Failed to connect to the host via ssh: Permission denied (publickey,password)

[fulgorit]

192.168.1.113 | UNREACHABLE! => {
    "changed": false, 
    "msg": "Failed to connect to the host via ssh: Permission denied (publickey,password).\r\n", 
    "unreachable": true
}

I have this error I use Debian Stretch and a guest manjaro in virtualbox.

[roydondsouza]

Facing the same issue. Following.

[lktslionel]

Can you launch the same command with the option -vvvv for more output. please !

[guruprasad85]

guru@tj-lp140:/etc/ansible$ ansible all -m ping -vvv
Using /etc/ansible/ansible.cfg as config file
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/core/system/ping.py
<35.165.79.66> ESTABLISH SSH CONNECTION FOR USER: None
<35.165.79.66> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/guru/.ansible/cp/ansible-ssh-%h-%p-%r 35.165.79.66 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /tmp/ansible-tmp-1482309322.49-151682117578429 `" && echo ansible-tmp-1482309322.49-151682117578429="` echo /tmp/ansible-tmp-1482309322.49-151682117578429 `" ) && sleep 0'"'"'' 

[lktslionel]

Thanks.
From your output, I see that you don't have any ansible_user specified :

<35.165.79.66> ESTABLISH SSH CONNECTION FOR USER: None

Cat you show the content of your inventory file too ?

[guruprasad85]

# This is the default ansible 'hosts' file.
#
# It should live in /etc/ansible/hosts
#
#   - Comments begin with the '#' character
#   - Blank lines are ignored
#   - Groups of hosts are delimited by [header] elements
#   - You can enter hostnames or ip addresses
#   - A hostname/ip can be a member of multiple groups

# Ex 1: Ungrouped hosts, specify before any group headers.

## green.example.com
## blue.example.com
## 192.168.100.1
## 192.168.100.10

# Ex 2: A collection of hosts belonging to the 'webservers' group

[webservers]
35.165.79.66

# If you have multiple hosts following a pattern you can specify
# them like this:

## www[001:006].example.com

# Ex 3: A collection of database servers in the 'dbservers' group

## [dbservers]
## 
## db01.intranet.mydomain.net
## db02.intranet.mydomain.net
## 10.25.1.56
## 10.25.1.57

# Here's another example of host ranges, this time there are no
# leading 0s:

## db-[99:101]-node.example.com

[guruprasad85]

ssh ubuntu@35.165.79.66 connection will establish. but ansible command not able to complete.

[lktslionel]

Good,
It's a bit hard to debug when you specify all in your command.

Comment all lines in your hosts file add this line

[webserver]
35.165.79.66 ansible_user=ubuntu 

and try to run :

$: ansible webserver -m ping -vvv

And show me the output.
Regards

[guruprasad85]

