This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 14.000000000000002%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
I am trying to connect to a Windows node in AKS VMSS by following the steps below, but the connection fails with "Permission denied (public key).".
Please tell me how to connect.
■Interactive shell connection to a Linux node
PS /home/k_kimura> kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
aks-agentpool-95678981-vmss000000 Ready agent 103m v1.22.6 10.240.0.4 - Ubuntu 18.04.6 LTS 5.4.0-1083-azure containerd://1.5.11+azure-2
aks-agentpool-95678981-vmss000001 Ready agent 103m v1.22.6 10.240.0.35 - Ubuntu 18.04.6 LTS 5.4.0-1083-azure containerd://1.5.11+azure-2
akspool02000000 Ready agent 100m v1.22.6 10.240.0.66 - Windows Server 2019 Datacenter 10.0.17763.3046 docker://20.10.9
akspool02000001 Ready agent 100m v1.22.6 10.240.0.97 - Windows Server 2019 Datacenter 10.0.17763.3046 docker://20.10.9
akspool02000002 Ready agent 100m v1.22.6 10.240.0.128 - Windows Server 2019 Datacenter 10.0.17763.3046 docker://20.10.9
PS /home/k_kimura> kubectl debug node/aks-agentpool-95678981-vmss000000 -it --image=mcr.microsoft.com/dotnet/runtime-deps:6.0
Creating debugging pod node-debugger-aks-agentpool-95678981-vmss000000-d24t4 with container debugger on node aks-agentpool-95678981-vmss000000.
If you don't see a command prompt, try pressing enter.
root@aks-agentpool-95678981-vmss000000:/#
■Open a 2022: 22 connection to a deployed pod
PS /home/k_kimura> kubectl get pods
NAME READY STATUS RESTARTS AGE
node-debugger-aks-agentpool-95678981-vmss000000-d24t4 1/1 Running 0 57s
PS /home/k_kimura> kubectl port-forward node-debugger-aks-agentpool-95678981-vmss000000-d24t4 2022:22
Forwarding from 127.0.0.1:2022 -> 22
■SSH connection to a Windows node
PS /home/k_kimura> kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
aks-agentpool-95678981-vmss000000 Ready agent 103m v1.22.6 10.240.0.4 - Ubuntu 18.04.6 LTS 5.4.0-1083-azure containerd://1.5.11+azure-2
aks-agentpool-95678981-vmss000001 Ready agent 103m v1.22.6 10.240.0.35 - Ubuntu 18.04.6 LTS 5.4.0-1083-azure containerd://1.5.11+azure-2
akspool02000000 Ready agent 100m v1.22.6 10.240.0.66 - Windows Server 2019 Datacenter 10.0.17763.3046 docker://20.10.9
akspool02000001 Ready agent 100m v1.22.6 10.240.0.97 - Windows Server 2019 Datacenter 10.0.17763.3046 docker://20.10.9
akspool02000002 Ready agent 100m v1.22.6 10.240.0.128 - Windows Server 2019 Datacenter 10.0.17763.3046 docker://20.10.9
PS /home/k_kimura> ssh -o 'ProxyCommand ssh -p 2022 -W %h:%p azureuser@127.0.0.1' azureuser@10.240.0.66
Authorized uses only. All activity may be monitored and reported.
azureuser@127.0.0.1: Permission denied (publickey).
ssh_exchange_identification: Connection closed by remote host
PS /home/k_kimura>
I am trying SSH access to the Windows node at the following URL. But I can't connect ... I would appreciate it if you could tell me what went wrong.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 35%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hello @木村 公一 ,
Thanks for reaching out to Microsoft QnA Platform.
Looking at the error, this looks like something went wrong with the public key. You can try updating the public key on the nodes by generating a new public-private key pair. That should most probably resolve the issue, but kindly be aware that the public key will get rolled back once the AKS cluster is upgraded.
The issue is described here - #2044.
Hope this helps. For any queries, please revert back and tag me. Thank You.
------------
Please accept as answer if the information was helpful.