SSH Keys changed in kops cluster

If you change the SSH key of your kops cluster prepared in Azure, you will end up in errors as follows and this blog post is aiming to fix those errors

Error: Permission denied (publickey)

Following steps would help to resolve the issue

Delete any existing secrets of admin user

kops delete secret –name <cluster name> sshpublickey admin

If there are multiple secrets in the system, you will start seeing the following error

exactly one ‘admin’ SSH public key can be specified when running with AWS; please delete a key using kops delete secret

Inorder to find and delete the secrets one by one, use the following command (get the secrets first)

kops get secrets

Get the long ID string and substitute in the below command

kops delete secret –name <cluster name> sshpublickey admin 24:b4:36:21:96:38:2b:be:d7:6a:c7:40:e3:c0:14:1f

Create new secret with the following command. Change the name of your public key

kops create secret –name <cluster name> sshpublickey admin -i ~/.ssh/

Update the cluster with the following command

kops update cluster –yes

Rollout the update to the instances in the cluster with the following command

kops rolling-update cluster –name <cluster name> –yes

To apply the update to the user the following command should run as the final step (admin user)

kops export kubecfg –admin


No responses yet

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Comments