guru@tj-lp140:/etc/ansible$ ansible webservers -m ping -vvv
Using /etc/ansible/ansible.cfg as config file
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/core/system/ping.py
<35.165.79.66> ESTABLISH SSH CONNECTION FOR USER: ubuntu
<35.165.79.66> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ubuntu -o ConnectTimeout=10 -o ControlPath=/home/guru/.ansible/cp/ansible-ssh-%h-%p-%r 35.165.79.66 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1482312980.96-238945640414494 `" && echo ansible-tmp-1482312980.96-238945640414494="` echo $HOME/.ansible/tmp/ansible-tmp-1482312980.96-238945640414494 `" ) && sleep 0'"'"''
<35.165.79.66> PUT /tmp/tmpxll2kJ TO /home/ubuntu/.ansible/tmp/ansible-tmp-1482312980.96-238945640414494/ping.py
<35.165.79.66> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ubuntu -o ConnectTimeout=10 -o ControlPath=/home/guru/.ansible/cp/ansible-ssh-%h-%p-%r '[35.165.79.66]'
<35.165.79.66> ESTABLISH SSH CONNECTION FOR USER: ubuntu
<35.165.79.66> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ubuntu -o ConnectTimeout=10 -o ControlPath=/home/guru/.ansible/cp/ansible-ssh-%h-%p-%r 35.165.79.66 '/bin/sh -c '"'"'chmod u+x /home/ubuntu/.ansible/tmp/ansible-tmp-1482312980.96-238945640414494/ /home/ubuntu/.ansible/tmp/ansible-tmp-1482312980.96-238945640414494/ping.py && sleep 0'"'"''
<35.165.79.66> ESTABLISH SSH CONNECTION FOR USER: ubuntu
<35.165.79.66> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ubuntu -o ConnectTimeout=10 -o ControlPath=/home/guru/.ansible/cp/ansible-ssh-%h-%p-%r -tt 35.165.79.66 '/bin/sh -c '"'"'/usr/bin/python /home/ubuntu/.ansible/tmp/ansible-tmp-1482312980.96-238945640414494/ping.py; rm -rf "/home/ubuntu/.ansible/tmp/ansible-tmp-1482312980.96-238945640414494/" > /dev/null 2>&1 && sleep 0'"'"''
35.165.79.66 | FAILED! => {
    "changed": false, 
    "failed": true, 
    "invocation": {
        "module_name": "ping"
    }, 
    "module_stderr": "Shared connection to 35.165.79.66 closed.\r\n", 
    "module_stdout": "/bin/sh: 1: /usr/bin/python: not found\r\n", 
    "msg": "MODULE FAILURE"
}

[fulgorit]

<192.168.1.113> ESTABLISH SSH CONNECTION FOR USER: fulgor
<192.168.1.113> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=fulgor -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r 192.168.1.113 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1482330370.75-42265180130710 `" && echo ansible-tmp-1482330370.75-42265180130710="` echo $HOME/.ansible/tmp/ansible-tmp-1482330370.75-42265180130710 `" ) && sleep 0'"'"''
192.168.1.113 | UNREACHABLE! => {
    "changed": false, 
    "msg": "Failed to connect to the host via ssh: Permission denied (publickey,password).\r\n", 
    "unreachable": true
}

I changed the image disk in virtual box so the ssh key has been regenerated but from this moment I have an error message.

Could you help me ?

[fulgorit]

Generate the ssh key on the master node:

root@master:~# ssh-keygen -t rsa -C "name@example.org"

Then copy your public key to the servers with ssh-copy-id:

root@master:~# ssh-copy-id user@child1.dev
root@master:~# ssh-copy-id user@child2.dev

I got this informations on this website https://valdhaus.co/writings/ansible-post-install/ and it is working

[lktslionel]

@guruprasad85 it looks like you miss "python" on the remote machine (35.165.79.66).

"module_name": "ping"
},
"module_stderr": "Shared connection to 35.165.79.66 closed.\r\n",
"module_stdout": "/bin/sh: 1: /usr/bin/python: not found\r\n",
"msg": "MODULE FAILURE"
}

[guruprasad85]

Hi,
I have found the solution.
If you are using ami(ubuntu 16) OS then there is no python installed, so you need to install it. Use below command to install python -

sudo apt-get install python-minimal -y

or

you need to use ami(ubuntu 14)OS. It has python 2.7.

Note : confirm which version of OS you have in your system.

[lktslionel]

Glad you found the solution.

[ganfotry]

I'm trying to ping from an Ansible control machine (installed in a UBUNTU 14.04 VM), to a cent OS instance.
Both are google cloud instance (with python installed).
I'm unsure about the connection status between them. From the below results of ansible all -m ping I could see there is something wrong with my SSH.

