This is probably a simple question that you get asked hundreds of times,
but I've searched the archives and either my google mojo is gone, or else
it's in a different wording.
My employer uses ansible heavily, and I've been kind of roped into getting
to learn it. No hurry, as there are already others who use it and know it,
so for the moment it's more a 'hobby but would be nice to know'.
At home, I have a Mac and a server with VMWare running, and about a dozen
Linux CentOS VMs. As a first project, I decided I want to use ansible to
keep the openssh servers on the VMs current. Now, I can connect to these
servers no problem, either with a simple command (let's use the mail server
as an example)..
ssh -p xxxx -i $HOME/.ssh/key_rsa -l cycle mx
.. and boom, I'm on the mail server. Or I can use wrappers, which
basically means I need to type 'mx' and I connect to that box. No need to
cat the contents of that file, as it's basically identical to the command
above. The point is that keypair authentication works seamlessly.
Now for Ansible. As I'm using the Mac, it's a weird installation, as
there's no /etc/ansible but I've created an ansible directory in my $HOME
in the location that I use for developing stuff:
$HOME/Documents/dev/ansible
In there, I have..
My-Mac:ansible cycle$ ls -l
total 8
-rw-r--r--+ 1 cycle staff 324 23 nov 16:23 hosts
drwxr-xr-x+ 3 cycle staff 102 23 nov 16:25 playbooks
In playbooks, I have a yml file that uses the yum module to set sshd to
'latest'. I run..
ansible-playbook -i hosts --private-key /Users/cycle/.ssh/key_rsa playbooks/
update_all_sshd.yml
I get the cute little logo telling me it's gathering facts, and then a
stream of ..
The authenticity of host 'db1.internal-domain (192.168.1.11)' can't be
established.
RSA key fingerprint is SHA256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.
Are you sure you want to continue connecting (yes/no)? The authenticity of
host 'dns2.internal-domain (192.168.1.19)' can't be established.
RSA key fingerprint is SHA256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.
Are you sure you want to continue connecting (yes/no)? The authenticity of
host 'dns1.internal-domain (192.168.1.15)' can't be established.
RSA key fingerprint is SHA256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.
Are you sure you want to continue connecting (yes/no)? The authenticity of
host 'db2.internal-domain (192.168.1.16)' can't be established.
RSA key fingerprint is SHA256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.
Are you sure you want to continue connecting (yes/no)? fatal:
[jira.internal-domain]: UNREACHABLE! => {"changed": false, "msg": "Failed
to connect to the host via ssh: Permission denied (publickey).\r\n",
"unreachable": true}
And what I don't understand is: if I can connect using my ordinary username
'cycle' and if this is in the $HOME/ansible.cfg ..
My-Mac:ansible cycle$ grep cycle /Users/cycle/ansible.cfg
inventory = /Users/cycle/Documents/dev/ansible/hosts
remote_user = cycle
private_key_file = /Users/cycle/keys/new_id.rsa
... then why can't ansible do so?
Thanks in advance.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/04b8f23f-95b5-46e0-bf51-61dd1b1d4b12%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
