authenticity of host cant be established

Archives Ansible Project
1

I setup a few vagrant vms and I ccan ssh to them from vagrant ssh hostname

but when i run ansible -m ping -i inventory app

it keeps saying host key verification failed and prompts me

image.png
image.png1064×153 19.6 KB

and then when i accept it gives this

image.png
image.png1542×414 63.6 KB

I am able to ssh to the vm with

ssh vagrant@192.168.0.127 with password

any idea?

2

From what you’ve said, I think you just need to point to the vagrant private key in your hosts file.

ansible_user=vagrant
ansible_ssh_private_key_file=~/.vagrant.d/insecure_private_key

3

i did. thats what i have

4

OK. Please post your inventory file.

Also, try running “ansible -m ping -i inventory app -vvv” so we can see more detail.

And, can you be sure that the private key file is good by doing “**ssh -i ~/.vagrant.d/insecure_private_key vagrant@**192.168.0.183”? If you can ssh to the managed nodes using that private key and the inventory file is properly configured to use it, then Ansible should be able to authenticate as well.

5

(ansible) Tonys-MacBook-Pro:ansible tonywong$ ansible -m ping -i hosts servers
The authenticity of host ‘192.168.0.151 (192.168.0.151)’ can’t be established.
ECDSA key fingerprint is SHA256:7qu28ehihcaflJvAR+UT9g4bAK4khkIh1gAZluMC1fg.
Are you sure you want to continue connecting (yes/no/[fingerprint])? 192.168.0.127 | UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh: tonywong@192.168.0.127: Permission denied (publickey,password).”,
“unreachable”: true
}

