keymaker has been installed and keymaker install run. I've got the correct instance role applied. when i attempt to log in, keymaker creates the user, but i can't ssh via key using keymaker. ssh debug log:
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: Connection from 10.12.1.10 port 41496 on 10.12.3.140 port 22
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: Client protocol version 2.0; client software version OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: match: OpenSSH_7.6p1 Ubuntu-4ubuntu0.3 pat OpenSSH* compat 0x04000000
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: permanently_set_uid: 109/65534 [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: list_hostkey_types: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: SSH2_MSG_KEXINIT received [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: kex: algorithm: curve25519-sha256 [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: kex: host key algorithm: ecdsa-sha2-nistp256 [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: kex: client->server cipher: [email protected] MAC: compression: none [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: kex: server->client cipher: [email protected] MAC: compression: none [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: rekey after 134217728 blocks [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: expecting SSH2_MSG_NEWKEYS [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: SSH2_MSG_NEWKEYS received [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: rekey after 134217728 blocks [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: KEX done [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: userauth-request for user john_jolet service ssh-connection method none [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: attempt 0 failures 0 [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: authentication methods list 0: publickey
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: authentication methods list 1: keyboard-interactive:pam,publickey
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: PAM: initializing for "john_jolet"
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: PAM: setting PAM_RHOST to "10.12.1.10"
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: PAM: setting PAM_TTY to "ssh"
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: authentication methods list 0: publickey [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: authentication methods list 1: keyboard-interactive:pam,publickey [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: userauth-request for user john_jolet service ssh-connection method publickey [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: attempt 1 failures 0 [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: userauth_pubkey: test whether pkalg/pkblob are acceptable for RSA SHA256:IcW03EYL4ekpWY34zoXuIRKGQsGJuzLvCpBAxHkjLJk [preauth]
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: temporarily_use_uid: 1004/1004 (e=0/0)
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: restore_uid: 0/0
Mar 8 20:04:48 ip-10-12-3-140 sshd[31400]: debug1: temporarily_use_uid: 1004/1004 (e=0/0)
Mar 8 20:04:49 ip-10-12-3-140 sshd[31400]: debug1: restore_uid: 0/0
Mar 8 20:04:49 ip-10-12-3-140 sshd[31400]: debug1: temporarily_use_uid: 7771/7771 (e=0/0)
Mar 8 20:04:49 ip-10-12-3-140 sshd[31400]: debug1: trying public key file /home/john_jolet/.ssh/authorized_keys
Mar 8 20:04:49 ip-10-12-3-140 sshd[31400]: debug1: fd 4 clearing O_NONBLOCK
Mar 8 20:04:49 ip-10-12-3-140 sshd[31400]: debug1: restore_uid: 0/0
Mar 8 20:04:49 ip-10-12-3-140 sshd[31400]: debug1: temporarily_use_uid: 7771/7771 (e=0/0)
Mar 8 20:04:49 ip-10-12-3-140 sshd[31400]: debug1: trying public key file /home/john_jolet/.ssh/authorized_keys2
Mar 8 20:04:49 ip-10-12-3-140 sshd[31400]: debug1: fd 4 clearing O_NONBLOCK
Mar 8 20:04:49 ip-10-12-3-140 sshd[31400]: debug1: restore_uid: 0/0
Mar 8 20:04:49 ip-10-12-3-140 sshd[31400]: Failed publickey for john_jolet from 10.12.1.10 port 41496 ssh2: RSA SHA256:IcW03EYL4ekpWY34zoXuIRKGQsGJuzLvCpBAxHkjLJk
Mar 8 20:04:49 ip-10-12-3-140 sshd[31400]: debug1: userauth-request for user john_jolet service ssh-connection method keyboard-interactive [preauth]
Mar 8 20:04:49 ip-10-12-3-140 sshd[31400]: debug1: attempt 2 failures 1 [preauth]
Mar 8 20:04:49 ip-10-12-3-140 sshd[31400]: debug1: keyboard-interactive devs [preauth]
Mar 8 20:04:49 ip-10-12-3-140 sshd[31400]: debug1: auth2_challenge: user=john_jolet devs= [preauth]
Mar 8 20:04:49 ip-10-12-3-140 sshd[31400]: debug1: kbdint_alloc: devices 'pam' [preauth]
Mar 8 20:04:49 ip-10-12-3-140 sshd[31400]: debug1: auth2_challenge_start: trying authentication method 'pam' [preauth]
Mar 8 20:04:49 ip-10-12-3-140 sshd[31400]: Postponed keyboard-interactive for john_jolet from 10.12.1.10 port 41496 ssh2 [preauth]
Mar 8 20:04:50 ip-10-12-3-140 sshd[31400]: Connection closed by authenticating user john_jolet 10.12.1.10 port 41496 [preauth]
is there any way to get more information about why this is failing?
kislyuk
