshkey.pem root@xx.xx.xx.xx -2 Connection closed by xx.xx.xx.xx
- Yvonne_132607
got it, well actually I have to thank my awesome colleague Luigi for sticking with it and just trying stuff out, eventually finding the solution:
$ ssh admin@xx.xx.xx.xx.
admin@(hostname)(cfg-sync Standalone)(Active)(/Common)(tmos)Happy not to be crazy, but @F5 pleaaaaaase update your documentation..
- What_Lies_Bene1
Phew. So you/he just logged in as admin, no cert?
- Yvonne_132607
Yep, you need to use "admin" not "root. I had the SSH key added to my keychain so in reality it should be:
$ ssh -i sshkey.pem admin@ip
Thanks for you help What Lies Beneath!
- What_Lies_Bene1Thanks for the confirmation, must make a note of that. I'm sure I've not had the same issue but its been a while. You're welcome.
LandonoThanks for this Yvonne, I was having this problem all last week as well. This is incorrect in all of the F5 documentation, even the 11.6.0 guide which is the most recent.
ChrisMutzel_151Altocumulus
Try ec2-user/admin (or ec2-user/root). I had this same issue. The setup guide for 11.x (x<6) has a different user listed. Maybe this fixes your issue?