192.168.0.151 | UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh: Host key verification failed.”,
“unreachable”: true
}
(ansible) Tonys-MacBook-Pro:ansible tonywong$ ansible -m ping -i hosts servers -vvvv
ansible 2.9.10
config file = None
configured module search path = [‘/Users/tonywong/.ansible/plugins/modules’, ‘/usr/share/ansible/plugins/modules’]
ansible python module location = /Users/tonywong/virtualenv/ansible/lib/python3.7/site-packages/ansible
executable location = /Users/tonywong/virtualenv/ansible/bin/ansible
python version = 3.7.7 (default, Mar 10 2020, 15:43:03) [Clang 11.0.0 (clang-1100.0.33.17)]
No config file found; using defaults
setting up inventory plugins
host_list declined parsing /Users/tonywong/virtualenv/ansible/hosts as it did not pass its verify_file() method
script declined parsing /Users/tonywong/virtualenv/ansible/hosts as it did not pass its verify_file() method
auto declined parsing /Users/tonywong/virtualenv/ansible/hosts as it did not pass its verify_file() method
Parsed /Users/tonywong/virtualenv/ansible/hosts inventory source with ini plugin
Loading callback plugin minimal of type stdout, v2.0 from /Users/tonywong/virtualenv/ansible/lib/python3.7/site-packages/ansible/plugins/callback/minimal.py
META: ran handlers
<192.168.0.127> ESTABLISH SSH CONNECTION FOR USER: None
<192.168.0.127> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/Users/tonywong/.ansible/cp/02cb59e3a7 192.168.0.127 ‘/bin/sh -c ‘"’“‘echo ~ && sleep 0’”’“‘’
<192.168.0.151> ESTABLISH SSH CONNECTION FOR USER: None
<192.168.0.151> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/Users/tonywong/.ansible/cp/ffb7a15afe 192.168.0.151 '/bin/sh -c '”‘“‘echo ~ && sleep 0’”’"‘’
<192.168.0.127> (255, b’‘, b’OpenSSH_8.1p1, LibreSSL 2.7.3\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 47:Applying options for \r\ndebug2: resolve_canonicalize: hostname 192.168.0.127 is address\r\ndebug1: auto-mux: Trying existing master\r\ndebug1: Control socket “/Users/tonywong/.ansible/cp/02cb59e3a7” does not exist\r\ndebug2: ssh_connect_direct\r\ndebug1: Connecting to 192.168.0.127 [192.168.0.127] port 22.\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug1: fd 3 clearing O_NONBLOCK\r\ndebug1: Connection established.\r\ndebug3: timeout: 9990 ms remain after connect\r\ndebug1: identity file /Users/tonywong/.ssh/id_rsa type 0\r\ndebug1: identity file /Users/tonywong/.ssh/id_rsa-cert type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_dsa type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_dsa-cert type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_ecdsa type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_ecdsa-cert type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_ed25519 type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_ed25519-cert type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_xmss type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_xmss-cert type -1\r\ndebug1: Local version string SSH-2.0-OpenSSH_8.1\r\ndebug1: Remote protocol version 2.0, remote software version OpenSSH_7.4\r\ndebug1: match: OpenSSH_7.4 pat OpenSSH_7.0,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002\r\ndebug2: fd 3setting O_NONBLOCK\r\ndebug1: Authenticating to 192.168.0.127:22 as 'tonywong'\r\ndebug3: hostkeys_foreach: reading file “/Users/tonywong/.ssh/known_hosts”\r\ndebug3: record_hostkey: found key type ECDSA in file /Users/tonywong/.ssh/known_hosts:41\r\ndebug3: load_hostkeys: loaded 1 keys from 192.168.0.127\r\ndebug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521\r\ndebug3: send packet: type 20\r\ndebug1: SSH2_MSG_KEXINIT sent\r\ndebug3: receive packet: type 20\r\ndebug1: SSH2_MSG_KEXINIT received\r\ndebug2: local client KEXINIT proposal\r\ndebug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c\r\ndebug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa\r\ndebug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\r\ndebug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\r\ndebug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: compression ctos: zlib@openssh.com,zlib,none\r\ndebug2: compression stoc: zlib@openssh.com,zlib,none\r\ndebug2: languages ctos: \r\ndebug2: languages stoc: \r\ndebug2: first_kex_follows 0 \r\ndebug2: reserved 0 \r\ndebug2: peer server KEXINIT proposal\r\ndebug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1\r\ndebug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519\r\ndebug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc\r\ndebug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc\r\ndebug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: compression ctos: none,zlib@openssh.com\r\ndebug2: compression stoc: none,zlib@openssh.com\r\ndebug2: languages ctos: \r\ndebug2: languages stoc: \r\ndebug2: first_kex_follows 0 \r\ndebug2: reserved 0 \r\ndebug1: kex: algorithm: curve25519-sha256\r\ndebug1: kex: host key algorithm: ecdsa-sha2-nistp256\r\ndebug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: zlib@openssh.com\r\ndebug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: zlib@openssh.com\r\ndebug3: send packet: type 30\r\ndebug1: expecting SSH2_MSG_KEX_ECDH_REPLY\r\ndebug3: receive packet: type 31\r\ndebug1: Server host key: ecdsa-sha2-nistp256 SHA256:7qu28ehihcaflJvAR+UT9g4bAK4khkIh1gAZluMC1fg\r\ndebug3: hostkeys_foreach: reading file “/Users/tonywong/.ssh/known_hosts”\r\ndebug3: record_hostkey: found key type ECDSA in file /Users/tonywong/.ssh/known_hosts:41\r\ndebug3: load_hostkeys: loaded 1 keys from 192.168.0.127\r\ndebug1: Host '192.168.0.127' is known and matches the ECDSA host key.