Hi Team,

we have deployed MaaS and installed ubunutu-20.04 on the target machine using MaaS

When tried to login with the default username (mas), it is getting failed with below error

mas@maas:~$ ssh mas@172.73.2.2
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
SHA256:AkkQXDyrmlOS+LHocH0nbMh8tTQjD7sOek/t+hVlp74.
Please contact your system administrator.
Add correct host key in /home/mas/.ssh/known_hosts to get rid of this message.
Offending ED25519 key in /home/mas/.ssh/known_hosts:1
remove with:
ssh-keygen -f “/home/mas/.ssh/known_hosts” -R “172.73.2.2”
Host key for 172.73.2.2 has changed and you have requested strict checking.
Host key verification failed.

I have come across one post here and changed the default username from ubunutu to mas but still facing same issue

vi /etc/cloud/cloud.cfg

System and/or distro specific settings

(not accessible to handlers/transforms)

system_info:

This will affect which distro class gets used

distro: ubuntu

Default user name + that default users groups (if added/used)

default_user:
name: mas
lock_passwd: True
gecos: Ubuntu
groups: [adm, audio, cdrom, dialout, dip, floppy, lxd, netdev, plugdev, sudo, video]
sudo: [“ALL=(ALL) NOPASSWD:ALL”]
shell: /bin/bash

Could someone please help to suggest on how resolve this issue?

Also one more observation is the target machine going into power-off mode after few seconds and this is happening always once OS is installed, we have kept the power config as Manual in configuration of Machine in MaaS

Please help to suggest on this as well

Thank you for the support in advance.

With Regards
Kiran

Hi @kiranta,

There are different things in your post. I’ll try to address those.

1. The default username is ubuntu, not mas.
2. You probably had another host/os installation on 172.73.2.2. So SSH is telling you that the host has changed. You can read more about this SSH aspect on the internet.
3. regarding the machine that is powered off after few seconds I actually don’t get it. If you get the SSH error it means that the host is up and running.

Hi @r00ta,

First of all thank you so much for your support and help.

I have tried them as per your suggestions, below are the observations

Regarding point-1, I have tried with username as ubuntu but still unable to login and getting error.

mas@maas:~$ ssh ubuntu@172.73.2.2
The authenticity of host ‘172.73.2.2 (172.73.2.2)’ can’t be established.
ED25519 key fingerprint is SHA256:xDNG/K68aWK/XWEBQfbVVLDfmSt42mvkwlPk4sUNC6k.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added ‘172.73.2.2’ (ED25519) to the list of known hosts.
ubuntu@172.73.2.2: Permission denied (publickey).
mas@maas:~$
mas@maas:~/.ssh$ ls -lrt
total 16
-rw-r–r-- 1 mas mas 562 Aug 30 11:33 id_rsa.pub
-rw------- 1 mas mas 2590 Aug 30 11:33 id_rsa
-rw-r–r-- 1 mas mas 142 Aug 30 11:54 known_hosts.old
-rw------- 1 mas mas 1120 Aug 30 12:39 known_hosts
mas@maas:~/.ssh$

Also i tried several options as suggested in internet but still unable to resolve this issue

Regarding point-2, we have only one machine (172.73.2.2) where we are trying to do OS installation via MaaS

Regarding point-3, yes you are right, the target machine (172.73.2.2) is coming up and it is going down after several trails to do ssh. Please find below the ping status captured while doing this test

