Losing the SSH connection - server UNREACHABLE

Gorby · October 1, 2023, 7:17pm

Hi,
I’m new to Ansibel and i have been following “Learn Linux TV” youtube channel and his Ansibel episodes.

My problem is that i lose the connection when i run commands without specify the path to ¨/.ssj/ansibel and inventory.

Error description
It works to ping if i include my ssh file and inventory file:
ansible all --key-file ~/.ssh/ansible -i inventory -m ping

Then i created an ansible.cfg file and added inventory and private-key-file
ansible all -m ping
Both works.

The problem is that after a while, when i run the same command (ansible all -m ping), i receive below error message:

ansible all -m ping
192.168.1.70 | UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh: goran@192.168.1.70: Permission denied (publickey,password).”,
“unreachable”: true
}
192.168.1.72 | UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh: goran@192.168.1.72: Permission denied (publickey,password).”,
“unreachable”: true
}

I can solve this problem if i run ansible all --key-file ~/.ssh/ansible -i inventory -m ping again.
After that i can run ansible all -m ping and other ansible commands (no path to ssh) with no errors.
It also works to run a playbook (but after a have run ansible all --key-file ~/.ssh/ansible -i inventory -m ping)

So it seems that i lost the path to my local ssh-file after a while.
I have search but not found why i lose the settings to ssh.

Does anyone know why i get this result and how to solve it?

Thanks in advance.

My settings

Debian GNU/Linux 11 (bullseye)|
Release: 11
Codename: bullseye

ansible [core 2.12.10]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/goran/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3/dist-packages/ansible
  ansible collection location = /home/goran/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110]
  jinja version = 2.11.3
  libyaml = True


ansible-playbook [core 2.12.10]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/goran/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3/dist-packages/ansible
  ansible collection location = /home/goran/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible-playbook
  python version = 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110]
  jinja version = 2.11.3
  libyaml = True
...

...

Ansibel project path:
/home/goran/git-projects/ansible/ansible_tutorial

**ansible.cfg**
defaults]
inventory = inventory
private-key-file =~ /.ssh/ansible

**inventory**
192.168.1.70
192.168.1.72 

**install_apache.yml**
---
- name: Install Apache
  hosts: all
  become: true
  tasks:
    - name: Install Apache package
      apt:
        name: apache2
        state: present
...

auckland · October 1, 2023, 10:20pm

are you meant to have that space between tilde and slash in your ansible.cfg?

Gorby · October 1, 2023, 10:25pm

I uninstalled Ansible and remove all settings under /etc/ansible and thereafter install Ansible again.

According to ansible --version

it seems that ansible should use my ansible.cfg.
Ansible should be using “my” ansible.cfg, but is not.

config file = /home/goran/git-projects/ansible/ansible_tutorial/ansible.cfg
I don’t understand why it isn’t use my ansible.cfg?

$ ansible --version
ansible [core 2.12.10]
  config file = /home/goran/git-projects/ansible/ansible_tutorial/ansible.cfg
  configured module search path = ['/home/goran/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3/dist-packages/ansible
  ansible collection location = /home/goran/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110]
  jinja version = 2.11.3
  libyaml = True

ansible-playbook [core 2.12.10]
  config file = /home/goran/git-projects/ansible/ansible_tutorial/ansible.cfg
  configured module search path = ['/home/goran/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3/dist-packages/ansible
  ansible collection location = /home/goran/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible-playbook
  python version = 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110]
  jinja version = 2.11.3
  libyaml = True

Citat

auckland · October 1, 2023, 10:31pm

you’ve changed the topic now. I was curious to know what happens when you try to run a play with a correct private-key-file path in your ansible.cfg e.g., private-key-file = ~/.ssh/ansible

rather than =~ /.ssh/ansible
which has an extra space in it that breaks the path

Gorby · October 1, 2023, 10:37pm

Hi auckland,
I just found this space.
And removed it but ut still not work…

Is there a way to investigate which .ssh-file being used?

Because it works fine if i add it in my call: ansible all --key-file ~/.ssh/ansible -i inventory -m ping ?
And after i run this command, it works fine to run: ansible all -m ping

…
ansible.cfg
defaults]
inventory = inventory
private-key-file = ~/.ssh/ansible
…

auckland · October 1, 2023, 10:46pm

mmm I’m a bit of a layman myself, the documentation seems pretty straight forward to me. regarding troubleshooting, sounds like you’ve done some troubleshooting yourself by manually specifying the file and confirming it’s ok… I genuinely thought the space you had was going to fix the problem you’re facing.

Ansible Configuration Settings — Ansible Documentation

ptn · October 3, 2023, 6:20pm

Hi,

config file = /home/goran/git-projects/ansible/ansible_tutorial/ansible.cfg
I don’t understand why it isn’t use my ansible.cfg?

By “my ansible.cfg”, I think you mean the one you create on /etc/ansible/ ? If so, a config file located in the current directory will have an higher priority.

So first ensure you’re using the correct config file (the one you defined key file path), and with correct syntax (space between ‘~’ and / as mentioned by @auckland , and also a missing ‘[’ for defaults section, though it might be a paste issue), or just put ~/.ssh/ansible content in ~/.ssh/config (default OpenSSH-client config file) file so these paramaters will be automatically used by Ansible. You can check which config file you’re using either with ansible --version command, as you noticed, or with ansible-config dump | grep CONFIG_FILE.
Personaly, I like to define config file path in ANSIBLE_CONFIG envvar (exported from ~/.bashrc), mostly because this config file is versioned and shared among my team and you can’t predict repo clone path for your teammates.

If you still encounter the issue, run your command again with ANSIBLE_DEBUG=1 envvar or -vvvv flag and post the output here.