\r\ndebug1: Found key in /Users/tonywong/.ssh/known_hosts:41\r\ndebug3: send packet: type 21\r\ndebug2: set_newkeys: mode 1\r\ndebug1: rekey out after 134217728 blocks\r\ndebug1: SSH2_MSG_NEWKEYS sent\r\ndebug1: expecting SSH2_MSG_NEWKEYS\r\ndebug3: receive packet: type 21\r\ndebug1: SSH2_MSG_NEWKEYS received\r\ndebug2: set_newkeys: mode 0\r\ndebug1: rekey in after 134217728 blocks\r\ndebug1: Will attempt key: /Users/tonywong/.ssh/id_rsa RSA SHA256:v/ug+7JK7zhbT2Woc7P5QiB5VqVrml5UXV8lDU+7L/8\r\ndebug1: Will attempt key: /Users/tonywong/.ssh/id_dsa \r\ndebug1: Will attempt key: /Users/tonywong/.ssh/id_ecdsa \r\ndebug1: Will attempt key: /Users/tonywong/.ssh/id_ed25519 \r\ndebug1: Will attempt key: /Users/tonywong/.ssh/id_xmss \r\ndebug2: pubkey_prepare: done\r\ndebug3: send packet: type 5\r\ndebug3: receive packet: type 7\r\ndebug1: SSH2_MSG_EXT_INFO received\r\ndebug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>\r\ndebug3: receive packet: type 6\r\ndebug2: service_accept: ssh-userauth\r\ndebug1: SSH2_MSG_SERVICE_ACCEPT received\r\ndebug3: send packet: type 50\r\ndebug3: receive packet: type 51\r\ndebug1: Authentications that can continue: publickey,password\r\ndebug3: start over, passed a different list publickey,password\r\ndebug3: preferred gssapi-with-mic,gssapi-keyex,hostbased,publickey\r\ndebug3: authmethod_lookup publickey\r\ndebug3: remaining preferred: ,gssapi-keyex,hostbased,publickey\r\ndebug3: authmethod_is_enabled publickey\r\ndebug1: Next authentication method: publickey\r\ndebug1: Offering public key: /Users/tonywong/.ssh/id_rsa RSA SHA256:v/ug+7JK7zhbT2Woc7P5QiB5VqVrml5UXV8lDU+7L/8\r\ndebug3: send packet: type 50\r\ndebug2: we sent a publickey packet, wait for reply\r\ndebug3: receive packet: type 51\r\ndebug1: Authentications that can continue: publickey,password\r\ndebug1: Trying private key: /Users/tonywong/.ssh/id_dsa\r\ndebug3: no such identity: /Users/tonywong/.ssh/id_dsa: No such file ordirectory\r\ndebug1: Trying private key: /Users/tonywong/.ssh/id_ecdsa\r\ndebug3: no such identity: /Users/tonywong/.ssh/id_ecdsa: No such file or directory\r\ndebug1: Trying private key: /Users/tonywong/.ssh/id_ed25519\r\ndebug3: no such identity: /Users/tonywong/.ssh/id_ed25519: No such file or directory\r\ndebug1: Trying private key: /Users/tonywong/.ssh/id_xmss\r\ndebug3: no such identity: /Users/tonywong/.ssh/id_xmss: No such file or directory\r\ndebug2: we didnot send a packet, disable method\r\ndebug1: No more authentication methods to try.\r[ntonywong@192.168.0.127](mailto:ntonywong@192.168.0.127): Permission denied (publickey,password).\r\n’)
192.168.0.127 | UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh: OpenSSH_8.1p1, LibreSSL 2.7.3\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 47: Applying options for \r\ndebug2: resolve_canonicalize: hostname 192.168.0.127 is address\r\ndebug1: auto-mux: Trying existing master\r\ndebug1: Control socket "/Users/tonywong/.ansible/cp/02cb59e3a7" does not exist\r\ndebug2: ssh_connect_direct\r\ndebug1: Connecting to 192.168.0.127 [192.168.0.127] port 22.\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug1: fd 3 clearing O_NONBLOCK\r\ndebug1: Connection established.\r\ndebug3: timeout: 9990 ms remain after connect\r\ndebug1: identity file /Users/tonywong/.ssh/id_rsa type 0\r\ndebug1: identity file /Users/tonywong/.ssh/id_rsa-cert type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_dsa type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_dsa-cert type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_ecdsa type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_ecdsa-cert type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_ed25519 type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_ed25519-cert type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_xmss type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_xmss-cert type -1\r\ndebug1: Local version string SSH-2.0-OpenSSH_8.1\r\ndebug1: Remote protocol version 2.0, remote software version OpenSSH_7.4\r\ndebug1: match: OpenSSH_7.4 pat OpenSSH_7.0,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug1: Authenticating to 192.168.0.127:22 as ‘tonywong’\r\ndebug3: hostkeys_foreach: reading file "/Users/tonywong/.ssh/known_hosts"\r\ndebug3: record_hostkey: found key type ECDSA in file /Users/tonywong/.ssh/known_hosts:41\r\ndebug3: load_hostkeys: loaded 1 keysfrom 192.168.0.127\r\ndebug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521\r\ndebug3: send packet: type 20\r\ndebug1: SSH2_MSG_KEXINIT sent\r\ndebug3: receive packet: type 20\r\ndebug1: SSH2_MSG_KEXINIT received\r\ndebug2: local client KEXINIT proposal\r\ndebug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c\r\ndebug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa\r\ndebug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\r\ndebug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\r\ndebug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: compression ctos: zlib@openssh.com,zlib,none\r\ndebug2: compression stoc: zlib@openssh.com,zlib,none\r\ndebug2: languages ctos: \r\ndebug2: languages stoc: \r\ndebug2: first_kex_follows 0 \r\ndebug2: reserved 0 \r\ndebug2: peer server KEXINIT