64 bytes from 172.73.2.2: icmp_seq=5097 ttl=64 time=0.041 ms
64 bytes from 172.73.2.2: icmp_seq=5098 ttl=64 time=0.056 ms
64 bytes from 172.73.2.2: icmp_seq=5099 ttl=64 time=0.042 ms
64 bytes from 172.73.2.2: icmp_seq=5100 ttl=64 time=0.050 ms
64 bytes from 172.73.2.2: icmp_seq=5101 ttl=64 time=0.058 ms
64 bytes from 172.73.2.2: icmp_seq=5102 ttl=64 time=0.047 ms
64 bytes from 172.73.2.2: icmp_seq=5103 ttl=64 time=0.047 ms
64 bytes from 172.73.2.2: icmp_seq=5104 ttl=64 time=0.045 ms
64 bytes from 172.73.2.2: icmp_seq=5105 ttl=64 time=0.042 ms
From 172.73.2.1 icmp_seq=5137 Destination Host Unreachable
From 172.73.2.1 icmp_seq=5138 Destination Host Unreachable
From 172.73.2.1 icmp_seq=5139 Destination Host Unreachable
From 172.73.2.1 icmp_seq=5140 Destination Host Unreachable
From 172.73.2.1 icmp_seq=5141 Destination Host Unreachable
From 172.73.2.1 icmp_seq=5142 Destination Host Unreachable
From 172.73.2.1 icmp_seq=5143 Destination Host Unreachable
From 172.73.2.1 icmp_seq=5147 Destination Host Unreachable
From 172.73.2.1 icmp_seq=5150 Destination Host Unreachable
From 172.73.2.1 icmp_seq=5151 Destination Host Unreachable
From 172.73.2.1 icmp_seq=5153 Destination Host Unreachable
From 172.73.2.1 icmp_seq=5154 Destination Host Unreachable
From 172.73.2.1 icmp_seq=5155 Destination Host Unreachable

Could you please help to check and suggest further?

With Regards
Kiran

MAAS installs on the deployed machine the SSH key that you specified during the setup. You have to ensure that mas@maas:~/.ssh/id_rsa.pub is the key that you have installed for your user (look at the UI at /MAAS/r/account/prefs/ssh-keys).

Otherwise, if you did not use the key at ~/.ssh/id_rsa.pub, you have to ssh -i <key> <the host>

Hi @r00ta

Thank you for your inputs.

yes we are using the same SSH key which were specified during MAAS installation but still it failing.

Also i have tried the second option to check if the ssh is successful but that is also failing

