I created a ansible control server, and client server. I created ‘ansible’ users on both control and remote client server. I created ssh keys use ssh-keygen, I tried to copy the ssh keys ( public key) to remote client using ssh-copy-id it fails. The OS on the two servers is Ubuntu 18.04 LTS on GCP
Please let me know what is the issue. looks like permission issue. I followed the some recommednation to update the sshd-congfiguration files to change parameters. But it still didn’t work.
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/home/ansible/.ssh/id_rsa.pub”
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed – if you are prompted now it is to install the new keys
Permission denied (publickey).
ssh-copy-id is meant to copy a public key to an account that you can already authenticate to using other means, such as password. It’s not possible to copy a key and use it to authenticate at the same time (i.e. chicken/egg).
If you didn’t set a password for the account (or you disabled password authentication, which I highly recommend) then sign in to your ‘client server’ using another account that has the right permissions, and provision the ansible account from there.
Dick
Hi Dick,
I did login to the client using public IP and created ansible user , updated the visudo to add 'ansible ALL=(ALL) NOPASSWD: ALL
I am able to login to client with the ansible user.
I am trying to copy the id_rsa.pub to client using ssh-copy-id. As far as I know that is correct method.
Can anyone recommend what is the correct approach to setup password less authentication to run ansible playbook on the clients from the control server?
can we use become, become_user parameters in the playbook ?