proposal\r\ndebug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1\r\ndebug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519\r\ndebug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc\r\ndebug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc\r\ndebug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: compression ctos: none,zlib@openssh.com\r\ndebug2: compression stoc: none,zlib@openssh.com\r\ndebug2: languages ctos: \r\ndebug2: languages stoc: \r\ndebug2: first_kex_follows 0 \r\ndebug2: reserved 0 \r\ndebug1: kex: algorithm: curve25519-sha256\r\ndebug1: kex: host key algorithm: ecdsa-sha2-nistp256\r\ndebug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: zlib@openssh.com\r\ndebug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: zlib@openssh.com\r\ndebug3: send packet: type 30\r\ndebug1: expecting SSH2_MSG_KEX_ECDH_REPLY\r\ndebug3: receive packet: type 31\r\ndebug1: Server host key: ecdsa-sha2-nistp256 SHA256:7qu28ehihcaflJvAR+UT9g4bAK4khkIh1gAZluMC1fg\r\ndebug3: hostkeys_foreach: reading file "/Users/tonywong/.ssh/known_hosts"\r\ndebug3: record_hostkey: found key type ECDSA in file /Users/tonywong/.ssh/known_hosts:41\r\ndebug3: load_hostkeys: loaded 1 keys from 192.168.0.127\r\ndebug1: Host ‘192.168.0.127’ is known and matches the ECDSA host key.\r\ndebug1: Found key in /Users/tonywong/.ssh/known_hosts:41\r\ndebug3: send packet: type 21\r\ndebug2: set_newkeys: mode 1\r\ndebug1: rekey out after 134217728 blocks\r\ndebug1: SSH2_MSG_NEWKEYS sent\r\ndebug1:expecting SSH2_MSG_NEWKEYS\r\ndebug3: receive packet: type 21\r\ndebug1: SSH2_MSG_NEWKEYS received\r\ndebug2: set_newkeys: mode 0\r\ndebug1: rekey in after 134217728 blocks\r\ndebug1: Will attempt key: /Users/tonywong/.ssh/id_rsa RSA SHA256:v/ug+7JK7zhbT2Woc7P5QiB5VqVrml5UXV8lDU+7L/8\r\ndebug1: Will attempt key:/Users/tonywong/.ssh/id_dsa \r\ndebug1: Will attempt key: /Users/tonywong/.ssh/id_ecdsa \r\ndebug1: Will attempt key: /Users/tonywong/.ssh/id_ed25519 \r\ndebug1: Will attempt key: /Users/tonywong/.ssh/id_xmss \r\ndebug2: pubkey_prepare: done\r\ndebug3: send packet: type 5\r\ndebug3: receive packet: type 7\r\ndebug1: SSH2_MSG_EXT_INFO received\r\ndebug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>\r\ndebug3: receive packet: type 6\r\ndebug2: service_accept: ssh-userauth\r\ndebug1: SSH2_MSG_SERVICE_ACCEPT received\r\ndebug3: send packet: type 50\r\ndebug3: receive packet: type 51\r\ndebug1: Authentications that can continue: publickey,password\r\ndebug3: start over, passed a different list publickey,password\r\ndebug3: preferred gssapi-with-mic,gssapi-keyex,hostbased,publickey\r\ndebug3: authmethod_lookup publickey\r\ndebug3: remaining preferred: ,gssapi-keyex,hostbased,publickey\r\ndebug3: authmethod_is_enabled publickey\r\ndebug1: Next authentication method: publickey\r\ndebug1: Offering public key: /Users/tonywong/.ssh/id_rsa RSA SHA256:v/ug+7JK7zhbT2Woc7P5QiB5VqVrml5UXV8lDU+7L/8\r\ndebug3: send packet: type 50\r\ndebug2: we sent a publickey packet, wait for reply\r\ndebug3: receive packet: type 51\r\ndebug1: Authentications that can continue: publickey,password\r\ndebug1: Trying private key: /Users/tonywong/.ssh/id_dsa\r\ndebug3: no such identity: /Users/tonywong/.ssh/id_dsa: No such file or directory\r\ndebug1: Trying private key: /Users/tonywong/.ssh/id_ecdsa\r\ndebug3: no such identity: /Users/tonywong/.ssh/id_ecdsa: No such file or directory\r\ndebug1: Trying private key: /Users/tonywong/.ssh/id_ed25519\r\ndebug3: no such identity: /Users/tonywong/.ssh/id_ed25519: No suchfile or directory\r\ndebug1: Trying private key: /Users/tonywong/.ssh/id_xmss\r\ndebug3: no such identity: /Users/tonywong/.ssh/id_xmss: No such file or directory\r\ndebug2: we did not send a packet, disable method\r\ndebug1: No more authentication methods to try.\r[ntonywong@192.168.0.127](mailto:ntonywong@192.168.0.127): Permission denied (publickey,password).”,
“unreachable”: true
}
The authenticity of host ‘192.168.0.151 (192.168.0.151)’ can’t be established.
ECDSA key fingerprint is SHA256:7qu28ehihcaflJvAR+UT9g4bAK4khkIh1gAZluMC1fg.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
<192.168.0.151> (255, b’‘, b’OpenSSH_8.1p1, LibreSSL 2.7.3\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 47:Applying options for \r\ndebug2: resolve_canonicalize: hostname 192.168.0.151 is address\r\ndebug1: auto-mux: Trying existing master\r\ndebug1: Control socket “/Users/tonywong/.ansible/cp/ffb7a15afe” does not exist\r\ndebug2: ssh_connect_direct\r\ndebug1: Connecting to 192.168.0.151 [192.168.0.151] port 22.\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug1: fd 3 clearing O_NONBLOCK\r\ndebug1: Connection established.\r\ndebug3: timeout: 9990 ms remain after connect\r\ndebug1: identity file /Users/tonywong/.ssh/id_rsa type 0\r\ndebug1: identity file /Users/tonywong/.ssh/id_rsa-cert type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_dsa type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_dsa-cert type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_ecdsa type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_ecdsa-cert type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_ed25519 type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_ed25519-cert type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_xmss type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_xmss-cert type -1\r\ndebug1: Local version string SSH-2.0-OpenSSH_8.1\r\ndebug1: Remote protocol version 2.0, remote software version