Hi Michael, *"ansble all -m ping , it gives the same error Permission denied (publickey,keyboard-interactive,password)" *doesn't work because ansible ping module requires the remote node to run python. You can find more about it here: https://docs.ansible.com/ansible/latest/modules/ping_module.html#ping-module
So, it works for your username, and based on "*Failed to connect to the host via ssh: [email protected] <[email protected]>: Permission denied (publickey,keyboard-interactive,password)" *ansible is using the correct username. Where are you defining your password? In the hosts file? If that is the case, hash the password in the hosts file and use -k option instead ( ansible-playbook ios.yml -k ) and enter the password manually just to eliminate one source of the problem. If that doesn't work, revert the changes and get the output of *"ansible-playbook ios.yml -vvvv " *command. It could help us find the source of the issue. Regards, Ajay On Thu, Aug 9, 2018 at 1:35 PM Michael Sawires <[email protected]> wrote: > Hi Ajay, > > If username is 60081064, it works, if root, it does not. > > Thanks, > Michael > > On Fri, 10 Aug 2018 at 4:41 am, Ajay Kumar Manukonda < > [email protected]> wrote: > >> Hi Michael, >> >> By looking at this error :* "msg": "Failed to connect to the host via >> ssh: [email protected] <[email protected]>: Permission denied >> (publickey,keyboard-interactive,password).\r\n", "unreachable": true *it >> seems like your ansible VM can not SSH to the cisco switch in the first >> place. >> >> Does normal SSH to the switch work? like if you do *ssh >> [email protected] <[email protected]> . *If it doesn't work, you >> have to fix that first. Maybe the switch is allowing connections only from >> particular IP addresses. >> >> Regards, >> Ajay >> >> >> >> On Thu, Aug 9, 2018 at 8:02 AM Michael Sawires <[email protected]> >> wrote: >> >>> Hi Ajay, >>> >>> I was able to build a new machine, still having same issue ansible & ssh >>> permission issue: >>> >>> netadmin@netadmin-Virtual-Machine:/etc/ansible/myplatform$ ansible >>> --version >>> ansible 2.5.7 >>> config file = /etc/ansible/ansible.cfg >>> configured module search path = >>> [u'/home/netadmin/.ansible/plugins/modules', >>> u'/usr/share/ansible/plugins/modules'] >>> ansible python module location = >>> /usr/lib/python2.7/dist-packages/ansible >>> executable location = /usr/bin/ansible >>> python version = 2.7.15rc1 (default, Apr 15 2018, 21:51:34) [GCC 7.3.0] >>> netadmin@netadmin-Virtual-Machine:/etc/ansible/myplatform$ ls >>> ios.retry ios.yml >>> netadmin@netadmin-Virtual-Machine:/etc/ansible/myplatform$ ansible >>> --version >>> ansible 2.5.7 >>> config file = /etc/ansible/ansible.cfg >>> configured module search path = >>> [u'/home/netadmin/.ansible/plugins/modules', >>> u'/usr/share/ansible/plugins/modules'] >>> ansible python module location = >>> /usr/lib/python2.7/dist-packages/ansible >>> executable location = /usr/bin/ansible >>> python version = 2.7.15rc1 (default, Apr 15 2018, 21:51:34) [GCC 7.3.0] >>> netadmin@netadmin-Virtual-Machine:/etc/ansible/myplatform$ >>> ansible-playbook ios.yml >>> >>> PLAY [10.11.32.100] >>> *********************************************************************************************************************************************************************************************** >>> >>> TASK [Gathering Facts] >>> ******************************************************************************************************************************************************************************************** >>> fatal: [10.11.32.100]: UNREACHABLE! => {"changed": false, "msg": "Failed >>> to connect to the host via ssh: [email protected]: Permission >>> denied (publickey,keyboard-interactive,password).\r\n", "unreachable": true} >>> [WARNING]: Could not create retry file >>> '/etc/ansible/myplatform/ios.retry'. [Errno 13] Permission denied: >>> u'/etc/ansible/myplatform/ios.retry' >>> >>> PLAY RECAP >>> ******************************************************************************************************************************************************************************************************** >>> 10.11.32.100 : ok=0 changed=0 unreachable=1 >>> failed=0 >>> >>> netadmin@netadmin-Virtual-Machine:/etc/ansible/myplatform$ cat ios.yml >>> --- >>> - hosts: 10.11.32.100 >>> user: 60081064 >>> >>> tasks: >>> - name: show version >>> ios_command: >>> commands: show version >>> ... >>> >>> also when I try: ansble all -m ping , it gives the same error >>> Permission denied (publickey,keyboard-interactive,password).