Thanks again for your help.
I was thinking the same thing – that the wrong key is being used to connect to the instance – so here’s what I tried:
1). Generated a new AWS keypair
2). Placed that key in chef-repo/.chef
3). Ran knife ec2 with that key name in --ssh-key without the .pem extension. That is, --ssh-key=name_of_key_file_without.pem_extension (knife ec2 blows up if you use the full filename with a “cannot be found message" message from AWS.)
4). Logged into the console and successfully decrypted the password with the .pem file specified in the knife ec2 command
Conceptually, I am having a problem understanding what, exactly, is going on that requires an ssh key. I know the doc says it’s needed but I don’t understand why. There’s nothing listening on port 22 in the instance – that’s where
Still no joy getting knife ec2 to bootstrap the running, accessible instance.
Could there be a problem with the version of knife ec2? I am running 12.4.1.
Appreciate the tip about the instance costs – until I get it running, I’ve dialed that back. The AMI is an AWS image with SQL Server, to t2. Instance types are out.
From: Fabien Delpierre [mailto:email@example.com]
Sent: Friday, September 25, 2015 10:09
To: chef firstname.lastname@example.org
Subject: [chef] Re: RE: Re: Newbie needs help creating AWS EC2 Windows instance
Usually that error would occur if you weren’t using the correct private key.
Suggestion: create an instance the exact same way you did (or use one that you still have running), go to the AWS web console, and try to download the admin credentials by using the same .pem file you used in your knife ec2 command. That’ll tell you whether you’re at least using the right one. Unless you knowingly put the .pem file corresponding to your AWS keypair in your /chefrepo/.chef directory, my guess is you’re using the wrong file.
Also, I might suggest that you don’t use m4.xlarge instances for initial testing – Windows instances of that size aren’t cheap and it will add up quickly!
On Fri, Sep 25, 2015 at 9:45 AM, Alex Neihaus email@example.com wrote:
Thanks to everyone who has responded. I am almost there.
I have knife ec2 standing up a Windows Server 2008 R2 instance and, apparently, connecting to it via winrm. However, after accessing winrm and during what I think is the attempt to bootstrap the instance to Chef, I receive an OpenSSL “padding check failed” error.
If anyone has any clues, I’d appreciate your help. Here’s the error and the knife ec2 command I am using (with the sensitive parts removed):
Waiting for EC2 to create the instance…
Subnet ID: subnet-
Private IP Address:
Waiting for winrm access to become available…done
Waiting for Windows Admin password to be available…
ERROR: OpenSSL::PKey::RSAError: padding check failed
knife ec2 server create --flavor m4.xlarge --associate-public-ip --bootstrap-protocol winrm -N WinServerTestNodeCanBeDeleted --region us-east-1 --availability-zone us-east-1d --security-group-ids sg-NNNNN -T name=WinServerTestNodeCanBeDeleted -I ami-YYYYY --user-data /path-to-user-text/usertext.txt -A -K --ssh-key --subnet subnet-XXXXXXX --identity-file /pathtochefrepo/.chef/.pem -VV