OpenSSH_7.4\r\ndebug1: match: OpenSSH_7.4 pat OpenSSH_7.0,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002\r\ndebug2: fd 3setting O_NONBLOCK\r\ndebug1: Authenticating to 192.168.0.151:22 as 'tonywong'\r\ndebug3: hostkeys_foreach: reading file “/Users/tonywong/.ssh/known_hosts”\r\ndebug3: send packet: type 20\r\ndebug1: SSH2_MSG_KEXINIT sent\r\ndebug3: receive packet: type 20\r\ndebug1: SSH2_MSG_KEXINIT received\r\ndebug2: local client KEXINIT proposal\r\ndebug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c\r\ndebug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa\r\ndebug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\r\ndebug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\r\ndebug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: compression ctos: zlib@openssh.com,zlib,none\r\ndebug2: compression stoc: zlib@openssh.com,zlib,none\r\ndebug2: languages ctos: \r\ndebug2: languages stoc: \r\ndebug2: first_kex_follows 0 \r\ndebug2: reserved 0 \r\ndebug2: peer server KEXINIT proposal\r\ndebug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1\r\ndebug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519\r\ndebug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc\r\ndebug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc\r\ndebug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: compression ctos: none,zlib@openssh.com\r\ndebug2: compression stoc: none,zlib@openssh.com\r\ndebug2: languages ctos: \r\ndebug2: languages stoc: \r\ndebug2: first_kex_follows 0 \r\ndebug2: reserved 0 \r\ndebug1: kex: algorithm: curve25519-sha256\r\ndebug1: kex: host key algorithm: ecdsa-sha2-nistp256\r\ndebug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: zlib@openssh.com\r\ndebug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: zlib@openssh.com\r\ndebug3: send packet: type 30\r\ndebug1: expecting SSH2_MSG_KEX_ECDH_REPLY\r\ndebug3: receive packet: type 31\r\ndebug1: Server host key: ecdsa-sha2-nistp256 SHA256:7qu28ehihcaflJvAR+UT9g4bAK4khkIh1gAZluMC1fg\r\ndebug3: hostkeys_foreach: reading file “/Users/tonywong/.ssh/known_hosts”\r\nWarning: Permanently added '192.168.0.151' (ECDSA) to the list of known hosts.\r\ndebug3: send packet: type 21\r\ndebug2: set_newkeys: mode 1\r\ndebug1: rekey out after 134217728 blocks\r\ndebug1: SSH2_MSG_NEWKEYS sent\r\ndebug1: expecting SSH2_MSG_NEWKEYS\r\ndebug3: receive packet: type 21\r\ndebug1: SSH2_MSG_NEWKEYS received\r\ndebug2: set_newkeys: mode 0\r\ndebug1: rekey in after 134217728 blocks\r\ndebug1: Will attempt key: /Users/tonywong/.ssh/id_rsa RSA SHA256:v/ug+7JK7zhbT2Woc7P5QiB5VqVrml5UXV8lDU+7L/8\r\ndebug1:Will attempt key: /Users/tonywong/.ssh/id_dsa \r\ndebug1: Will attempt key: /Users/tonywong/.ssh/id_ecdsa \r\ndebug1: Will attempt key: /Users/tonywong/.ssh/id_ed25519 \r\ndebug1: Will attempt key: /Users/tonywong/.ssh/id_xmss \r\ndebug2: pubkey_prepare: done\r\ndebug3: send packet: type 5\r\ndebug3: receive packet: type 7\r\ndebug1: SSH2_MSG_EXT_INFO received\r\ndebug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>\r\ndebug3: receive packet: type 6\r\ndebug2: service_accept: ssh-userauth\r\ndebug1: SSH2_MSG_SERVICE_ACCEPT received\r\ndebug3: send packet: type 50\r\ndebug3: receive packet: type 51\r\ndebug1: Authentications that can continue: publickey,password\r\ndebug3: start over, passed a different list publickey,password\r\ndebug3: preferred gssapi-with-mic,gssapi-keyex,hostbased,publickey\r\ndebug3: authmethod_lookup publickey\r\ndebug3: remaining preferred: ,gssapi-keyex,hostbased,publickey\r\ndebug3: authmethod_is_enabled publickey\r\ndebug1: Next authentication method: publickey\r\ndebug1: Offering public key: /Users/tonywong/.ssh/id_rsa RSA SHA256:v/ug+7JK7zhbT2Woc7P5QiB5VqVrml5UXV8lDU+7L/8\r\ndebug3: send packet: type 50\r\ndebug2: we sent a publickey packet, wait for reply\r\ndebug3: receive packet: type 51\r\ndebug1: Authentications that can continue: publickey,password\r\ndebug1: Trying private key: /Users/tonywong/.ssh/id_dsa\r\ndebug3: no such identity: /Users/tonywong/.ssh/id_dsa: No such file or directory\r\ndebug1: Trying private key: /Users/tonywong/.ssh/id_ecdsa\r\ndebug3: no such identity: /Users/tonywong/.ssh/id_ecdsa: No such file or directory\r\ndebug1: Trying private key: /Users/tonywong/.ssh/id_ed25519\r\ndebug3: no such identity: /Users/tonywong/.ssh/id_ed25519: No such file or directory\r\ndebug1: Trying private key: /Users/tonywong/.ssh/id_xmss\r\ndebug3: no such identity: /Users/tonywong/.ssh/id_xmss: No such file or directory\r\ndebug2: we did not send a packet, disable method\r\ndebug1: No more authentication methods to try.\r[ntonywong@192.168.0.151](mailto:ntonywong@192.168.0.151): Permission denied (publickey,password).\r\n’)
