when I try to run the playbook on a remote VM using password-based authentication, I’m getting the following error:
fatal: [X.X.X.X]: UNREACHABLE! => {“changed”: false, “msg”: “Failed to connect to the host via ssh: x…@X.X.X.X: Permission denied (publickey,password).”, “unreachable”: true}
user and password are present in the inventory file.
but when I try to connect to the VM manually by SSH and using that same password: I’m able to log it. Can anyone figure the solution?
Have you given privilege escalations try doing that.
If you want password authentication, you need sshpass on your ansible controller server. Did you install it ?
Regards,
JYL
yes, sshpass is inistalled
how to give privilege escalations?
@jyle if sshpass needs to be installed on target VM as well??
I’ve given privilege escalation in playbook i.e, become: yes
Nope, only on server side
Regards,
JYL
Hello,
From one side, when using become: yes, verify if the root password on the managed nodes is the same as the controller, otherwise use -k and specify the root managed node password.
From another side, when using a dedicated user for ansible, verify if that user exist and is a sudoer on the managed nodes when using become_method: sudo.
Hope this helps !
I tried these methods…same error coming up
The ssh test you made is using the ansible controller server ?
Are you sure you are using the good ansible user on the target host ? (-u parameter for ansible-playbook)
Regards,
JY
Which inventory file do you use ? And try to run the playbook with -vvvv for debugging purposes. If you can share the output of the debugging command would be great !
Are you able to ssh from the control node to the client as that user? If so, does it fail, or are you able to log in. If you are able to log in, then you might have a problem with your ansible command syntax. Personally, when I run a playbook, I have to specify the user ( -u ) and I also have to tell ansible-playbook to ask for the password (–ask-pass )
So, for me, an execution would look something like this: ansible-playbook playbook.yml -u username --ask-pass
Of course, I am just guessing at this right now, since I am not sure I have seen how you are calling the playbook, etc. Adding the verbose options ( -vvvv ) would also be helpful in figuring out what is going on as well.
good luck!!
–John
hi, I used -vvvv option, and I found something
.
SH: EXEC ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ‘User=“seconize”’ -o ConnectTimeout=10 -o ControlPath=/home/wyxadministrator/.ansible/cp/68474f4208 x.y.z.x ‘/bin/sh -c ‘"’“‘echo ~hello && sleep 0’”’"‘’
so, if you see, password-based authentication is disabled, some that’s why it’s giving error…how to enable it?? Idk…any idea?? folks
This link will be helpful to understand how to enable password based authentication.
https://docs.bitnami.com/virtual-machine/faq/get-started/enable-ssh-password/
Verify if PasswordAuthentication is set to yes in the /etc/ssh/sshd_config and restart the sshd service on the managed node.
on the target server or on controller server??
PasswordAuthentication: is set to yes… on both target and controller servers. FYI
I’m manually able to log in to target VM by password…but no thru ansible…even I tried to use the private key as well…but still the same issue coming up…
OK for what you are saying.
Please check again if the ansible user on the target node is a sudoer user as i suppose your playbook has tasks to be run in a privileged mode.