Hello,
After configuring the bastion host, I am unable to ssh to it.
Here is the config:
module "bastion" {
source = "github.com/terraform-community-modules/tf_aws_bastion_s3_keys"
ssh_user = "admin"
instance_type = "t2.micro"
ami = "${var.ami}"
region = "${var.aws_region}"
iam_instance_profile = "${module.iam.iam-instance-profile}"
s3_bucket_name = "${var.s3_bucket_name}"
#s3_bucket_uri = "${module.s3.bucket_domain_name}"
vpc_id = "${module.app_server.vpc_id}"
subnet_ids = ["${module.app_server.bastion_subnet1}", "${module.app_server.bastion_subnet2}"]
keys_update_frequency = "5,20,35,50 * * * *"
additional_user_data_script = "date"
}
I see that the bastion host gets created.
I also see the ssh keys..
aws s3 sync --delete $BUCKET_URI $PUB_KEYS_DIR
download: s3://my-s3-bastion-bucket-dev/admin.pub to ../../../../../../tmp/vv/admin.pub
download: s3://my-s3-bastion-bucket-dev/id_rsa.pub to ../../../../../../tmp/vv/id_rsa.pub
and ssh debug...
debug2: key: public_keys/admin (0x7fbf23d15010), explicit
debug3: send packet: type 5
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: public_keys/admin
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).
The user script that runs has these,
#!/usr/bin/env bash
set -e
BUCKET_NAME=my-s3-bastion-bucket-dev
BUCKET_URI=
SSH_USER=admin
MARKER="# KEYS_BELOW_WILL_BE_UPDATED_BY_TERRAFORM"
KEYS_FILE=/home/$SSH_USER/.ssh/authorized_keys
TEMP_KEYS_FILE=$(mktemp /tmp/authorized_keys.XXXXXX)
PUB_KEYS_DIR=/home/$SSH_USER/pub_key_files/
PATH=/usr/local/bin:$PATH
Not sure what is going wrong. Appreciate any input.