Ansible -未能通过ssh连接到主机:权限被拒绝(公钥,...password)
Ansible -未能通过ssh连接到主机:权限被拒绝(公钥,...password)
提问于 2019-04-29 04:51:05
我正在尝试让Ansible连接到远程主机,但是它失败了,如下所示:
fatal: [prod-k8s-worker02]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: deploy@xx.xx.xx.223: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true}
fatal: [prod-k8s-worker01]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: deploy@xx.xx.xx.222: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true}
fatal: [prod-k8s-worker03test]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: deploy@xx.xx.xx.224: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true}
fatal: [prod-k8s-master01]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: deploy@xx.xx.xx.221: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true}我可以成功的ssh,而不需要密码使用相同,所有上述主机。
我试过以下几种方法。
添加以下库存文件:
[all:vars]
ansible_connection=ssh
ansible_user=deploy
ansible_sudo=true
ansible_become=true
ansible_ssh_common_args='-o StrictHostKeyChecking=no'添加了以下ansible.cfg文件:
[defaults]
host_key_checking = False
host_key_check = False还添加了以下ansible.cfg文件:
[ssh_connection]
# ssh arguments to use
ssh_args = -o StrictHostKeyChecking=no详细
当我使用-vvvv在剧本中运行时,我得到以下内容:
fatal: [prod-k8s-worker01]: UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: deploy@xx.xx.xx.222: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
"unreachable": true
}
<xx.xx.xx.223> (255, '', 'deploy@xx.xx.xx.223: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n')
fatal: [prod-k8s-worker02]: UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: deploy@xx.xx.xx.223: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
"unreachable": true
}
<xx.xx.xx.224> (255, '', 'deploy@xx.xx.xx.224: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n')
fatal: [prod-k8s-worker03test]: UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: deploy@xx.xx.xx.224: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
"unreachable": true
}
<xx.xx.xx.221> (255, '', 'deploy@xx.xx.xx.221: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n')
fatal: [prod-k8s-master01]: UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: deploy@xx.xx.xx.221: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
"unreachable": true
}回答 1
Stack Overflow用户
发布于 2019-10-15 00:08:45
如果您可以从控制主机到目标主机(即ec2实例)进行ssh操作,但是"ansible all -m ping“使用公开密钥错误消息失败,那么您需要修改工作(剧本)目录中的ansible.cfg文件。
[defaults]
inventory = ./hosts-dev
remote_user = <SSH_USERNAME>
private_key_file = /path_to/<SSH_KEY>.pem对我来说,关键是添加private_key_file =/home/ubuntu/..ssh/my_key.pem
另外,确保修改密钥文件的属性,例如: chmod 400 /home/ubuntu/..ssh/my_key.pem
否则,AWS将以“太开放”为由拒绝密钥,但这不会在错误消息中通过。您可以通过使用来自控件主机的直接连接来测试这一点,方法是:
ssh -i /home/ubuntu/.ssh/my_key.pem ubuntu@Internal_IP_Address_of_Target_Machine
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/55897136
复制相关文章
相似问题
腾讯云开发者
