我正在尝试使Ansible连接到远程主机,但是失败,并显示以下内容:
fatal: [prod-k8s-worker02]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: deploy@xx.xx.xx.223: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true}
fatal: [prod-k8s-worker01]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: deploy@xx.xx.xx.222: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true}
fatal: [prod-k8s-worker03test]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: deploy@xx.xx.xx.224: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true}
fatal: [prod-k8s-master01]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: deploy@xx.xx.xx.221: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true}
我可以成功地ssh使用上述所有主机,而无需使用密码,而[all:vars]
ansible_connection=ssh
ansible_user=deploy
ansible_sudo=true
ansible_become=true
ansible_ssh_common_args='-o StrictHostKeyChecking=no'
。
我尝试了以下方法。
添加以下清单文件:
ansible.cfg添加了以下[defaults]
host_key_checking = False
host_key_check = False
文件:
ansible.cfg还添加了以下[ssh_connection]
# ssh arguments to use
ssh_args = -o StrictHostKeyChecking=no
文件:
-vvvv详细
使用
fatal: [prod-k8s-worker01]: UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: deploy@xx.xx.xx.222: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
"unreachable": true
}
<xx.xx.xx.223> (255, '', 'deploy@xx.xx.xx.223: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n')
fatal: [prod-k8s-worker02]: UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: deploy@xx.xx.xx.223: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
"unreachable": true
}
<xx.xx.xx.224> (255, '', 'deploy@xx.xx.xx.224: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n')
fatal: [prod-k8s-worker03test]: UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: deploy@xx.xx.xx.224: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
"unreachable": true
}
<xx.xx.xx.221> (255, '', 'deploy@xx.xx.xx.221: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n')
fatal: [prod-k8s-master01]: UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: deploy@xx.xx.xx.221: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
"unreachable": true
}
在剧本中运行时,我得到以下信息:
class subCategory extends StatefulWidget {
final int RegId;
final int AssetId;
final String title;
final int ParentId;
final int equipmentId;
subCategory(this.RegId, this.AssetId, this.title, this.ParentId,this.equipmentId, {Key key})
: super(key: key);
@override
State<StatefulWidget> createState() => _mainCategory();
}
答案 0 :(得分:0)
如果可以从控制主机SSH到目标主机(即ec2实例),但是“ ansible all -m ping”失败并显示publickey错误消息,则您需要在工作中修改ansible.cfg文件(剧本)目录。
[defaults]
inventory = ./hosts-dev
remote_user = <SSH_USERNAME>
private_key_file = /path_to/<SSH_KEY>.pem
对我来说,关键是添加private_key_file = /home/ubuntu/.ssh/my_key.pem
此外,请确保修改密钥文件的属性,例如: chmod 400 /home/ubuntu/.ssh/my_key.pem
否则,AWS将拒绝密钥为“太开放”,但这不会在错误消息中出现。 您可以通过以下方式使用来自控制主机的直接连接进行测试:
ssh -i /home/ubuntu/.ssh/my_key.pem ubuntu @ Internal_IP_Address_of_Target_Machine