Debian Question posted in
The oficial documentation can be found here.

Trying to test run playbook. Getting permission denied – Debian

I am trying to do a "dry-run" of a playbook. The machine I am targeting I am able to ssh into and vice versa. When I run the ansible all -m ping -vvv this is the output.

Using module file /usr/lib/python2.7/dist-packages/ansible/modules/core/system/ping.py
<192.168.4.136> ESTABLISH SSH CONNECTION FOR USER: hwaraich207970
<192.168.4.136> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=username -o ConnectTimeout=10 -o ControlPath=/home/username/.ansible/cp/ansible-ssh-%h-%p-%r 192.168.4.136 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1604952591.08-32914241935398 ` " && echo ansible-tmp-1604952591.08-32914241935398="` echo ~/.ansible/tmp/ansible-tmp-1604952591.08-32914241935
398 `" ) && sleep 0'"'"'' 
192.168.4.136 | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: Permission denied (publickey,password).rn",
    "unreachable": true
Tags:

2

Answers


  1. 0

    This could happen even if you have made sure the passwordless ssh between System A and System B (say using either ssh-copy-id command or by manually copying the public key i.e content of the idrsa.pub file on System A to .ssh/authorizedkeys file on System B. If this is happening, one of the reason could be the user home directories.

    On System A user home directory is say /home/tester and on System B, it is /users/tester, then passwordless ssh might not work. Make sure both users have the same home directory solves this issue. I observed this case in CentOS machines and on making sure the home directories for users same, the issue resolved.

    Login or Signup to reply.
  2. 0

    Ansible typically works when ssh public keys of the controller node are added to authorized keys of the remote node. This enables ansible to ssh into the remote node from the controlled node without the need for a password.

    There is an alternate way to make ansible work without sharing public keys using sshpass. In this case, you need to input the password of the remote users via the ansible_ssh_pass variable. This can be done via inventory file, group_vars, or the extra-vars.

    Regarding the error shared by you. It says, "Permission denied", meaning there is something wrong related to either ssh key sharing or password setting.

    msg": "Failed to connect to the host via ssh: Permission denied (publickey,password).rn",

    Debug mode provides more info related to the issue:

    SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=username -o ConnectTimeout=10 -o ControlPath=/home/username/.ansible/cp/ansible-ssh-%h-%p-%r 192.168.4.136 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1604952591.08-32914241935398 ` " && echo ansible-tmp-1604952591.08-32914241935398="` echo ~/.ansible/tmp/ansible-tmp-1604952591.08-32914241935

    Some relevant information you can extract from the above snippet:

    1. -o User=username: This means playbook is trying to execute from username user ID.
    2. -o PasswordAuthentication=no: This would force ansible to use public keys over password.
    3. This authentication failure is happening for 192.168.4.136.

    Please check this for official info regarding connections for ansible.
    Check this for generating and sharing ssh keys between the nodes.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search