192.168.0.151 | UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh: OpenSSH_8.1p1, LibreSSL 2.7.3\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 47: Applying options for \r\ndebug2: resolve_canonicalize: hostname 192.168.0.151 is address\r\ndebug1: auto-mux: Trying existing master\r\ndebug1: Control socket "/Users/tonywong/.ansible/cp/ffb7a15afe" does not exist\r\ndebug2: ssh_connect_direct\r\ndebug1: Connecting to 192.168.0.151 [192.168.0.151] port 22.\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug1: fd 3 clearing O_NONBLOCK\r\ndebug1: Connection established.\r\ndebug3: timeout: 9990 ms remain after connect\r\ndebug1: identity file /Users/tonywong/.ssh/id_rsa type 0\r\ndebug1: identity file /Users/tonywong/.ssh/id_rsa-cert type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_dsa type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_dsa-cert type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_ecdsa type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_ecdsa-cert type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_ed25519 type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_ed25519-cert type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_xmss type -1\r\ndebug1: identity file /Users/tonywong/.ssh/id_xmss-cert type -1\r\ndebug1: Local version string SSH-2.0-OpenSSH_8.1\r\ndebug1: Remote protocol version 2.0, remote software version OpenSSH_7.4\r\ndebug1: match: OpenSSH_7.4 pat OpenSSH_7.0,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug1: Authenticating to 192.168.0.151:22 as ‘tonywong’\r\ndebug3: hostkeys_foreach: reading file "/Users/tonywong/.ssh/known_hosts"\r\ndebug3: send packet: type 20\r\ndebug1: SSH2_MSG_KEXINIT sent\r\ndebug3: receive packet: type 20\r\ndebug1: SSH2_MSG_KEXINIT received\r\ndebug2: local client KEXINIT proposal\r\ndebug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c\r\ndebug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa\r\ndebug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\r\ndebug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\r\ndebug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: compression ctos: zlib@openssh.com,zlib,none\r\ndebug2: compression stoc: zlib@openssh.com,zlib,none\r\ndebug2: languages ctos: \r\ndebug2: languages stoc: \r\ndebug2: first_kex_follows 0 \r\ndebug2: reserved 0 \r\ndebug2: peer server KEXINIT proposal\r\ndebug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1\r\ndebug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519\r\ndebug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc\r\ndebug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc\r\ndebug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: compression ctos: none,zlib@openssh.com\r\ndebug2: compression stoc: none,zlib@openssh.com\r\ndebug2: languages ctos: \r\ndebug2: languages stoc: \r\ndebug2: first_kex_follows 0 \r\ndebug2: reserved 0 \r\ndebug1: kex: algorithm:curve25519-sha256\r\ndebug1: kex: host key algorithm: ecdsa-sha2-nistp256\r\ndebug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: zlib@openssh.com\r\ndebug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: zlib@openssh.com\r\ndebug3: send packet: type 30\r\ndebug1: expecting SSH2_MSG_KEX_ECDH_REPLY\r\ndebug3: receive packet: type 31\r\ndebug1: Server host key: ecdsa-sha2-nistp256 SHA256:7qu28ehihcaflJvAR+UT9g4bAK4khkIh1gAZluMC1fg\r\ndebug3: hostkeys_foreach: reading file "/Users/tonywong/.ssh/known_hosts"\r\nWarning: Permanently added ‘192.168.0.151’ (ECDSA) to the list of known hosts.\r\ndebug3: send packet: type 21\r\ndebug2: set_newkeys: mode 1\r\ndebug1: rekey out after 134217728 blocks\r\ndebug1: SSH2_MSG_NEWKEYS sent\r\ndebug1: expecting SSH2_MSG_NEWKEYS\r\ndebug3: receive packet: type 21\r\ndebug1: SSH2_MSG_NEWKEYS received\r\ndebug2: set_newkeys: mode 0\r\ndebug1: rekey in after 134217728 blocks\r\ndebug1: Will attempt key: /Users/tonywong/.ssh/id_rsa RSA SHA256:v/ug+7JK7zhbT2Woc7P5QiB5VqVrml5UXV8lDU+7L/8\r\ndebug1: Will attempt key: /Users/tonywong/.ssh/id_dsa \r\ndebug1: Will attempt key: /Users/tonywong/.ssh/id_ecdsa \r\ndebug1: Will attempt key: /Users/tonywong/.ssh/id_ed25519 \r\ndebug1: Will attempt key: /Users/tonywong/.ssh/id_xmss \r\ndebug2: pubkey_prepare: done\r\ndebug3: send packet: type 5\r\ndebug3: receive packet: type 7\r\ndebug1: SSH2_MSG_EXT_INFO received\r\ndebug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>\r\ndebug3: receive packet: type 6\r\ndebug2: service_accept: ssh-userauth\r\ndebug1: SSH2_MSG_SERVICE_ACCEPT received\r\ndebug3: send packet: type 50\r\ndebug3: receive packet: type 51\r\ndebug1: Authentications that can continue: publickey,password\r\ndebug3: start over, passed a different list publickey,password\r\ndebug3: preferred gssapi-with-mic,gssapi-keyex,hostbased,publickey\r\ndebug3: authmethod_lookup publickey\r\ndebug3: remaining preferred: ,gssapi-keyex,hostbased,publickey\r\ndebug3: authmethod_is_enabled publickey\r\ndebug1: Next authentication method: publickey\r\ndebug1: Offering public key: /Users/tonywong/.ssh/id_rsa RSA SHA256:v/ug+7JK7zhbT2Woc7P5QiB5VqVrml5UXV8lDU+7L/8\r\ndebug3: send packet: type 50\r\ndebug2: we sent a publickey packet, wait for reply\r\ndebug3: receive packet: type 51\r\ndebug1: Authentications that can continue: publickey,password\r\ndebug1: Trying private key: /Users/tonywong/.ssh/id_dsa\r\ndebug3: no such identity: /Users/tonywong/.ssh/id_dsa: No such file or directory\r\ndebug1: Trying private key: /Users/tonywong/.ssh/id_ecdsa\r\ndebug3: no such identity: /Users/tonywong/.ssh/id_ecdsa: No such file or directory\r\ndebug1: Trying private key: /Users/tonywong/.ssh/id_ed25519\r\ndebug3: no such identity: /Users/tonywong/.ssh/id_ed25519: No such file or directory\r\ndebug1: Trying private key: /Users/tonywong/.ssh/id_xmss\r\ndebug3: no such identity: /Users/tonywong/.ssh/id_xmss: No such file or directory\r\ndebug2: we did not send a packet, disable method\r\ndebug1: No more authentication methods to try.\r[ntonywong@192.168.0.151](mailto:ntonywong@192.168.0.151): Permission denied (publickey,password).”,
“unreachable”: true
}
(ansible) Tonys-MacBook-Pro:ansible tonywong$

