Skip to content
This repository has been archived by the owner on Jun 12, 2021. It is now read-only.

issue with private key. #155

Open
MetalJacx opened this issue May 28, 2020 · 0 comments
Open

issue with private key. #155

MetalJacx opened this issue May 28, 2020 · 0 comments

Comments

@MetalJacx
Copy link

Can seem to figure out what I am doing wrong here. With the server having forced settings of public key. I can't get it to leverage it. Seems to try to interact with username/password.

...
null_resource.tz["phx-dsctbas0"] (ansible): fatal: [tz]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Warning: Permanently added 'phx-dsctbas0,10.111.142.82' (ECDSA) to the list of known hosts.\r\nAuthorized uses only. All activity may be monitored and reported.\ndevops@phx-dsctbas0: Permission denied (keyboard-interactive).", "unreachable": true}
...

null_resource.tz["phx-dsctbas0"]: Creating...
 null_resource.tz["phx-dsctbas0"]: Provisioning with 'ansible'...
 null_resource.tz["phx-dsctbas0"] (ansible): Writing temprary PEM to '/tmp/0c503b51-4101-4894-a063-8c1b24e76488885501534'...
 null_resource.tz["phx-dsctbas0"] (ansible): Ansible inventory written.
 null_resource.tz["phx-dsctbas0"] (ansible): StrictHostKeyChecking=no specified or set for null_resource, not verifying host keys
 null_resource.tz["phx-dsctbas0"] (ansible): Write known hosts
 null_resource.tz["phx-dsctbas0"] (ansible): Write known hosts
 null_resource.tz["phx-dsctbas0"] (ansible): Generating temporary ansible inventory...
 null_resource.tz["phx-dsctbas0"] (ansible): Writing temporary ansible inventory to '/tmp/temporary-ansible-inventory288299935'...
 null_resource.tz["phx-dsctbas0"] (ansible): Ansible inventory written.
 null_resource.tz["phx-dsctbas0"] (ansible): running local command: ANSIBLE_FORCE_COLOR=true ANSIBLE_ROLES_PATH=ansible-data/roles ansible-playbook ./ansible-data/playbooks/playbook.yml --inventory-file='/tmp/temporary-ansible-inventory288299935' --become --become-method='sudo' --become-user='root' --extra-vars='{"ansible_become_pass":"[MASKED]"}' --forks=5 --verbose --user='devops' --private-key='/tmp/0c503b51-4101-4894-a063-8c1b24e76488885501534' --ssh-extra-args='-p 22 -o ConnectTimeout=10 -o ConnectionAttempts=10 -o StrictHostKeyChecking=no'
 null_resource.tz["phx-dsctbas0"] (ansible): Executing: ["/bin/sh" "-c" "ANSIBLE_FORCE_COLOR=true ANSIBLE_ROLES_PATH=ansible-data/roles ansible-playbook ./ansible-data/playbooks/playbook.yml --inventory-file='/tmp/temporary-ansible-inventory288299935' --become --become-method='sudo' --become-user='root' --extra-vars='{\"ansible_become_pass\":\"[MASKED]\"}' --forks=5 --verbose --user='devops' --private-key='/tmp/0c503b51-4101-4894-a063-8c1b24e76488885501534' --ssh-extra-args='-p 22 -o ConnectTimeout=10 -o ConnectionAttempts=10 -o StrictHostKeyChecking=no'"]
 null_resource.tz["phx-dsctbas0"] (ansible): No config file found; using defaults
 null_resource.tz["phx-dsctbas0"] (ansible): 
 null_resource.tz["phx-dsctbas0"] (ansible): PLAY [all] *********************************************************************
 null_resource.tz["phx-dsctbas0"] (ansible): TASK [Gathering Facts] *********************************************************
 null_resource.tz["phx-dsctbas0"] (ansible): /usr/lib/python3.8/site-packages/Crypto/Random/Fortuna/FortunaGenerator.py:28: SyntaxWarning: "is" with a literal. Did you mean "=="?
 null_resource.tz["phx-dsctbas0"] (ansible):   if sys.version_info[0] is 2 and  sys.version_info[1] is 1:
 null_resource.tz["phx-dsctbas0"] (ansible): /usr/lib/python3.8/site-packages/Crypto/Random/Fortuna/FortunaGenerator.py:28: SyntaxWarning: "is" with a literal. Did you mean "=="?
 null_resource.tz["phx-dsctbas0"] (ansible):   if sys.version_info[0] is 2 and  sys.version_info[1] is 1:
 null_resource.tz["phx-dsctbas0"] (ansible): fatal: [tz]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Warning: Permanently added 'phx-dsctbas0,10.111.142.82' (ECDSA) to the list of known hosts.\r\nAuthorized uses only. All activity may be monitored and reported.\ndevops@phx-dsctbas0: Permission denied (keyboard-interactive).", "unreachable": true}
 null_resource.tz["phx-dsctbas0"] (ansible): 
 null_resource.tz["phx-dsctbas0"] (ansible): PLAY RECAP *********************************************************************
 null_resource.tz["phx-dsctbas0"] (ansible): tz                         : ok=0    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0

Expected behavior

Expect to connect to host leveraging private key instead of username password.

Actual behavior

Looks to be leveraging keyboard interactive to log in. Instead of private key.
...

resource "null_resource" "tz" {
  for_each = toset(var.list_hosts)

  connection {
    host                = each.key
    type                = "ssh"
    user                = "devops"
    private_key         = file("${var.git_project_path}.tmp/devops_cert")
  }

  provisioner "ansible" {
    plays {
      playbook {
        file_path       = "./ansible-data/playbooks/playbook.yml"
        roles_path      = ["./ansible-data/roles"]
      }
      become            = true
      verbose           = true
      extra_vars        = {
        ansible_become_pass = "${var.vcd_template_pass}"
      }
    }

    ansible_ssh_settings {
      insecure_no_strict_host_key_checking = "true"
      insecure_bastion_no_strict_host_key_checking = "false"
    }
  }

}
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@MetalJacx