Ubuntu WSL Ansible - user@localhost 权限被拒绝(公钥,密码)
Ubuntu WSL Ansible - user@localhost Permission denied(publickey,password)
我正在使用 ubuntu WSL 作为 ansible 的控制器。
尝试在本地主机中安装 python 依赖项,然后启动 ec2 实例
但由于以下错误而失败:
"msg": "Failed to connect to the host via ssh: kevin@localhost: Permission denied (publickey,password)."
我修复的问题:
1.Did ssh-keygen
2.Generating public/private rsa 密钥对。
3.Enter 保存密钥的文件 (/home/user/.ssh/id_rsa):
4.Finally $ cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
成功的事情:
1.ssh localhost 正在为 kevin@localhost
2.First 我使用带有 pem 文件的现有 RHEL ec2 实例,有了这个我可以 运行 我的任务和启动实例
无法正常工作:
--2 错误类型--
剧本任务有同样的问题
失败:[localhost] (item=webserverA) =>
{"ansible_loop_var": "item", "item": "webserverA", "msg": "Failed to connect to the host via ssh: kevin@localhost: Permission denied (publickey,password).", "unreachable": 真}
致命的:[本地主机]:无法访问! => {"changed":假,"msg":"All items completed","results":[{"ansible_loop_var":"item","item":"webserverA", "msg": "Failed to connect to the host via ssh: kevin@localhost: Permission denied (publickey,password).", "unreachable": 正确}]}
<127.0.0.1> 为用户建立本地连接:
凯文
<127.0.0.1> 执行 /bin/sh -c 'echo ~kevin && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "echo /home/kevin/.ansible/tmp/ansible-tmp-1590382761.4873009-58188090245831" && echo ansible-tmp-1590382761.4873009-58188090245831="echo /home/kevin/.ansible/tmp/ansible-tmp-1590382761.4873009-58188090245831" ) && sleep 0'
"msg": "Authentication or permission failure. In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in \"/tmp\"。失败的命令是: ( umask 77 && mkdir -p \"echo /home/kevin/.ansible/tmp/ansible-tmp-1590382762.0043557-97164890408687\" && echo ansible-tmp-1590382762.0043557-97164890408687 =\"echo /home/kevin/.ansible/tmp/ansible-tmp-1590382762.0043557-97164890408687\" ), 以结果 1 退出,stdout 输出:ansible-tmp-1590382762.0043557-97164890408687=/home/kevin/.ansible/tmp/ansible-tmp-1590382762.0043557-97164890408687\n",
说明:
1.In ansible.cfg 文件应为 private_key_file .pem 文件或 id_rsa 提供哪个密钥
我的理解是 ssh 本地主机我们需要 id_rsa 和 ssh ec2 实例我们需要 .pem 文件
请支持解决问题 1
2.For 问题 2 我试图在 ansible.cfg 和 connection=local 中提供 remote_tmp 路径但没有成功
库存文件:
主机开发
[webservers]
localhost ansible_user=kevin
**Play.yml**
- name: Creates the ec2 instances
hosts: localhost
gather_facts: no
roles:
- python
tasks:
- name: Launch an EC2 Instance
ec2_instance:
//Using the access keys here
详细输出:
<localhost> ESTABLISH SSH CONNECTION FOR USER: kevin
<localhost> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=30m -o 'IdentityFile="/home/kevin/.ssh/id_rsa"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="kevin"' -o ConnectTimeout=10 -o ControlPath=/home/kevin/.ansible/cp/9faa73ac6e localhost '/bin/sh
-c '"'"'echo ~kevin && sleep 0'"'"''
<localhost> (255, b'', b'kevin@localhost: Permission denied (publickey,password).\r\n')
<localhost> ESTABLISH SSH CONNECTION FOR USER: kevin
<localhost> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=30m -o 'IdentityFile="/home/kevin/.ssh/id_rsa"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="kevin"' -o ConnectTimeout=10 -o ControlPath=/home/kevin/.ansible/cp/9faa73ac6e localhost '/bin/sh
-c '"'"'echo ~kevin && sleep 0'"'"''
您从亚马逊获得的 .pem 是私钥 id_rsa。
通过执行 ssh -i ~/.ssh/id_rsa kevin@localhost.
验证你的 Ansible 应该做什么
如果可行,那么您基本上已经具备了所有必需的部分,应该查看您的 ansible 配置来确定。
如果您无法执行以下验证:
- 您有访问密钥的权限吗?它应该是 chmod 400,所有者作为你 运行 Ansible 的用户。
- 那是该服务器上的正确用户吗?
- 在末尾添加 -v 将提供更详细的调试,您可以继续附加另一个 v(即 -vv 或 -vvv)以获得更详细的调试,最多 4 vs.
