Ansible 配置错误!无法使用 SSH 密码代替密钥

Ansible provisioning ERROR! Using a SSH password instead of a key is not possible

我想使用 Ansible 从最后一个节点配置我的三个节点。

我的主机是Windows10.

我的 Vagrantfile 看起来像:

Vagrant.configure("2") do |config|

  (1..3).each do |index|
    config.vm.define "node#{index}" do |node|

      node.vm.box = "ubuntu"
      node.vm.box = "../boxes/ubuntu_base.box"

      node.vm.network :private_network, ip: "192.168.10.#{10 + index}"

      if index == 3
        node.vm.provision :setup, type: :ansible_local do |ansible|
          ansible.playbook = "playbook.yml"
          ansible.provisioning_path = "/vagrant/ansible"
          ansible.inventory_path = "/vagrant/ansible/hosts"
          ansible.limit = :all
          ansible.install_mode = :pip
          ansible.version = "2.0"
        end
      end

    end
  end

end

我的剧本看起来像:

---

# my little playbook

- name: My little playbook
  hosts: webservers
  gather_facts: false
  roles:
    - create_user

我的主机文件如下所示:

[webservers]
192.168.10.11
192.168.10.12

[dbservers]
192.168.10.11
192.168.10.13

[all:vars]
ansible_connection=ssh
ansible_ssh_user=vagrant
ansible_ssh_pass=vagrant

执行vagrant up --provision后出现以下错误:

Bringing machine 'node1' up with 'virtualbox' provider...
Bringing machine 'node2' up with 'virtualbox' provider...
Bringing machine 'node3' up with 'virtualbox' provider...
==> node3: Running provisioner: setup (ansible_local)...
    node3: Running ansible-playbook...

PLAY [My little playbook] ******************************************************

TASK [create_user : Create group] **********************************************
fatal: [192.168.10.11]: FAILED! => {"failed": true, "msg": "ERROR! Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this.  Please add this host's fingerprint to your known_hosts file to manage this host."}
fatal: [192.168.10.12]: FAILED! => {"failed": true, "msg": "ERROR! Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this.  Please add this host's fingerprint to your known_hosts file to manage this host."}

PLAY RECAP *********************************************************************
192.168.10.11              : ok=0    changed=0    unreachable=0    failed=1
192.168.10.12              : ok=0    changed=0    unreachable=0    failed=1

Ansible failed to complete successfully. Any error output should be
visible above. Please fix these errors and try again.

我用 ansible.limit = :all 扩展了我的 Vagrantfile 并添加了 [all:vars] 到主机文件,但仍然无法通过错误。

有没有人遇到同样的问题?

这个SO post给出了答案

我刚刚在负责配置的机器上扩展了 known_hosts 文件,如下所示:

我修改后的 Vagrantfile 中的片段:

...
if index == 3
    node.vm.provision :pre, type: :shell, path: "install.sh"

    node.vm.provision :setup, type: :ansible_local do |ansible|
...

我的 install.sh 看起来像:

# add web/database hosts to known_hosts (IP is defined in Vagrantfile)
ssh-keyscan -H 192.168.10.11 >> /home/vagrant/.ssh/known_hosts
ssh-keyscan -H 192.168.10.12 >> /home/vagrant/.ssh/known_hosts
ssh-keyscan -H 192.168.10.13 >> /home/vagrant/.ssh/known_hosts
chown vagrant:vagrant /home/vagrant/.ssh/known_hosts

# reload ssh in order to load the known hosts
/etc/init.d/ssh reload

在您的项目目录中创建一个文件 ansible/ansible.cfg(即目标 provisioning_path 中的 ansible.cfg),内容如下:

[defaults]
host_key_checking = false

前提是你的 Vagrant box 已经安装了 sshpass - 不清楚,因为你问题中的错误消息表明它已经安装(否则它会是“ERROR ! 要使用带密码的 'ssh' 连接类型,您必须安装 sshpass 程序 "),但在 中您明确添加它 (sudo apt-get install sshpass),就像它是不是

我正在使用 Ansible 版本 2.6.2,host_key_checking = false 的解决方案不起作用。

添加环境变量export ANSIBLE_HOST_KEY_CHECKING=False跳过指纹检查。

这个错误也可以通过导出 ANSIBLE_HOST_KEY_CHECKING 变量来解决。

export ANSIBLE_HOST_KEY_CHECKING=False

来源:https://github.com/ansible/ansible/issues/9442

我在 Ubuntu 20.04.

上使用 Ansible 2.9.6 时遇到了类似的挑战

当我运行命令时:

ansible all -m ping -i inventory.txt

我收到错误:

target | FAILED! => { "msg": "Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this. Please add this host's fingerprint to your known_hosts file to manage this host." }

这是我修复它的方法

当你安装 ansible 时,它​​会创建一个名为 ansible.cfg 的文件,可以在 /etc/ansible 目录中找到它。只需打开文件:

sudo nano /etc/ansible/ansible.cfg

取消注释此行以禁用 SSH 密钥主机检查

host_key_checking = False

现在保存文件,你现在应该没问题了。

注意:您还可以尝试通过 SSH 从您的计算机连接到服务器,将主机的指纹添加到您的 known_hosts 文件中,这会提示您保存主机的指纹指纹到您的 known_hosts 文件:

promisepreston@ubuntu:~$ ssh myusername@192.168.43.240

The authenticity of host '192.168.43.240 (192.168.43.240)' can't be established.
ECDSA key fingerprint is SHA256:9Zib8lwSOHjA9khFkeEPk9MjOE67YN7qPC4mm/nuZNU.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.43.240' (ECDSA) to the list of known hosts.

myusername@192.168.43.240's password: 
Welcome to Ubuntu 20.04.1 LTS (GNU/Linux 5.4.0-53-generic x86_64)

就这些了。

希望对您有所帮助

运行 下面的命令解决了我的问题

export ANSIBLE_HOST_KEY_CHECKING=False && ansible-playbook -i