Hi, I’m trying to use the ansible and the git module to build a deployment tool for some python code. My git repos are stored on a box we access with ssh keys. I cannot figure out how to get the git module to use my ssh key to access the repo. Currently I’m trying to keep it simple using a simple play with connection:local, but it seems my key is being lost somewhere along the way because I’m getting “Permission denied (publickey).\r\nfatal: The remote end hung up unexpectedly\n.” I can run the git command just fine, but ansible can’t.
It does not presently know how to invoke SSH agent an encrypted key. Patches would be accepted to add a key and password param to the git module.
– Michael
Mmm I would patch it but it looks like there’s no easy way to tell git which key to use. Easier to just set up your .ssh/config for it as per here: http://superuser.com/questions/232373/tell-git-which-private-key-to-use
We deal with this by using connection=ssh (native ssh connection) with agent forwarding enabled. You’ll need to have ssh-agent running on your local machine and add the key using ssh-add.
To enable agent forwarding in ssh, add the following line in your .ssh/config file:
ForwardAgent yes
Take care,
Lorin
I still like the idea of adding it to the module. No bootstrapping, far easier… Maybe also do username plus password…
– Michael
Hi Xianzhe,
are you sudoing through your playbook? if so, you’ll need to setup /etc/sudoers to keep your SSH_AUTH_SOCK environment variable.
cheers,
Stijn.
Hi Stijn, Thanks for the quick reply. Yes, adding SSH_AUTH_SOCK makes it work!
Best,
Xianzhe