我正在尝试对server1.xxx.com执行ansible脚本,我收到了一个拒绝权限错误。
我使用命令
创建了一个ssh密钥ssh-keygen -f t11pkey
并且还添加了密码,将密钥复制到服务器。
ssh-copy-id -i /home/user.name/t11pkey.pub user.name@server1.xxx.com
我的〜/ .ssh / config
Host server?.xxx.com
User user.name
Port 22
IdentityFile /home/user.name/.ssh/t11pkey.pub
我的钥匙许可:
-rw------- 1 user.name Domain Users 1766 Dec 5 10:55 t11pkey
-rw------- 1 user.name Domain Users 412 Dec 5 10:55 t11pkey.pub
ansible.cfg
[defaults]
filter_plugins =./filter_plugins
roles_path = ./roles
sudo_user = root
host_key_checking = False
retry_files_enabled = False
[ssh_connection]
ssh_args = -F /home/user.name/.ssh/config -o ControlMaster=auto -o ControlPersist=30m
control_path = ~/.ssh/ansible-%%r@%%h:%%p
库存文件
[new]
server1.xxx.com
我的ansible-playbook
- hosts: new
remote_user: user.name
become: true
vars_files:
- xx.yml
- xx.yml
- xx.yml
roles:
- role: ~/path/to/the/role
Anisble错误:
TASK [Gathering Facts] *****************************************************************************************************************************************************
Enter passphrase for key '/home/user.name/.ssh/t11pkey.pub':
Enter passphrase for key '/home/user.name/.ssh/t11pkey.pub':
Enter passphrase for key '/home/user.name/.ssh/t11pkey.pub':
fatal: [server1.xxx.com]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n", "unreachable": true}
ansible --version:ansible 2.3.1.0 (stable-2.3 5512c94017) last updated 2017/06/21 22:56:43 (GMT -400)
答案 0 :(得分:1)
IdentityFile参数应指向私钥(t11pkey),而不是公钥(t11pkey.pub)。