How to Run Ansible Playbook using a public ssh key

1
votes

I'm trying to run my Ansible playbook on a remote server using a provided ssh key.

I have added the following configuration to my inventory file:

all:
  hosts:
    server1:
      ansible_host: [email protected]
      dest_dir: /root
      sample_tree: sample_tree.txt
      private_key_file: ../config/id_rsa_tf

I have referenced it in my playbook using the following:

- name: "Nightly Deploy"
  hosts: server1
  remote_user: sysuser
  tasks:
    - name: Copy test from local to remote
      tags:
        - copy
        - all
      copy:
        src: "test.tgz"
        dest: "{{ dest_dir }}/test.tgz"

I am running the playbook with the following command:

ansible-playbook --tags="copy" -v -i inventories/nightly-build.yaml playbooks/nightly-build.yaml

The error I'm getting is the following:

fatal: [server1]: UNREACHABLE! => {"changed": false, "msg": "Failed to
connect to the host via ssh: Permission denied (publickey,gssapi- keyex,gssapi-with-mic,password).", "unreachable": true}

Is my private_key_file wrong in my inventory file or am I calling it wrong? and help would be great

1
ansibleansible-inventory
might be a user issue as well. Are you passing the correct user, you can try passing it using -u.Pacifist
Do I have to pass the user at run time, if I am specifying a remote_user in the playbook?user3292394
See ansibledaily.com/troubleshooting-ansible-connection-issuesVladimir Botka
Both comments really helped thanks. turns out, my issue was caused by not passing the host and passing the wrong var name in my inventory, it should be ansible_ssh_private_key_fileuser3292394

1 Answers

5
votes

This error usually occurs when there is no valid public and private key generated and setup.

Try any of the following approaches:

  1. Create/edit your ansible.cfg file in your playbook directory and add a line for the full path of your key:

    [defaults]
privatekeyfile = /Users/username/.ssh/private_key

    It sets private key globally for all hosts in your playbook.

  2. Add the private key to your playbook using the following line:

    vars:
  ansible_ssh_private_key_file: "/home/ansible/.ssh/id_rsa"

  3. You can also define the private key to use directly in command line:

    ansible-playbook -vvvv --private-key=/Users/you/.ssh/your_key playbookname.yml