35.185.191.25 | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).\r\n",
    "unreachable": true

# ansible all -m ping -vvv
Using /etc/ansible/ansible.cfg as config file
META: ran handlers
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/system/ping.py
<127.0.0.1> ESTABLISH SSH CONNECTION FOR USER: None
<127.0.0.1> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/21f0e6a9ae 127.0.0.1 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/system/ping.py
<35.185.191.25> ESTABLISH SSH CONNECTION FOR USER: gane
<35.185.191.25> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=gane -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/4596e88996 35.185.191.25 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<127.0.0.1> (255, '', 'Permission denied (publickey).\r\n')
127.0.0.1 | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: Permission denied (publickey).\r\n",
    "unreachable": true
}
<35.185.191.25> (255, '', 'Permission denied (publickey,gssapi-keyex,gssapi-with-mic).\r\n')
35.185.191.25 | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).\r\n",
    "unreachable": true
}

Could you suggest me to achieve the connection between my VMs.

[luvpreetsingh]

I am having the same problem @ganfotry . What is the cause of this issue ? Please direct me the right way.

[ganfotry]

I fixed it by generating keys in both the VMs and then copying the keys viceversa inside authorized_keys. I got the below response then:) ``` ansible -m ping all 127.0.0.1 | SUCCESS => { "changed": false, "ping": "pong" } 35.186.***.*** | SUCCESS => { "changed": false, "ping": "pong" ```

[riteshpuj2013]

I was getting the same problem:

$ ansible local -m ping
127.0.0.1 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey,password).\r\n",
"unreachable": true
}

Solved the issue by installing sshpass using command:

sudo apt-get install sshpass

After installng sshpass, I executed this command:

ansible local -m ping --ask-pass
SSH password:
127.0.0.1 | SUCCESS => {
"changed": false,
"ping": "pong"
}
```
Hope this helps!!!

[ninjakitteh69]

this worked for me, so may help you as well.
Try registering the private key to your keychain

ssh-agent bash
ssh-add <path to private key>

if this works, try adding the keys to your ~/.ssh/config file

[saladi123]

Hi,
I am getting the below error while run the command in ansible tower GUI mode.

192.168.122.136 | UNREACHABLE! => {
    "changed": false, 
    "msg": "Failed to connect to the host via ssh: Warning: Permanently added '192.168.122.136' (ECDSA) to the list of known hosts.\r\nPermission denied (publickey,password).\r\n", 
    "unreachable": true 
}

But I'm able to get the result in CLI mode on the server.

[root@node2 ~]# ansible -m ping testservers
openstack | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}

Below is the descried output

[root@node2 ~]# ansible testservers -m ping -vvv
Using /etc/ansible/ansible.cfg as config file
META: ran handlers
Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/ping.py
<192.168.122.136> ESTABLISH SSH CONNECTION FOR USER: None
<192.168.122.136> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/859aa03053 192.168.122.136 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<192.168.122.136> (0, '/root\n', '')
<192.168.122.136> ESTABLISH SSH CONNECTION FOR USER: None
<192.168.122.136> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/859aa03053 192.168.122.136 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1497787246.45-142355876761696 `" && echo ansible-tmp-1497787246.45-142355876761696="` echo /root/.ansible/tmp/ansible-tmp-1497787246.45-142355876761696 `" ) && sleep 0'"'"''
<192.168.122.136> (0, 'ansible-tmp-1497787246.45-142355876761696=/root/.ansible/tmp/ansible-tmp-1497787246.45-142355876761696\n', '')
<192.168.122.136> PUT /tmp/tmpkAYqIN TO /root/.ansible/tmp/ansible-tmp-1497787246.45-142355876761696/ping.py
<192.168.122.136> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/859aa03053 '[192.168.122.136]'
<192.168.122.136> (0, 'sftp> put /tmp/tmpkAYqIN /root/.ansible/tmp/ansible-tmp-1497787246.45-142355876761696/ping.py\n', '')
<192.168.122.136> ESTABLISH SSH CONNECTION FOR USER: None
<192.168.122.136> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/859aa03053 192.168.122.136 '/bin/sh -c '"'"'chmod u+x /root/.ansible/tmp/ansible-tmp-1497787246.45-142355876761696/ /root/.ansible/tmp/ansible-tmp-1497787246.45-142355876761696/ping.py && sleep 0'"'"''
<192.168.122.136> (0, '', '')
<192.168.122.136> ESTABLISH SSH CONNECTION FOR USER: None
<192.168.122.136> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/859aa03053 -tt 192.168.122.136 '/bin/sh -c '"'"'/usr/bin/python /root/.ansible/tmp/ansible-tmp-1497787246.45-142355876761696/ping.py; rm -rf "/root/.ansible/tmp/ansible-tmp-1497787246.45-142355876761696/" > /dev/null 2>&1 && sleep 0'"'"''
<192.168.122.136> (0, '\r\n{"invocation": {"module_args": {"data": null}}, "changed": false, "ping": "pong"}\r\n', 'Shared connection to 192.168.122.136 closed.\r\n')
openstack | SUCCESS => {
    "changed": false, 
    "invocation": {
        "module_args": {
            "data": null
        }
    }, 
    "ping": "pong"
}
META: ran handlers
META: ran handlers

Thanks

[lkjangir]

Manually try to access the server on terminal, if you are able to ssh the remote server, then remove .ansible directory from local user's home directory. This works for me. (y)

[aelkz]

Same for me!
I can ssh server via terminal without passing -i directive:

ssh user1@server.com

works

Executing the command:

ansible all -m ping

I get the error:

    "msg": "Failed to connect to the host via ssh: Permission denied (publickey).\r\n",  
    "unreachable": true

@lkjangir removing .ansible directory didn't work also. =(

[ghost]

Try this, replace ec2-user with whatever username you set up.

ansible all -u ec2-user -m ping -vvv

[Hai-minhD]

@aelkz : in the /etc/ansible/hosts file, you could put: user1@server.com instead of server.com and then try ansible all -m ping.
Otherwise, if you don't specified the user1 in /etc/ansible/hosts, you should specified the user in ansible command: ansible all -m ping -u user1
I had the same error and that solution solved my issue.

[ramkumarcrk]

If i am not wrong , this is due to ssh key issue. Rene rate for new key or else convert your key to openssh formate to avoid error.

[Manjukb]

Using --ask-pass along with -u parameters worked for me.

[eohtake]

