Tuesday, November 2, 2021

[SOLVED] Referencing a Private SSH Key between two machines

Issue

I am new to server administration and I am seeing If anyone can help. Any advice is very appreciated.

I ran into this issue while setting up my Centos7 server with Ansible. In my ansible.cfg file within (/etc/ansible/ on the server) a private key requires reference ( private_key_file=/path/to/file ). I am assuming this is why I get 'Permission Denied' when trying to ping all hosts.

I am wondering how I can reference the private key I use to connect to the server from my machine. If this is even the cause of the 'Permission Denied'. I have my private key and public key on my machine and the public key content copied onto the server's .ssh/authorized_keys file.

Filesharing on my Macbook is turned off I don't believe that's required for ssh as I can connect to the server.

Ansible attempts to establish a connection with my username (not none)

Code I used: ansible -m ping all -vvv

host1 | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).", "unreachable": true } host2 | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).", "unreachable": true }


Solution

The message indicates that there is most probably no ssh-key provided. Check if Ansible really uses the ansible.cfg file you used for configuration:

$ ansible --version
ansible-config 2.7.8
  config file = None
  configured module search path = [u'/home/ec2-user/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python2.7/site-packages/ansible
  executable location = /usr/local/bin/ansible
  python version = 2.7.16 (default, Jul 19 2019, 22:59:28) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]

Alternatively you can attach the keyfile directly in the ansible command like this:

ansible -m ping hosts --private-key=~/.ssh/keys/id_rsa -u <desiredUsername>

See https://ansible-tips-and-tricks.readthedocs.io/en/latest/ansible/commands/#running-ansible-as-a-different-user for reference.

There's also the possibility that you're using the wrong private key. You must use the private key of your target machine(s). To create a keypair see this example here:

https://help.github.com/en/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent



Answered By - Patrick Pötz
at