我正在尝试针对 server1.xxx.com 执行 ansible 脚本,但出现权限被拒绝错误。
我使用命令创建了一个 ssh key
ssh-keygen -f t11pkey
并且还添加了密码,将 key 复制到服务器。
ssh-copy-id -i /home/user.name/t11pkey.pub user.name@server1.xxx.com
我的 ~/.ssh/config
Host server?.xxx.com
User user.name
Port 22
IdentityFile /home/user.name/.ssh/t11pkey.pub
我的 key 的许可:
-rw------- 1 user.name Domain Users 1766 Dec 5 10:55 t11pkey
-rw------- 1 user.name Domain Users 412 Dec 5 10:55 t11pkey.pub
ansible.cfg
[defaults]
filter_plugins =./filter_plugins
roles_path = ./roles
sudo_user = root
host_key_checking = False
retry_files_enabled = False
[ssh_connection]
ssh_args = -F /home/user.name/.ssh/config -o ControlMaster=auto -o ControlPersist=30m
control_path = ~/.ssh/ansible-%%r@%%h:%%p
库存文件
[new]
server1.xxx.com
我的 ansible 剧本
- hosts: new
remote_user: user.name
become: true
vars_files:
- xx.yml
- xx.yml
- xx.yml
roles:
- role: ~/path/to/the/role
Anisble 错误:
TASK [Gathering Facts] *****************************************************************************************************************************************************
Enter passphrase for key '/home/user.name/.ssh/t11pkey.pub':
Enter passphrase for key '/home/user.name/.ssh/t11pkey.pub':
Enter passphrase for key '/home/user.name/.ssh/t11pkey.pub':
fatal: [server1.xxx.com]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n", "unreachable": true}
ansible --version:
ansible 2.3.1.0 (stable-2.3 5512c94017) last updated 2017/06/21 22:56:43 (GMT -400)
最佳答案
IdentityFile配置文件中的参数应该指向私钥( t11pkey ),而不是公钥( t11pkey.pub )。
关于ssh - Ansible ssh 授予权限被拒绝错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/47658156/