@Hai-minhD Your solution worked for me, thanks. I was testing on hosts where I had the root user as the same user I was using in the control machine. In this specific host where I was getting the failure reported above, I have a different user. Solved adding the host with this username in it in the Ansible hosts file: username@host.

[demhoisee]

ssh-copy-id -i user@localhost
ssh-copy-id -i user@servers_in_inventory

seems to work

[sprive]

This URL is the #1 Google hit for this error, so, although while this "issue" is closed, people will continue hitting this for the forseeable future. Here's how I fixed it for python3, ansible 2.5 (both are PIP versions, in a virutualenv), and OSX High Sierra.
Reporting my 'fix', for my scenario. Running:
$ python3 $(which ansible) localhost -m ping -vvvv

Would result in this error. -vvvv reveals it's a key/auth failure. Great. You can isolate Ansible from this by simply doing ssh@127.0.0.1 and for me it failed (I'm considering a failure to login with SSH keys to be a failure).

Easy fix: at ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys

[Ivheror]

I had the same problem and i get the solution by myself, i'm gonna tell you what's happening to me.
I get the same error and i solve it cz in the same proyect folder i had a hosts file, and for some reason, there was error so just with a rm -r hosts, i got solve it.
I expose to you if u have the same problem that i got.

Happy Christmas X) ,xoxo.

[enablex3]

I had the same issue until I edited my inventory file with
[testserver]
<target_ip> ansible_user=<target_domain_name> ansible_ssh_pass=<target_pass>
Then to test:
ansible testserver -m ping

[anvitha-jain]

ubuntu@ip-172-31-1-85:/etc/ansible$ sudo ansible-playbook tomserver.yml

PLAY [webservers] ***************************************************************************************************************************************************************************

TASK [Gathering Facts] **********************************************************************************************************************************************************************
fatal: [54.153.119.230]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: no such identity: /root/UbuntuAnsible.pem: No such file or directory\r\nPermission denied (publickey).\r\n", "unreachable": true}
to retry, use: --limit @/etc/ansible/tomserver.retry

please help

[enablex3]

Are you trying to simply connect? What does your hosts file look like?

…

On Wednesday, September 12, 2018, FALCON-SJSU ***@***.***> wrote: fatal: [54.153.119.230]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: no such identity: /root/UbuntuAnsible.pem: No such file or directory\r\nPermission denied (publickey).\r\n", "unreachable": true} to retry, use: --limit @/etc/ansible/tomserver.retry please help — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#19584 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/An-8H0G3NUSkpFXpcm2hkAXXGco3eMmyks5uaZO0gaJpZM4LSWpz> .

[yokee99]

I have found the solution.
My operating system was Mac OS , and I change the 'ansible.cfg' in the line 'remote_user = root ' , the problem is solved.

[enablex3]

Yup! I've had to do the same thing! Glad you solved it!

…

On Tue, Sep 18, 2018 at 4:09 AM ZhangZhongyuan ***@***.***> wrote: I have found the solution. My operating system was Mac OS , and I change the 'ansible.cfg' in the line 'remote_user = root ' , the problem is solved. — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#19584 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/An-8H0zGJ4zE4mKmaMtXDAtInZNDlrW4ks5ucKpCgaJpZM4LSWpz> .

[jluntnscc]

I ran the playbook with the following flags:

ansible-playbook playbook.yml --ask-pass - this helped.

[enablex3]

In the hosts you could also do ansibleuser="user" ansiblepass="pass" right next to the ip for the target. This allows me to run play books without any extra password prompts.

…

On Tue, Oct 2, 2018 at 11:15 AM jluntnscc ***@***.***> wrote: I ran the playbook with the following flags: ansible-playbook playbook.yml --ask-pass - this helped. — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#19584 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/An-8HzRVj8-BqcUiQywgQYKIVbcr4yzdks5ug4MEgaJpZM4LSWpz> .

[AsadUkh]

try This

all servers - Works when both server's and client's user name are same (Passwordless)

ansible all -m ping

all servers - "raj" is managed node's user (Passwordless)

ansible all -u raj -m ping

OR

Only demo-servers group - "raj" is managed node's user (Passwordless)

ansible demo-servers -u raj -m ping

OR

If you use password authendication

