Hello.
I need to deploy quiet a few Linux VMs using specific RSA keys. I’m trying to deploy 1 Linux VM specifying my test RSA key with a few methods but I don’t yet get the hang of it. Need some help. I use Windows and Visual studio code as my software and I’m using the ssh_public_keys atribute to specify my RSA keys.
I tried specifying the RSA key in the default value and the path:
variable “ssh_public_keys” {
description = “Public SSH keys to be included in the ~/.ssh/authorized_keys file for the default user on the instance. To provide multiple keys, see docs/instance_ssh_keys.adoc.”
type = string
default = “rsa-key-20211014-testjj.pub”
#default = “ssh-rsa AAAAB3NzaC1yc2E … +cYEfC8xDFVVRp rsa-key-20211014-testjj”
}
when using the path I tried copying the pub file to the root directory of the terraform files, the metadata block is like this:
metadata = {
ssh_public_keys = file(var.ssh_public_keys)
#ssh_public_keys = var.ssh_public_keys
}
The behavior is that I cannot putty into the server, I get a message indicating there is no valid authentication method.
What is the correct way to specify the RSA keys?
Thanks for your help.
The code snippt you have should work, it might be other part of code that’s not working.
I use below as a test:
variable "ssh_public_key" {
default = "id_rsa.pub"
}
output "rsa_key" {
value = file(var.ssh_public_key)
}
I have id_rsa.pub file in the same directory with tf code, then
terraform apply
No changes. Your infrastructure matches the configuration.
Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed.
Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
Outputs:
rsa_key = <<EOT
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDRPIcvQQmi/iwD7em0pVfUBVic1jrh6iN28uPuFc6UGsZUIs7qzpF25eKSkLAWnNndiLushQR7wRRS+mzc9paLceNj4B8XZphjqWRNVZJ77a9/QX34x+IY4X/VutJQg9pCJlsYam4mBRv28T52rqrCbR/+Th3VklBIxb5gT8aNPYep7tKqxY8KRgBZ0y5r+BRVqubKKxZpblIZWmIK1/0nvasdTiktkE8ucqN6BiV9IQCcA+GxVFYo1oS4rvTzVjY1R2laOjWqTh4WV/jG0OGWW1gxEyNaeFeMQCG+L6sX4b96K8lb8VGIDQJuTUobk/bWELI2vrC/9vMaSJk1Pein yulei@hashicorp.com
EOT
Thanks for your answer. You might be right, am I missing something in this code:
resource “oci_core_instance” “web-01” {
availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[var.AD - 1][“name”]
compartment_id = var.compartment_ocid
display_name = “Web-Server-01”
shape = var.instance_shape
create_vnic_details {
subnet_id = oci_core_subnet.subnet.id
display_name = “NIC-web-server-01”
assign_public_ip = true
}
source_details {
source_type = “image”
source_id = lookup(data.oci_core_images.compute_images.images[0], “id”)
boot_volume_size_in_gbs = “50”
}
metadata = {
ssh_public_keys = file(var.ssh_public_keys)
#ssh_public_keys = var.ssh_public_keys
}
}
When I call the output, I do see the RSA key as well, as you mention. but I still get an error message that says No supported authentication methods available when I try to putty into the VM public Ip.
Please confirm if you can identify what I’m missing,
Regards,
One more thing. If I manually create a VM in OCI with the same RSA key, I’m able to putty inside, so the issue is the terraform is not being able to pick up the pub file it seems or create the VM using the file.
This seems to be incorrect but I have no way to test.
According to document, you should use ssh_authorized_keys instead of ssh_public_keys.
1 Like
At the end, the solution was using the ssh_authorized_keys atribute:
metadata = {
ssh_authorized_keys = file(var.ssh_public_keys)
#ssh_public_keys = file(var.ssh_public_keys)
#ssh_public_keys = var.ssh_public_keys
}
As far as I knew that atribute got deprecated by ssh_public_keys, but anyway thats how it got fixed. Thanks for your help.