mas@maas:~/.ssh$ pwd
/home/mas/.ssh
mas@maas:~/.ssh$
mas@maas:~/.ssh$
mas@maas:~/.ssh$ ls -lrt
total 16
-rw-r–r-- 1 mas mas 562 Aug 30 11:33 id_rsa.pub
-rw------- 1 mas mas 2590 Aug 30 11:33 id_rsa
-rw-r–r-- 1 mas mas 142 Aug 30 11:54 known_hosts.old
-rw------- 1 mas mas 1120 Aug 30 12:39 known_hosts
mas@maas:~/.ssh$
mas@maas:~/.ssh$ cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDx3KTLkZCtEuiL70QrAXPW/2+ppyhKjRjgKGOWYhlKz8qhPBtBUlMmgOfTV4EUoqO3BliPt8bYSI+h+WKpsB9KPMxrtsL20QiVb90BKkMqosSw30e5l7I3oYLbZaqguYG0rzZgN56BPCiE2NmqTW9UdOP5Zo5mcDFarK1YBXkdeBBGOqKhLyF9RvehJtVlWFnDsoH0+149K8LwWqTc+4a9Ipt5iDUXxF7oxRoW2K4mWD0h62Q0OPmU/MCaC4qBOVUsXAund0gBhf7nr4j9vhJEYnm1PTLSLiNH99kNs5euw8GegcmhoL9aUyyrbgTEux3UbifF79QnIX7WGUl32aEzezBjoTqwqj7s0cMaOnte6ebRJZfl5oLiCmaA4allw2SGqjnwomsMCu1iism4ODk6OBmktbyyqe4T2NVBbrllgPDb1cgMM2iNw9eJs/QFYmFeoAUh9LgdiT3G8I2KSKfq6wi8tFSIoSLaUWpmy7fpSmn4zUJD1TQUcY+87tFJRhM= mas@maas
mas@maas:~/.ssh$ pwd
/home/mas/.ssh
mas@maas:~/.ssh$
mas@maas:~/.ssh$ ssh -i AAAAB3NzaC1yc2EAAAADAQABAAABgQDx3KTLkZCtEuiL70QrAXPW/2+ppyhKjRjgKGOWYhlKz8qhPBtBUlMmgOfTV4EUoqO3BliPt8bYSI+h+WKpsB9KPMxrtsL20QiVb90BKkMqosSw30e5l7I3oYLbZaqguYG0rzZgN56BPCiE2NmqTW9UdOP5Zo5mcDFarK1YBXkdeBBGOqKhLyF9RvehJtVlWFnDsoH0+149K8LwWqTc+4a9Ipt5iDUXxF7oxRoW2K4mWD0h62Q0OPmU/MCaC4qBOVUsXAund0gBhf7nr4j9vhJEYnm1PTLSLiNH99kNs5euw8GegcmhoL9aUyyrbgTEux3UbifF79QnIX7WGUl32aEzezBjoTqwqj7s0cMaOnte6ebRJZfl5oLiCmaA4allw2SGqjnwomsMCu1iism4ODk6OBmktbyyqe4T2NVBbrllgPDb1cgMM2iNw9eJs/QFYmFeoAUh9LgdiT3G8I2KSKfq6wi8tFSIoSLaUWpmy7fpSmn4zUJD1TQUcY+87tFJRhM 172.73.2.2
Warning: Identity file AAAAB3NzaC1yc2EAAAADAQABAAABgQDx3KTLkZCtEuiL70QrAXPW/2+ppyhKjRjgKGOWYhlKz8qhPBtBUlMmgOfTV4EUoqO3BliPt8bYSI+h+WKpsB9KPMxrtsL20QiVb90BKkMqosSw30e5l7I3oYLbZaqguYG0rzZgN56BPCiE2NmqTW9UdOP5Zo5mcDFarK1YBXkdeBBGOqKhLyF9RvehJtVlWFnDsoH0+149K8LwWqTc+4a9Ipt5iDUXxF7oxRoW2K4mWD0h62Q0OPmU/MCaC4qBOVUsXAund0gBhf7nr4j9vhJEYnm1PTLSLiNH99kNs5euw8GegcmhoL9aUyyrbgTEux3UbifF79QnIX7WGUl32aEzezBjoTqwqj7s0cMaOnte6ebRJZfl5oLiCmaA4allw2SGqjnwomsMCu1iism4ODk6OBmktbyyqe4T2NVBbrllgPDb1cgMM2iNw9eJs/QFYmFeoAUh9LgdiT3G8I2KSKfq6wi8tFSIoSLaUWpmy7fpSmn4zUJD1TQUcY+87tFJRhM not accessible: No such file or directory.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
SHA256:kdvU9CEja2VFN1n/Fk+WLkIoClmqu1vX4xFeLxU2t7I.
Please contact your system administrator.
Add correct host key in /home/mas/.ssh/known_hosts to get rid of this message.
Offending ED25519 key in /home/mas/.ssh/known_hosts:4
remove with:
ssh-keygen -f “/home/mas/.ssh/known_hosts” -R “172.73.2.2”
Host key for 172.73.2.2 has changed and you have requested strict checking.
Host key verification failed.
mas@maas:~/.ssh$

Please suggest the way forward to resolve this issue

With Regards
Kiran

well actually the right way to specify what key to use in the ssh command is ssh -i /home/mas/.ssh/id_rsa.pub ubuntu@172.73.2.2. Anyways, that’s the key that is used by default so I do not expect it will work for you.

What do you see on the MAAS UI? What’s the status of the machine? Could you check in the logs tab of the machine if you see anything meaningful?

Hi @r00ta

These two issues are resolved now.

Ideally there were few gaps in our deployment steps due to which we ran into these two issues

After we brought up MaaS, we were doing a reboot of target IDRAC machine which got added with the default settings in MaaS. so we could not select the additional options related to SSH keys and power-off during commissioning

Now we have deleted the existing machine and tried to add it via MaaS UI by giving all the options and these two issues are resolved.

Thank you for your help.

With Regards
Kiran