SSH permission denied for ec2 using Ansible - amazon-ec2

I am new to Ansible and was tring to figure out how to establish a ssh connection via ansible.
I have created an ec2 instance(Linux) and i have controlling node as my local machine(Ubuntu).
Now, I have generated and added key from my local to remote instance. I am also able to ssh by running ssh ec2-user#.
But, when doing the same using ansible command
ansible -i hosts all -m ping -u ec2-user
I am getting error as:
ec2-user#13.127.222.56 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: ec2-user#13.127.222.56: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).",
"unreachable": true
}
My hosts file is:
[test]
13.127.222.56
Now, I am unable to figure out how to work with this further. I am missing some authentication required by ansible because this usually comes only when ssh is unable to get the key.

Related

Ansible Failed to connect to the host via ssh

good day.
I generated ssh-keygen via user not in root and I copied it to my remote server. I can ssh the remote server without asking for a password in the user. As far as I read from the documentations it needs to have generated ssh-key in root in order to run commands like this:
ansible all -m ping
Is there a way that I can get to this successfully without using root?
For now, I get this error:
"msg": "Failed to connect to the host via ssh: <username>#192.x.y.z: Permission denied (publickey,password).",

How to connect with ansible to an EC2 instance?

Friends,
I am trying to run some ansible tasks against an EC2 instance and getting the following error:
fatal: [ubuntu]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to
the host via ssh: ssh: connect to host 34.218.130.84 port 22:connection timed out",
"unreachable": true}
I think, the problem is related to Ansible configuration because I tryed connecting with the instance via Putty using the same IP, username and pem-file and it worked just fine.
This is how my inventory file looks like:
[brt]
ubuntu ansible_ssh_host=34.218.130.84
ansible_ssh_private_key_file=/home/mjgoncalves/ansible/chave/aws-ansible.pem
[brt:vars]
ansible_ssh_private_key_file=/home/mjgoncalves/ansible/chave/aws-ansible.pem
ansible_ssh_host=34.218.130.84
ansible_ssh_user=username
ansible_ssh_pass=passowrd
ansible_become=yes
ansible_become_method=sudo
ansible_become_pass=password
ansible_connection=ssh
...
Any idea what I may be missing?
The "ssh" in the variable names has been deprecated. You should use ansible_host instead of ansible_ssh_host (same for username, password etc., but not for the ansible_ssh_private_key_file).
The IP in the message (connect to host 34.228.140.94) is not the same as in your inventory, so it seems that it does not take the IP from the variable, or you are overwriting it somewhere else.

Ansible always has SSH error against localhost?

On a CentOS machine, I can ssh into localhost. I can also successfully "sudo ansible -m ping localhost". Port 22 is also open. I can also run a playbook against localhost where "connetion : local".
However, when trying to do anything against localhost via ansible with SSH, I get the following:
localhost | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n",
"unreachable": true
}
As far as I can tell, the other similar SO answer to a similar error here
does not really solve the problem as it basically says "well don't SSH then".

Ansible "Failed to connect to host via ssh: Permission denied" when trying -m ping all

I've been at this all morning, and I've seen multiple posts about this error in other places, but none of the solutions seem to be working for me at this point.
I'm playing around with Ansible and trying to setup my inventory + hosts for this project.
For my hosts file I have (/etc/ansible/hosts):
[test-servers]
x.x.x.x
For my inventory I have (/etc/ansible/inventory.txt):
ansible-target ansible_ssh_host=x.x.x.x ansible_user=user ansible_ssh_pass=password
But when I try to run ansible -m ping all I get:
x.x.x.x | UNREACHABLE! => {
"changed": false,
"msg": Failed to connect to the host via ssh: user#x.x.x.x: Permission denied (publickey,password,keyboard-interacgive.\r\n"
"unreachable":true
}
However, I get a pong response successfully when I run:
ansible x.x.x.x -m ping -i /etc/ansible/inventory.txt
Anyone have any idea what this might be?
Thanks in advance.
Found the solution. Needed to have it prompt me for a password to setup the initial Ansible SSH configuration.
Ansible: Permission denied (publickey, password)

How to connect to WIndows node using openSSH and Ansible?

I am trying to connect to my windows computer using OpenSSH and Ansible.
I am able to connect using regular ssh, but when I try to connect using Ansible, I get pretty much the same error everytime I change something.
I've also tried running Ansible as root and still nothing
fatal: [IVU]: UNREACHABLE! => {"changed": false, "msg": "Authentication or permission failure. In some cases, you may have been able to authenticate and did not have permissions on the remote directory. Consider changing the remote temp path in ansible.cfg to a path rooted in \"/tmp\". Failed command was: ( umask 77 && mkdir -p \"` echo /tmp/ansible-tmp-1502794936.2073953-164132649383245 `\" && echo ansible-tmp-1502794936.2073953-164132649383245=\"` echo /tmp/ansible-tmp-1502794936.2073953-164132649383245 `\" ), exited with result 1", "unreachable": true}
I've tried to change the ssh_args in ansible.cfg to ssh_args= -o ControlMaster=no and no change to the output was made.
I've tried to change the executable in the ansible.cfg to C:/Windows/System32/cmd.exe and I got the same error
I've tried changing the remote_dir=/tmp/ and still nothing.
My ansible inventory is:
[IVU]
IVU ansible_host=**IP**
[IVU:vars]
ansible_port=22
ansible_user=**user**
ansible_ssh_pass=**pass**
ansible_ssh_private_key_file=** Keyfile **
It seems like it's failing before even running any tasks, but from the openssh logs on the windows computer I see no difference when ansible connects to it and when I ssh into it.
3724 09:27:38:720 error: Couldn't create pid file "C:\\Program Files\\OpenSSH\\sshd.pid": Permission denied
3724 09:27:41:376 Accepted publickey for **User** from **IP** port 42700 ssh2: RSA SHA256:clNmiKxygl/TLEb5Ob4lZs6JqztoQyxOsjMoHQ2HYgo
3724 09:27:58:533 Received disconnect from **IP** port 42700:11: disconnected by user
3724 09:27:58:533 Disconnected from user **User** **IP** port 42700
3360 09:28:41:398 error: Couldn't create pid file "C:\\Program Files\\OpenSSH\\sshd.pid": Permission denied
3360 09:28:41:616 Accepted publickey for **User** from **IP** port 42704 ssh2: RSA SHA256:clNmiKxygl/TLEb5Ob4lZs6JqztoQyxOsjMoHQ2HYgo
3360 09:28:41:741 Received disconnect from **IP** port 42704:11: disconnected by user
3360 09:28:41:741 Disconnected from user **User** **IP** port 42704
The 9:27 is when I'm connecting using ssh and the 9:28 is when ansible connects.
Is there something I'm missing that I need to change in order for Ansible to work with openSSH on windows?
I figured out a solution by using a reverse ssh tunnel.
I abandoned the idea of trying to use the ssh ansible module with windows since Windows simply doesn't play nicely with it unless you have the windows 10 update. I decided to use the winrm ansible module instead.
What I did is I connected the windows computer to the computer running Ansible by opening a reverse SSH tunnel by using the command:
ssh -p5983 -R 5982:localhost:5986 **my_user**#**my_ip**
For my purposes I had to port forward because my computer was on a separate vlan than the windows computer
Then in Ansible I specified that the host is localhost at port 5982.
This is about as good of a solution for when working with openssh and windows, at least until Ansible supports openssh on windows.

Resources