ansible -m ping all -u raj --ask-pass

or you can follow this link for further information
https://www.itzgeek.com/how-tos/linux/ubuntu-how-tos/install-ansible-automation-tool-for-it-management-on-centos-7-ubuntu-14-04-fedora-22-part-1.html

[fhackenb]

What worked for me was to update my hosts file to have the path to the ssh key:

[webserver]
IP_ADDRESS ansible_user=ubuntu ansible_connection=ssh ansible_private_key_file=~/.ssh/key.pem

[enablex3]

Nice solution. This would take care of multiple targets!

…

On Mon, Oct 29, 2018 at 4:02 PM fhackenb ***@***.***> wrote: What worked for me was to update my hosts file to have the path to the ssh key: [webserver] IP_ADDRESS ansible_user=ubuntu ansible_connection=ssh ansible_private_key_file=~/.ssh/key.pem — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#19584 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/An-8HzLY4PQVaWdPDOH0bHGnh9xpzmDWks5up17AgaJpZM4LSWpz> .

[cmaliwal]

working fine after the @riteshpuj2013 solution.

ansible-playbook test.yml --ask-pass

[rihani]

i get this issue, not sure how to progress

pi@10.8.0.142 | UNREACHABLE! => {
"changed": false,
"msg": "Authentication or permission failure. In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in "/tmp". Failed command was: ( umask 77 && mkdir -p "echo /tmp/.ansible/tmp/ansible-tmp-1543139945.24-52208136278646" && echo ansible-tmp-1543139945.24-52208136278646="echo /tmp/.ansible/tmp/ansible-tmp-1543139945.24-52208136278646" ), exited with result 1",
"unreachable": true
}

[rahul12131]

able to excute playbook with ansible but while executing same playbook with ansible tower getting error

---

<192.168.0.17> ESTABLISH SSH CONNECTION FOR USER: admin
<192.168.0.17> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=admin -o ConnectTimeout=10 -o ControlPath=/tmp/awx_86_9cdeKb/cp/86796477d7 192.168.0.17 '/bin/sh -c '"'"'echo ~admin && sleep 0'"'"''
<192.168.0.17> (255, '', "Warning: Permanently added '192.168.0.17' (ECDSA) to the list of known hosts.\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n")
fatal: [192.168.0.17]: UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Warning: Permanently added '192.168.0.17' (ECDSA) to the list of known hosts.\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n",
"unreachable": true
}

[bhargav0505]

i get this issue, please give me solution

ubuntu@master:~$ ansible-playbook playbook2.yml -b PLAY [172.31.42.20] ********************************************************************************************************************************************************************************************** TASK [Gathering Facts] *******************************************************************************************************************************************************************************************
fatal: [172.31.42.20]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,password).\r\n", "unreachable": true}
to retry, use: --limit @/home/ubuntu/playbook2.retry PLAY RECAP *******************************************************************************************************************************************************************************************************
172.31.42.20 : ok=0 changed=0 unreachable=1 failed=0

[praveenks16]

i get this issue, please give me solution

ubuntu@master:~$ ansible-playbook playbook2.yml -b PLAY [172.31.42.20] ********************************************************************************************************************************************************************************************** TASK [Gathering Facts] *******************************************************************************************************************************************************************************************

fatal: [172.31.42.20]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,password).\r\n", "unreachable": true}
to retry, use: --limit @/home/ubuntu/playbook2.retry PLAY RECAP *******************************************************************************************************************************************************************************************************
172.31.42.20 : ok=0 changed=0 unreachable=1 failed=0

Two solutions we have : -

password less auth (you can refer google how to generate rsa key )
add ask_pass=true in ancible.cfg file. (This will ask password when you run ansible)

[rohith-mr-rao]

Please setup the SSH connection to the host machine and test it.
Once it's done, In the /etc/ansible/hosts file give the proper host IP.