6

ansible -m ping -i hosts all
ansible_ssh_private_key=~/.vagrant.d/insecure_private_key | UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh: ssh: Could not resolve hostname ansible_ssh_private_key=~/.vagrant.d/insecure_private_key: nodename nor servname provided, or not known”,
“unreachable”: true
}
ansible_connection=ssh | UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh: ssh: Could not resolve hostname ansible_connection=ssh: nodename nor servname provided, or not known”,
“unreachable”: true
}
ansible_ssh_user=vagrant | UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh: ssh: Could not resolve hostname ansible_ssh_user=vagrant: nodename nor servname provided, or not known”,
“unreachable”: true
}
ansible_ssh_pass=vagrant | UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh: ssh: Could not resolve hostname ansible_ssh_pass=vagrant: nodename nor servname provided, or not known”,
“unreachable”: true
}
192.168.0.127 | UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh: tonywong@192.168.0.127: Permission denied (publickey,password).”,
“unreachable”: true
}
192.168.0.151 | UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh: tonywong@192.168.0.151: Permission denied (publickey,password).”,
“unreachable”: true
}

My hosts file

ansible_ssh_pass=vagrant
ansible_ssh_private_key=~/.vagrant.d/insecure_private_key

[servers]
192.168.0.127
192.168.0.151

7

Please try this (below) in your inventory file. In the INI inventory file format, that’s how variables that apply to a group are declared.

