Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
How do I shutdown my machine using terminal? Question Question
Hello, how to set up Linux? Question Question

Question

Permission is denied while connecting to server with ansible via ssh

Posted November 3, 2017 90k views
Ansible

I’m getting the error below when I’m writing this

ansible -m ping all

host1 | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: Permission denied (publickey,password).\r\n",
    "unreachable": true
}

I have gone through all the steps in this tutorial and now I’m stuck at step 3. https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-ansible-on-ubuntu-16-04

Any help is appreciated.

Add a comment
demiculus
By:
demiculus

Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
How do I shutdown my machine using terminal? Question Question
Hello, how to set up Linux? Question Question
Add a comment
1 comment
  • bahmouminy March 7, 2021
    Reply Report

    Hi,

    I’m trying to automate adding new servers via Ansible.
    So I would like to use root private-key instead of root password

    right now i use this commande :
    *
    ansible all -m user -a “name=myapp state=present password={{ user_password }}” -u root -k*

    It prompt me for root password

    I would like to user the following one :

    ansible all -m user -a “name=myapp state=present password={{ userpassword }}” -u root –private-key=/root/.ssh/idrsa

    But I can’t use this one because my my ansible user do not have privilege to access the root private key

    Can anyone have solution please

    NB: root pub key is already copied to the node server.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
6 answers
maheshvshet March 31, 2018

This could happen even if you have made sure the passwordless ssh between System A and System B (say using either ssh-copy-id command or by manually copying the public key i.e content of the idrsa.pub file on System A to .ssh/authorizedkeys file on System B. If this is happening, one of the reason could be the user home directories.

On System A the user home directory is say /home/tester and on System B, it is /users/tester, then passwordless ssh might not work. Make sure both users have same home directory solves this issue. I observed this case in CentOS machines and on making sure the home directories for users same, the issue resolved.

Reply Report
sumanth82 January 22, 2020
  • From the Ansible master run ssh to the remote target and see if that works:
ssh <user>@<target>

If this works ssh is enabled, move on to the next step.

  • Try the following from the Ansible master:
ansible-playbook -i inventory.yaml --private-key=/home/<user_id>/.ssh/id_rsa <playbook>.yaml -u <user_id>

If this fails with the following error, steps listed after the error should fix:

  TASK [Gathering Facts] *********************************************************
  fatal: [x-host.com]: UNREACHABLE! => {"changed": false, "msg": "Authentication failed.", "unreachable": true}
    to retry, use: --limit 

  PLAY RECAP *********************************************************************
  x-host.com   : ok=0    changed=0    unreachable=1    failed=0

  • On the remote host, move/rename the ~/.ssh/authorized_keys file.

  • Then from the ansible master run the following:

ssh-copy-id -i ~/.ssh/id_rsa.pub <user-id>@<x-host>

// ssh-copy-id — use locally available keys to authorise logins on remote machine

  • This creates an authorized_keys file in the remote server ~/.ssh folder for the <user-id> user.

  • Now run the ansible playbook and should work.

edited by MattIPv4
Reply Report
mh04 September 8, 2018

This error usually occurs when their is no valid public key set for the target server.

First check whether you have valid public and private key generated for the user which you are using.
Keep public key in target server and private key in control server
Get the path for private key and configure it in ansible.cfg file(check ansible docs for this)

Reply Report
valegagliardi November 3, 2017

Hi there! What happens if you try to connect to your server via SSH?

ssh root@your_server_ip
Reply Report
  • demiculus November 4, 2017

    It connects

    Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.4.0-98-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud

25 packages can be updated.
0 updates are security updates.


Last login: Sat Nov  4 06:10:48 2017 from 87.92.112.123
    Reply Report
    • cirobessa January 22, 2020

      It’s So simple. If the ssh works!!

      Just add the bellow entrance in the file /etc/ansible/hosts located in you Ansible master.

      <your_server_ip> ansible_user=root

      Best regards,
      Ciro Bessa

      Reply Report
5car1z November 4, 2017

Did you work through the prerequisite tutorial listed at the beginning of the Ansible installation article?
Specifically step 4.

This one: Initial Server Setup with Ubuntu 16.04

It looks like you don’t have your user’s public SSH key present on the remote droplet that Ansible uses to authenticate? I’m not sure however.

Initial Server Setup with Ubuntu 16.04
by Mitchell Anicas
When you start a new server, there are a few steps that you should take every time to add some basic security and give you a solid foundation. In this guide, we'll walk you through the basic steps necessary to hit the ground running with Ubuntu 16.04.
Reply Report
yachtman November 16, 2017

Since you can connect directly, your ansible is defaulting to a different key. Create/edit your ansible.cfg file in your playbook directory and add a line for the location of your key:

[defaults]
privatekeyfile = /Users/username/.ssh/private_key

Reply Report

Related

Looking for something else?

Ask a new question Search for more help