Ansible says “Permission denied (publickey,password)”

0
votes

I have a master and a slave.
I can connect via ssh from master to the slave.
Ansible can't connect from master to the slave.

Question: What am I doing wrong, so that ansible cant connect, but ssh can?

Successful connection from master to slave via ssh

vagrant@master:~$ ssh slave.local
Enter passphrase for key '/home/vagrant/.ssh/id_rsa':
[email protected]'s password:
Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.4.0-87-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

17 packages can be updated.
9 updates are security updates.


----------------------------------------------------------------
  Ubuntu 16.04.3 LTS                          built 2017-09-08
----------------------------------------------------------------
Last login: Thu Sep 28 15:20:21 2017 from 10.0.0.10
vagrant@slave:~$

Ansible error: "Permission denied (publickey,password)"

vagrant@master:~$ ansible all -m ping -u vagrant
The authenticity of host 'slave.local (10.0.0.11)' can't be established.
ECDSA key fingerprint is SHA256:tRGlinvTj/c2gpTayZ/mYzyWbs63s+BUX81TdKJ+0jQ.
Are you sure you want to continue connecting (yes/no)? yes
Enter passphrase for key '/home/vagrant/.ssh/id_rsa':

slave.local | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Warning: Permanently added 'slave.local' (ECDSA) to the list of known hosts.\r\nPermission denied (publickey,password).\r\n",
"unreachable": true
}

This is my hosts file 

vagrant@master:~$ cat /etc/ansible/hosts
[web]
slave.local
1
sshansible
Run with -vvv switch and see what's wrong with the ssh command.Konstantin Suvorov
Is ansible trying to ssh into [email protected]? Your manual ssh example logs into [email protected].Rickkwa
@Konstantin unfortunately vvvv doesnt provide any additional information. but i added it aboveSkip
@Rickkwa "-u vagrant" makes Vagrant ssh with user "vagrant"Skip
where's -vvvv output?Konstantin Suvorov

1 Answers

0
votes

The solution was to add the private key in openSSH format to the file /home/vagrant/.ssh/id_rsa
This is where ansible is looking for the key.

This I could find out, by starting ansible in verbose mode, using key "-vvvv"

ansible all -m ping -u vagrant -vvvv

The verbose output was

10.0.0.11 | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, OpenSSL 1.0.2g  1 Mar 2016\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: Applying options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug1: Control socket \"/home/vagrant/.ansible/cp/a72f4dc97e\" does not exist\r\ndebug2: resolving \"10.0.0.11\" port 22\r\ndebug2: ssh_connect_direct: needpriv 0\r\ndebug1: Connecting to 10.0.0.11 [10.0.0.11] port 22.\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug1: fd 3 clearing O_NONBLOCK\r\ndebug1: Connection established.\r\ndebug3: timeout: 10000 ms remain after connect\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /home/vagrant/.ssh/id_rsa type -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file ...