cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeroen Keerl" <>
Subject create templates that support SSH keys - CentOS6 bug
Date Sun, 18 Sep 2016 20:07:20 GMT


I've been spending some time with 4.9 and its documentation online now, and
I've come across a few glitches or missing information.
One of the most unnerving things I found out is a bug in CentOS 6, which
cost me a lot of time:
When trying to create a template with CentOS 6.8 with SSH authentication, my
instances kept asking me for the root password, even after manually
providing the ssh key files etc.

After a bit of research, I found a website (
on-on-centos-6 ) where a workaround was provided:
Issuing a 'restorecon -R -v /root/.ssh' on the instance from which you're
about to make a template (See Doc "Working with Virtual Machines" ) will
restore the security contexts for the files in the .ssh folder
*Note: This issue will only occur, if selinux is still set to enforcing

Apart from that:
On the site "Working with virtual machines", it is still noted, that you
cannot create instances from templates with the SSH authentication enabled.

I'm not sure, if I just got lucky, or if this is amiss, but I can actually
deploy new VMs from the template with SSH auth enabled.

So, here's what I did (I'll leave out the numerous trials and errors for
you... )

1) Create a new VM from ISO
2) Prepared it as written in the documentation  "Creating an Instance
Template that Supports SSH Keys" and shutdown the VM, then created the
(and issued 'restorecon -R -v /root/.ssh' as well, for CentOS)
3) Created a new SSH key pair in the web GUI under "User Accounts -SSH Key
Pairs" and copied the private key (which is only shown directly after
creation. Do not refresh here, before you copied the private key in notepad
4) Created a new file, named exactly as the key pair is named in the GUI (!)
under /root/.ssh and changed rights after that with chmod 600
5) created a new instance in the web GUI with the newly created keypair and

New instance is created and I can login to it with ssh -i ~/.ssh/%keyname%


Keerl IT Services GmbH
Birkenstraße 1b. 21521 Aumühle

+49 177 6320 317

Geschäftsführer. Jacobus J. Keerl
Registergericht Lubeck. HRB-Nr. 14511

Unsere Allgemeine Geschäftsbedingungen finden Siehier.

  • Unnamed multipart/related (inline, None, 0 bytes)
View raw message