\ >>> >>> On Fri, Aug 10, 2018 at 12:44 AM Ajay Kumar Manukonda < >>> [email protected]> wrote: >>> >>>> Hi Michael, >>>> >>>> I don't know any straight forward fix. >>>> >>>> So, did chmod 700 on /etc/ansible work? Is the playbook still giving >>>> the same error after the file permissions were changed? >>>> >>>> Regards, >>>> Ajay >>>> >>>> On Wed, Aug 8, 2018, 8:48 PM Michael Ikram <[email protected]> >>>> wrote: >>>> >>>>> I was able to fix the permission on Ubuntu, now back to the original >>>>> error: >>>>> >>>>> >>>>> >>>>> ansible all -i <switch_ip>, -c network_cli -u <username>-m >>>>> ios_command_1.yml >>>>> >>>>> [WARNING] Ansible is in a world writable directory (/etc/ansible), >>>>> ignoring it as an ansible.cfg source. >>>>> >>>>> 10.11.32.100 | FAILED! => { >>>>> >>>>> "msg": " [WARNING] Ansible is in a world writable directory >>>>> (/etc/ansible), ignoring it as an ansible.cfg source.\n{\"socket_path\": >>>>> \"/home/test/.ansible/pc/c5b7c67eba\", \"exception\": \"Traceback (most >>>>> recent call last):\\n File \\\"/usr/bin/ansible-connection\\\", line 87, >>>>> in start\\n self.connection._connect()\\n File >>>>> \\\"/usr/lib/python2.7/dist-packages/ansible/plugins/connection/network_cli.py\\\", >>>>> line 302, in _connect\\n self._ssh_shell = >>>>> ssh.ssh.invoke_shell()\\nNameError: global name 'ssh' is not defined\\n\", >>>>> \"messages\": [\"local domain socket does not exist, starting it\", >>>>> \"control socket path is /home/test/.ansible/pc/c5b7c67eba\", \"\"], >>>>> \"error\": \"global name 'ssh' is not defined\"}" >>>>> >>>>> } >>>>> >>>>> >>>>> >>>>> Do you know any straight forward fix? >>>>> >>>>> >>>>> >>>>> Thanks, >>>>> >>>>> Michael >>>>> >>>>> >>>>> >>>>> *From: *Michael Ikram <[email protected]> >>>>> *Sent: *Thursday, 9 August 2018 10:24 AM >>>>> *To: *[email protected] >>>>> *Subject: *RE: [ansible-project] Re: cannot login to cisco switch >>>>> using ansible >>>>> >>>>> >>>>> >>>>> Hi Ajay, >>>>> >>>>> >>>>> >>>>> - Tried to chmod 700, it gave me the following error >>>>> >>>>> >>>>> >>>>> test@TESTVM:/etc$ sudo chmod 700 /etc/ansible >>>>> >>>>> sudo: /etc/sudoers is world writable >>>>> >>>>> sudo: no valid sudoers sources found, quitting >>>>> >>>>> sudo: unable to initialize policy plugin >>>>> >>>>> >>>>> >>>>> - I think I have bigger issue than Ansible now, it is a permission >>>>> issue on Ubuntu box, any suggestions? >>>>> >>>>> Thanks, >>>>> >>>>> Michael >>>>> >>>>> >>>>> >>>>> *From: *Ajay <[email protected]> >>>>> *Sent: *Thursday, 9 August 2018 10:13 AM >>>>> *To: *Ansible Project <[email protected]> >>>>> *Subject: *Re: [ansible-project] Re: cannot login to cisco switch >>>>> using ansible >>>>> >>>>> >>>>> >>>>> First of all, try executing this command: "chmod 700 /etc/ansible" and >>>>> run the playbook again (since you are using network_cli as connection >>>>> type, >>>>> I assume you also defined ansible_network_os as ios) >>>>> >>>>> >>>>> >>>>> Suggestions: >>>>> >>>>> 1. Don't use the default ansible.cfg file, it's too big to track all >>>>> the changes we made >>>>> >>>>> 2. "https://docs.ansible.com/ansible/latest/network/index.html"; is a >>>>> good place to start if you haven't checked already >>>>> >>>>> >>>>> >>>>> *"I think I have a problem with ssh but i do not understand how to fix >>>>> it" - *Can you directly ssh to the device from the VM you are using? >>>>> >>>>> >>>>> >>>>> Let me know if that works. >>>>> >>>>> >>>>> >>>>> Regards, >>>>> >>>>> Ajay >>>>> >>>>> On Wednesday, August 8, 2018 at 3:24:21 PM UTC-7, Michael Sawires >>>>> wrote: >>>>> >>>>> I cannot understand what to do from the link you sent me, I am still >>>>> new in Ansible. >>>>> >>>>> >>>>> >>>>> Here is the permission and content of ansible.cfg file >>>>> >>>>> >>>>> >>>>> 1.Permission: >>>>> >>>>> ========== >>>>> >>>>> -r-xrwxrwx 1 root root 19573 Aug 9 00:52 ansible.cfg >>>>> >>>>> -r-xrwxrwx 1 root root 251 Aug 8 12:15 ios_facts.yml >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> 2.Content >>>>> >>>>> ======== >>>>> >>>>> 2.1. ansible.cfg >>>>> >>>>> ============ >>>>> >>>>> test@TESTVM:/etc/ansible$ cat ansible.cfg >>>>> >>>>> # config file for ansible -- https://ansible.com/ >>>>> >>>>> # =============================================== >>>>> >>>>> >>>>> >>>>> # nearly all parameters can be overridden in ansible-playbook >>>>> >>>>> # or with command line flags. ansible will read ANSIBLE_CONFIG, >>>>> >>>>> # ansible.cfg in the current working directory, .ansible.cfg in >>>>> >>>>> # the home directory or /etc/ansible/ansible.cfg, whichever it >>>>> >>>>> # finds first >>>>> >>>>> >>>>> >>>>> [defaults] >>>>> >>>>> host_key_checking = false >>>>> >>>>> >>>>> >>>>> # some basic default values... >>>>> >>>>> >>>>> >>>>> #inventory = /etc/ansible/hosts >>>>> >>>>> #library = /usr/share/my_modules/ >>>>> >>>>> #module_utils = /usr/share/my_module_utils/ >>>>> >>>>> #remote_tmp = ~/.ansible/tmp >>>>> >>>>> #local_tmp = ~/.ansible/tmp >>>>> >>>>> #plugin_filters_cfg = /etc/ansible/plugin_filters.yml >>>>> >>>>> #forks = 5 >>>>> >>>>> #poll_interval = 15 >>>>> >>>>> #sudo_user = root >>>>> >>>>> #ask_sudo_pass = True >>>>> >>>>> #ask_pass = True >>>>> >>>>> #transport = smart >>>>> >>>>> #remote_port = 22 >>>>> >>>>> #module_lang = C >>>>> >>>>> #module_set_locale = False >>>>> >>>>> >>>>> >>>>> # plays will gather facts by default, which contain information about >>>>> >>>>> # the remote system. >>>>> >>>>> # >>>>> >>>>> # smart - gather by default, but don't reg >>>>> >>>>> >>>>> >>>>> -- >>>>> You received this message because you are subscribed to a topic in the >>>>> Google Groups "Ansible Project" group. >>>>> To unsubscribe from this topic, visit >>>>> https://groups.google.com/d/topic/ansible-project/QaZFGSaMNpk/unsubscribe >>>>> . >>>>> To unsubscribe from this group and all its topics, send an email to >>>>> [email protected]. >>>>> To post to this group, send email to [email protected]. >>>>> To view this discussion on the web visit >>>>> https://groups.google.com/d/msgid/ansible-project/5b6bb990.1c69fb81.eaa12.efee%40mx.google.com >>>>> <https://groups.google.com/d/msgid/ansible-project/5b6bb990.1c69fb81.eaa12.efee%40mx.google.com?utm_medium=email&utm_source=footer> >>>>> . >>>>> For more options, visit https://groups.google.com/d/optout. >>>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Ansible Project" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To post to this group, send email to [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/d/msgid/ansible-project/CAOr1PY-%2BWvzwpsTVgS%2BoAh8bA%3DOereARQmddC9C10WEpVX1dvg%40mail.gmail.com >>>> <https://groups.google.com/d/msgid/ansible-project/CAOr1PY-%2BWvzwpsTVgS%2BoAh8bA%3DOereARQmddC9C10WEpVX1dvg%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>> . >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> >>> >>> -- >>> ----------------------- >>> Michael Sawires >>> >>> -- >>> You received this message because you are subscribed to a topic in the >>> Google Groups "Ansible Project" group. >>> To unsubscribe from this topic, visit >>> https://groups.google.com/d/topic/ansible-project/QaZFGSaMNpk/unsubscribe >>> . >>> To unsubscribe from this group and all its topics, send an email to >>> [email protected]. >>> To post to this group, send email to [email protected]. >>> >> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/ansible-project/CAFYW21%3D2x4bDn%2B919zzPp8grf9BDyMMZwwgMzUBhdFC1e2fB0w%40mail.gmail.com >>> <https://groups.google.com/d/msgid/ansible-project/CAFYW21%3D2x4bDn%2B919zzPp8grf9BDyMMZwwgMzUBhdFC1e2fB0w%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> For more options, visit https://groups.google.com/d/optout. >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To post to this group, send email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/CAOr1PY8drHRUJ_FK8MXxjWnxtu%2B1XZ%3DfF0BtuNu2o01kWr3vNA%40mail.gmail.com >> <https://groups.google.com/d/msgid/ansible-project/CAOr1PY8drHRUJ_FK8MXxjWnxtu%2B1XZ%3DfF0BtuNu2o01kWr3vNA%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > -- > Sent from Gmail Mobile > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Ansible Project" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/ansible-project/QaZFGSaMNpk/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/CAFYW21kxHsEsUx-tqH79JJZTdwRbTcXUNRUoJzu7BGQcz3ZFCw%40mail.gmail.com > <https://groups.google.com/d/msgid/ansible-project/CAFYW21kxHsEsUx-tqH79JJZTdwRbTcXUNRUoJzu7BGQcz3ZFCw%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAOr1PY-%2BsyQiqnDRWHzN3V%2BK-3McYWoO1WiL6Nwp4N_XVNi5SQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