Now to test the secure connection between ansible and guest machine use the below command:
-> ansible -i hosts -u vagrant --ask-pass -m ping all
hosts-> hosts file (give proper guest ip)
-u vagrant -> vagrant is my guest machine username
--ask-pass-> It allows you to enter the SSH password to connect to guest m/c.
Note: If i donot use --ask-pass it'll throw error.

Thank you if it helps :)

[HwiLu]

it is quite possible that your /etc/ansible/hosts is wrong

[Bhanuvadlamudi]

i am new to ansible, can anyone help me

34.201.109.32 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: ubuntu@34.201.109.32: Permission denied (publickey).\r\n",
"unreachable": true
}

[enablex3]

Try to include the password for your target machine within your hosts file. Typically, you will need to have had an existing ssh connection which generates an RSA key for your host and your local machine. Try ssh into the host then run ansible again.

…

On Sun, Jan 20, 2019 at 11:22 AM Venkata Bhanusree Vadlamudi < ***@***.***> wrote: i am new to ansible, can anyone help me 34.201.109.32 | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: ***@***.***: Permission denied (publickey).\r\n", "unreachable": true } — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#19584 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/An-8H0nPfSdUELQxzoQAvvHHlsau7uyBks5vFJfOgaJpZM4LSWpz> .

[Bhanuvadlamudi]

When I use the ssh command from my local terminal I am able to connect to the ec2 instance. However when I run the ansible script I get the error.

34.201.109.32 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: ubuntu@34.201.109.32: Permission denied (publickey).\r\n",
"unreachable": true
}

[enablex3]

With AWS ec2 instances, you must generate a public key through AWS, download it, and point the ssh session to that key. There are tutorials for this procedure online.

…

On Sun, Jan 20, 2019 at 4:48 PM Venkata Bhanusree Vadlamudi < ***@***.***> wrote: When I use the ssh command from my local terminal I am unable to connect to the ec2 instance. However when I run the ansible script I get the error. 34.201.109.32 | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: ***@***.***: Permission denied (publickey).\r\n", "unreachable": true } — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#19584 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/An-8Hya_SkLrHT-HLYEOPEE2QXsSuDOJks5vFOQOgaJpZM4LSWpz> .

[mpwusr]

t Hi guys,
I had the same problem.
My devops user could ssh to all the servers but when I tried to runs, (with mysuer), ansible commands I always got the error ... UNREACHABLE! ...
I solved it by making , with "mysuer" ssh serverDestiny (the server that is in inventory file) note if you use fqdn you must make ssh to the FQDN.
example:
cat inventory
server1

[myuser@workstation ansible-deploy-cr] ssh-keygen
[myuser@workstation ansible-deploy-cr] ssh-copy-id -i devops@server1
test..
[myuser@workstation ansible-deploy-cr] ssh 'devops@server1

Hope this will help you.
if so, give a like 👍
Thanks,
MBrito

This fixed my issue in AWS on private VPC, I need the internal fqdn for all the servers

[ghost]

Hey guys,
I was facing the same issue for localhost and realised that '$ ssh localhost' was asking for a password. I solved it by moving the public key of 'user' on localhost to the authorized_key.

ssh-copy-id -i ~/.ssh/id_rsa.pub test@localhost

Just check if the authorized_key files have the necessary keys

test is the username

[Cloud-Mak]

Wow.....I read through comments. Can not believe the issues still exist. I am on latest ansible. I guess this is one of the pain of using opensource.

vagrant@mgmt:~$ ansible lb -u vagrant -m ping -vvv
ansible 2.7.8
  config file = /home/vagrant/ansible.cfg
  configured module search path = [u'/home/vagrant/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/dist-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.12 (default, Nov 12 2018, 14:36:49) [GCC 5.4.0 20160609]
Using /home/vagrant/ansible.cfg as config file
[DEPRECATION WARNING]: [defaults]hostfile option, The key is misleading as it can also be a list of hosts, a directory or a list of paths , use [defaults] inventory=/path/to/file|dir 
instead. This feature will be removed in version 2.8. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
/home/vagrant/inventory.ini did not meet host_list requirements, check plugin documentation if this is unexpected
/home/vagrant/inventory.ini did not meet script requirements, check plugin documentation if this is unexpected
/home/vagrant/inventory.ini did not meet yaml requirements, check plugin documentation if this is unexpected
