Error waiting for SSH: Packer experienced an authentication error when trying to connect via SSH

Question

I am trying to build an AWS AMI with packer. here is my packer conf:

source "amazon-ebs" "base-alpine" {

  assume_role {
    role_arn     = "arn:aws:iam::${var.aws_account_id}:role/admin-ci"
    session_name = "packer"
  }

  source_ami_filter {
    filters = {
      virtualization-type = "hvm"
      name                = "alpine-3.15.0*"
      root-device-type    = "ebs"
    }
    owners      = ["538276064493"]
    most_recent = true
  }

  subnet_filter {
    filters = {
      "tag:Function" : "public"
      "tag:Project" : "brain"
    }
    most_free = true
  }

  security_group_filter {
    filters = {
      "tag:Function" : "public"
      "tag:Project" : "brain"
    }
  }

  ami_name                    = "base-alpine"
  instance_type               = "t4g.medium"
  region                      = "${var.aws_region}"
  ssh_username                = "alpine"
  associate_public_ip_address = true
  force_deregister            = true
  force_delete_snapshot       = true

  tags = {
    Project  = "brain"
    Name     = "base-alpine"
  }

}

build {
  sources = ["source.amazon-ebs.base-alpine"]

  provisioner "file" {
    source      = "hostname.sh"
    destination = "/tmp/hostname.sh"
  }

  provisioner "shell" {
    valid_exit_codes = [0, 1]
    inline = [
      "doas apk -U upgrade"
    ]

  }

}

I was using exactly the same config before but with different base AMI and it was working just fine.

now after I'v changed the base AMI I am receiving this error:

==> amazon-ebs.base-alpine: Error waiting for SSH: Packer experienced an authentication error when trying to connect via SSH. This can happen if your username/password are wrong. You may want to double-check your credentials as part of your debugging process. original error: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

The interesting part is that I can ssh into the created Packer machine with the generated ssh private key without any problems.

Any ideas why is this happening? or maybe suggestions for a better debug?

Answer 1

I'll put the comment from @Beevik here

The openssh config that ships with the AWS alpine 3.15 cloud image does not appear to support RSA keys by default. I see the following error logged in /var/log/messages as the packer client tries to connect via ssh: "userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms". Downgrading to the alpine 3.14 cloud image worked for me.

Answer 2

What I found out is that my version of packer didn't support key pairs type ED25519 by default and required a specific parameter to work.

  region                  = "eu-west-2"
  ssh_username            = "ubuntu"
  temporary_key_pair_type = "ed25519"

more info here https://discuss.hashicorp.com/t/packer-unable-to-ssh-into-amazon-linux-2022/33519/2