你的 ansible.cfg 应该是这样的
[defaults]
private_key_file = /home/kevin/.ssh/id_rsa
我正在使用 ubuntu WSL 作为 ansible 的控制器。 尝试在本地主机中安装 python 依赖项,然后启动 ec2 实例 但由于以下错误而失败: "msg": "Failed to connect to the host via ssh: kevin@localhost: Permission denied (publickey,password)."
我修复的问题: 1.Did ssh-keygen 2.Generating public/private rsa 密钥对。 3.Enter 保存密钥的文件 (/home/user/.ssh/id_rsa): 4.Finally $ cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
成功的事情:
1.ssh localhost 正在为 kevin@localhost
2.First 我使用带有 pem 文件的现有 RHEL ec2 实例,有了这个我可以 运行 我的任务和启动实例
无法正常工作:
--2 错误类型--
剧本任务有同样的问题
失败:[localhost] (item=webserverA) =>
{"ansible_loop_var": "item", "item": "webserverA", "msg": "Failed to connect to the host via ssh: kevin@localhost: Permission denied (publickey,password).", "unreachable": 真} 致命的:[本地主机]:无法访问! => {"changed":假,"msg":"All items completed","results":[{"ansible_loop_var":"item","item":"webserverA", "msg": "Failed to connect to the host via ssh: kevin@localhost: Permission denied (publickey,password).", "unreachable": 正确}]}
<127.0.0.1> 为用户建立本地连接:
凯文 <127.0.0.1> 执行 /bin/sh -c 'echo ~kevin && sleep 0' <127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "
echo /home/kevin/.ansible/tmp/ansible-tmp-1590382761.4873009-58188090245831" && echo ansible-tmp-1590382761.4873009-58188090245831="echo /home/kevin/.ansible/tmp/ansible-tmp-1590382761.4873009-58188090245831" ) && sleep 0'"msg": "Authentication or permission failure. In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in \"/tmp\"。失败的命令是: ( umask 77 && mkdir -p \"
echo /home/kevin/.ansible/tmp/ansible-tmp-1590382762.0043557-97164890408687\" && echo ansible-tmp-1590382762.0043557-97164890408687 =\"echo /home/kevin/.ansible/tmp/ansible-tmp-1590382762.0043557-97164890408687\" ), 以结果 1 退出,stdout 输出:ansible-tmp-1590382762.0043557-97164890408687=/home/kevin/.ansible/tmp/ansible-tmp-1590382762.0043557-97164890408687\n",
说明: 1.In ansible.cfg 文件应为 private_key_file .pem 文件或 id_rsa 提供哪个密钥 我的理解是 ssh 本地主机我们需要 id_rsa 和 ssh ec2 实例我们需要 .pem 文件 请支持解决问题 1
2.For 问题 2 我试图在 ansible.cfg 和 connection=local 中提供 remote_tmp 路径但没有成功
库存文件:
主机开发
[webservers]
localhost ansible_user=kevin
**Play.yml**
- name: Creates the ec2 instances
hosts: localhost
gather_facts: no
roles:
- python
tasks:
- name: Launch an EC2 Instance
ec2_instance:
//Using the access keys here
详细输出:
<localhost> ESTABLISH SSH CONNECTION FOR USER: kevin
<localhost> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=30m -o 'IdentityFile="/home/kevin/.ssh/id_rsa"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="kevin"' -o ConnectTimeout=10 -o ControlPath=/home/kevin/.ansible/cp/9faa73ac6e localhost '/bin/sh
-c '"'"'echo ~kevin && sleep 0'"'"''
<localhost> (255, b'', b'kevin@localhost: Permission denied (publickey,password).\r\n')
<localhost> ESTABLISH SSH CONNECTION FOR USER: kevin
<localhost> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=30m -o 'IdentityFile="/home/kevin/.ssh/id_rsa"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="kevin"' -o ConnectTimeout=10 -o ControlPath=/home/kevin/.ansible/cp/9faa73ac6e localhost '/bin/sh
-c '"'"'echo ~kevin && sleep 0'"'"''
您从亚马逊获得的 .pem 是私钥 id_rsa。
通过执行 ssh -i ~/.ssh/id_rsa kevin@localhost.
验证你的 Ansible 应该做什么如果可行,那么您基本上已经具备了所有必需的部分,应该查看您的 ansible 配置来确定。
如果您无法执行以下验证:
- 您有访问密钥的权限吗?它应该是 chmod 400,所有者作为你 运行 Ansible 的用户。
- 那是该服务器上的正确用户吗?
- 在末尾添加 -v 将提供更详细的调试,您可以继续附加另一个 v(即 -vv 或 -vvv)以获得更详细的调试,最多 4 vs.
你的 ansible.cfg 应该是这样的
[defaults]
private_key_file = /home/kevin/.ssh/id_rsa