Parsed /home/vagrant/inventory.ini inventory source with ini plugin
 [WARNING]: Found both group and host with same name: lb

META: ran handlers
<lb> ESTABLISH SSH CONNECTION FOR USER: vagrant
<lb> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=vagrant -o ConnectTimeout=10 -o ControlPath=/home/vagrant/.ansible/cp/2302ac11ec lb '/bin/sh -c '"'"'echo ~vagrant && sleep 0'"'"''
<lb> (255, '', 'Permission denied (publickey).\r\n')
lb | UNREACHABLE! => {
    "changed": false, 
    "msg": "Failed to connect to the host via ssh: Permission denied (publickey).", 
    "unreachable": true
}

[Cloud-Mak]

SOLUTION

Alright, here is what worked for me -
I logged into the remote machine lb. edited the ~/.ssh/authorised_keys and added id_rsa.pub key of ansible master. Saved and exited. Bounced the sshd on lb.

This is not a perfect way, but it gets you going for initial testing.

Edit 1 - Also, you need to make sure the remote machine (client which will be managed by ansible) needs to have python installed.

PS - even the method of ssh-copy-id -i was failing for me with same error of permission denied (publickey)

vagrant@mgmt:~$ ansible lb -m ping -vvv
ansible 2.7.8
config file = /home/vagrant/ansible.cfg
configured module search path = [u'/home/vagrant/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/dist-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.12 (default, Nov 12 2018, 14:36:49) [GCC 5.4.0 20160609]
Using /home/vagrant/ansible.cfg as config file
[DEPRECATION WARNING]: [defaults]hostfile option, The key is misleading as it can also be a list of hosts, a directory or a list of paths , use [defaults] inventory=/path/to/file|dir
instead. This feature will be removed in version 2.8. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
/home/vagrant/inventory.ini did not meet host_list requirements, check plugin documentation if this is unexpected
/home/vagrant/inventory.ini did not meet script requirements, check plugin documentation if this is unexpected
/home/vagrant/inventory.ini did not meet yaml requirements, check plugin documentation if this is unexpected
Parsed /home/vagrant/inventory.ini inventory source with ini plugin
[WARNING]: Found both group and host with same name: lb

META: ran handlers
ESTABLISH SSH CONNECTION FOR USER: None
SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/vagrant/.ansible/cp/e51df67eb4 lb '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
(0, '/home/vagrant\n', '')
ESTABLISH SSH CONNECTION FOR USER: None
SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/vagrant/.ansible/cp/e51df67eb4 lb '/bin/sh -c '"'"'( umask 77 && mkdir -p "echo /home/vagrant/.ansible/tmp/ansible-tmp-1552670816.4-42574892310286" && echo ansible-tmp-1552670816.4-42574892310286="echo /home/vagrant/.ansible/tmp/ansible-tmp-1552670816.4-42574892310286" ) && sleep 0'"'"''
(0, 'ansible-tmp-1552670816.4-42574892310286=/home/vagrant/.ansible/tmp/ansible-tmp-1552670816.4-42574892310286\n', '')
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/system/ping.py
PUT /home/vagrant/.ansible/tmp/ansible-local-2173_L8KXK/tmpXoK8R8 TO /home/vagrant/.ansible/tmp/ansible-tmp-1552670816.4-42574892310286/AnsiballZ_ping.py
SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/vagrant/.ansible/cp/e51df67eb4 '[lb]'
(0, 'sftp> put /home/vagrant/.ansible/tmp/ansible-local-2173_L8KXK/tmpXoK8R8 /home/vagrant/.ansible/tmp/ansible-tmp-1552670816.4-42574892310286/AnsiballZ_ping.py\n', '')
ESTABLISH SSH CONNECTION FOR USER: None
SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/vagrant/.ansible/cp/e51df67eb4 lb '/bin/sh -c '"'"'chmod u+x /home/vagrant/.ansible/tmp/ansible-tmp-1552670816.4-42574892310286/ /home/vagrant/.ansible/tmp/ansible-tmp-1552670816.4-42574892310286/AnsiballZ_ping.py && sleep 0'"'"''
(0, '', '')
ESTABLISH SSH CONNECTION FOR USER: None
SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/vagrant/.ansible/cp/e51df67eb4 -tt lb '/bin/sh -c '"'"'/usr/bin/python /home/vagrant/.ansible/tmp/ansible-tmp-1552670816.4-42574892310286/AnsiballZ_ping.py && sleep 0'"'"''
(0, '\r\n{"invocation": {"module_args": {"data": "pong"}}, "ping": "pong"}\r\n', 'Shared connection to lb closed.\r\n')
ESTABLISH SSH CONNECTION FOR USER: None
SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/vagrant/.ansible/cp/e51df67eb4 lb '/bin/sh -c '"'"'rm -f -r /home/vagrant/.ansible/tmp/ansible-tmp-1552670816.4-42574892310286/ > /dev/null 2>&1 && sleep 0'"'"''
(0, '', '')
lb | SUCCESS => {
"changed": false,
"invocation": {
"module_args": {
"data": "pong"
}
},
"ping": "pong"
}