OS : Ubuntu 16.04.5 LTS (GNU/Linux 4.4.0-104-generic x86_64)
ansible : ansible 2.7.8
Problem
I need to configure ansible to run another node without entering the password ( through ssh)
I have followed below method to setup the ssh with no password
-
I’m login to the control node with a user having root privileges
-
ssh-keygen
-
ssh-copy-id -i ~/.ssh/id_rsa.pub remote-host
-
ssh remote-host ( works without promoting for password)
-
I copy ansible.cfg to local folder and point my inventory
------ ansible.cfg-----
[defaults]
inventory = hosts
-------ansible.cfg-----
-
my hosts file
-------hosts-------
[rbmqnode1]
ansible_user= host=
------hosts--------
-
I ran following ansible command
sudo ansible -m ping all
its fail with below error
UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh: Permission denied (publickey,password).”,
“unreachable”: true
}
I have went through many solutions but fail to fix this issue. inserting “ansible_ssh_pass” fix me the issue but I dont want to do that. Any help appropriated.
any support highly appreciate
What’s the point of step 5? Why are you using sudo?
Is this the same user you use for normal ssh? When you did the
ssh-copy-id you transferred the public key to the remote node only for a
single user (I'm guessing root, as you were root on the control node and
did not specify a user there). If that user is different from the one
you use for ansible, then the key can't be used.
- Sebastian
Hi,
step five is to point my inventory ( point my hosts file )
Im using sudo because without it Im getting this error
| FAILED! => {
“msg”: “Cannot write to ControlPath /home/blackbeard/.ansible/cp”
}
Is this the same user you use for normal ssh?
yes.
Hi Amit,
Thanks as I mention in my problem
if I gave value for "ansible_ssh_pass= it works , But I don’t like to do that.
I can do ssh to second server without issue with the same user but I’m getting this error when I ran the ansible command
Check this link → https://www.reddit.com/r/ansible/comments/3wetnm/i_can_ssh_why_cant_i_ansible/
and see if that works.
In case it fails, we would like to know more about the setup like Ansible version, OS details on Ansible server and client, does it work fine with any other client or is it the same? If it works fine with another client, the issue can be limited to that particular client and not ANSIBLE as a whole. This is a very very basic setup so it should work perfectly fine.
Regards
AB