[servers]
192.168.0.127
192.168.0.151

[servers:vars]
ansible_ssh_pass=vagrant
ansible_ssh_private_key=~/.vagrant.d/insecure_private_key

8

Also, check this YouTube video by Jeff Geerling that covers inventory files and Vagrant:
https://youtu.be/7kVfqmGtDL8?t=1226 (builds an inventory)
https://youtu.be/7kVfqmGtDL8?t=601 (builds a Vagrantfile)

I highly recommend watching his whole Ansible 101 series and getting his book (Ansible for DevOps: https://www.ansiblefordevops.com) as well.

9

Thanks

now getting a different message

(ansible) Tonys-MacBook-Pro:ansible tonywong$ ansible -m ping -i hosts servers
192.168.0.127 | FAILED! => {
“msg”: “to use the ‘ssh’ connection type with passwords, you must install the sshpass program”
}
192.168.0.151 | FAILED! => {
“msg”: “to use the ‘ssh’ connection type with passwords, you must install the sshpass program”
}

10

Please change ansible_ssh_pass=vagrant to ansible_ssh_user=vagrant

11

thanks for catching that. now getting this

192.168.0.127 | UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh: ssh: connect to host 192.168.0.127 port 22: Operation not permitted”,
“unreachable”: true
}
192.168.0.151 | UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh: ssh: connect to host 192.168.0.151 port 22: Operation not permitted”,
“unreachable”: true
}

12

I dont understand now I am seeing this

(ansible) Tonys-MacBook-Pro:ansible tonywong$ ansible -m ping -i hosts servers
The authenticity of host ‘192.168.0.99 (192.168.0.99)’ can’t be established.
ECDSA key fingerprint is SHA256:7qu28ehihcaflJvAR+UT9g4bAK4khkIh1gAZluMC1fg.
Are you sure you want to continue connecting (yes/no/[fingerprint])?

below is my hosts file

why is it asking me for this?

[servers]
192.168.0.99

[servers:vars]
ansible_ssh_user=vagrant
ansible_ssh_private_key=~/.vagrant.d/insecure_private_key

13

didnt think I needed to do this but using -u gives permission denied

ansible) Tonys-MacBook-Pro:ansible tonywong$ ansible -m ping -i hosts servers -u vagrant
192.168.0.99 | UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh: vagrant@192.168.0.99: Permission denied (publickey,password).”,
“unreachable”: true
}

14

(ansible) Tonys-MacBook-Pro:ansible tonywong$ ansible -m ping -i hosts all -vvv
ansible 2.9.10
config file = None
configured module search path = [‘/Users/tonywong/.ansible/plugins/modules’, ‘/usr/share/ansible/plugins/modules’]
ansible python module location = /Users/tonywong/virtualenv/ansible/lib/python3.7/site-packages/ansible
executable location = /Users/tonywong/virtualenv/ansible/bin/ansible
python version = 3.7.7 (default, Mar 10 2020, 15:43:03) [Clang 11.0.0 (clang-1100.0.33.17)]
No config file found; using defaults
host_list declined parsing /Users/tonywong/virtualenv/ansible/hosts as it did not pass its verify_file() method
script declined parsing /Users/tonywong/virtualenv/ansible/hosts as it did not pass its verify_file() method
auto declined parsing /Users/tonywong/virtualenv/ansible/hosts as it did not pass its verify_file() method
Parsed /Users/tonywong/virtualenv/ansible/hosts inventory source with ini plugin
META: ran handlers
<192.168.0.99> ESTABLISH SSH CONNECTION FOR USER: vagrant
<192.168.0.99> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ‘User=“vagrant”’ -o ConnectTimeout=10 -o ControlPath=/Users/tonywong/.ansible/cp/f877efebcb 192.168.0.99 ‘/bin/sh -c ‘"’“‘echo ~vagrant && sleep 0’”’"‘’
<192.168.0.99> (255, b’‘, b’vagrant@192.168.0.99: Permission denied (publickey,password).\r\n’)
192.168.0.99 | UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh: vagrant@192.168.0.99: Permission denied (publickey,password).”,
“unreachable”: true
}

15

i checked my insecure_private_key and it works fine by logging via ssh

ssh -i ~/.vagrant.d/insecure_private_key vagrant@192.168.0.99

but ansible is not working

16

ok finally got it working

I am on ansible 2.9 and had to change

ansible_ssh_user to ansible_user

and

ansible_ssh_private_key to

ansible_ssh_private_key_file

17

I am still getting this on first connect
The authenticity of host ‘192.168.0.97 (192.168.0.97)’ can’t be established.
ECDSA key fingerprint is SHA256:7qu28ehihcaflJvAR+UT9g4bAK4khkIh1gAZluMC1fg.
Are you sure you want to continue connecting (yes/no/[fingerprint])?

once I accept it goes through. why?

18

ok got it with this line

ansible_ssh_common_args=‘-o StrictHostKeyChecking=no’

19

Just adding:
Make sure you login from the user which you have created the keys from …

And added the keys for the user vagrant only.