ssh error from ad-hoc command
19 views
Skip to first unread message
Ken Cheng
Feb 3, 2021, 1:21:03 PM2/3/21
to Ansible Project
hi,
i'm sorry if this was already covered but why does ansible's ping module giving me an ssh error?
i installed ansible version 2.9.17 on a centos vm. that vm can ping & ssh to my test destination router from the command line. for some reason "ansible lab -m ping" gives me an ssh error. my /etc/ansible/hosts file looks ok (i just started with ansible this monday). what am i missing?
[xyz@centos inventory]$ ansible lab -m ping
The authenticity of host '10.116.16.50 (10.116.16.50)' can't be established.
RSA key fingerprint is SHA256:iAuKXO+RbJ+p6sODXTI4c3Uo8WArXLE+/XQSbWU9vWw.
Are you sure you want to continue connecting (yes/no/[fingerprint])? lab891 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\n@ WARNING: UNPROTECTED PRIVATE KEY FILE! @\r\n@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\nPermissions 0644 for '/home/xyz/.ssh/known_hosts' are too open.\r\nIt is required that your private key files are NOT accessible by others.\r\nThis private key will be ignored.\r\nLoad key \"/home/xyz/.ssh/known_hosts\": bad permissions\r\nx...@10.116.16.50: Permission denied (publickey,keyboard-interactive,password).",
"unreachable": true
}
[xyz@centos inventory]$ ping 10.116.16.50
PING 10.116.16.50 (10.116.16.50) 56(84) bytes of data.
64 bytes from 10.116.16.50: icmp_seq=1 ttl=251 time=0.635 ms
64 bytes from 10.116.16.50: icmp_seq=2 ttl=251 time=0.719 ms
^C
[xyz@centos inventory]$ cat /etc/ansible/hosts
[lab]
10.116.16.50
Antony Stone
Feb 3, 2021, 1:48:02 PM2/3/21
to ansible...@googlegroups.com
On Wednesday 03 February 2021 at 19:21:03, Ken Cheng wrote:
> i'm sorry if this was already covered but why does ansible's ping module
> giving me an ssh error?
>
> i installed ansible version 2.9.17 on a centos vm. that vm can ping & ssh
> to my test destination router from the command line. for some reason
> "ansible lab -m ping" gives me an ssh error. my /etc/ansible/hosts file
> looks ok (i just started with ansible this monday). what am i missing?
Not to put too fine a point on it, I think what you are missing is reading the
> i'm sorry if this was already covered but why does ansible's ping module
> giving me an ssh error?
>
> i installed ansible version 2.9.17 on a centos vm. that vm can ping & ssh
> to my test destination router from the command line. for some reason
> "ansible lab -m ping" gives me an ssh error. my /etc/ansible/hosts file
> looks ok (i just started with ansible this monday). what am i missing?
error message:
> Permissions 0644 for '/home/xyz/.ssh/known_hosts' are too open.
> It is required that your private key files are NOT accessible by others.
> This private key will be ignored.
So, change that mode 644 to 600 and all should be fine.
Antony.
--
Numerous psychological studies over the years have demonstrated that the
majority of people genuinely believe they are not like the majority of people.
Please reply to the list;
please *don't* CC me.
nagaraju balusa
Feb 3, 2021, 1:49:15 PM2/3/21
to ansible...@googlegroups.com
please *don't* CC me.
Antony Stone
Feb 3, 2021, 1:51:31 PM2/3/21
to ansible...@googlegroups.com
On Wednesday 03 February 2021 at 19:48:44, nagaraju balusa wrote:
> please *don't* CC me.
Who did?
> please *don't* CC me.
> On Wed, Feb 3, 2021 at 10:47 AM Antony Stone wrote:
> > On Wednesday 03 February 2021 at 19:21:03, Ken Cheng wrote:
> > > i'm sorry if this was already covered but why does ansible's ping
> > > module giving me an ssh error?
> > >
> > > i installed ansible version 2.9.17 on a centos vm. that vm can ping &
> > > ssh to my test destination router from the command line. for some
> > > reason "ansible lab -m ping" gives me an ssh error. my
> > > /etc/ansible/hosts file looks ok (i just started with ansible this
> > > monday). what am i missing?
> >
> > Not to put too fine a point on it, I think what you are missing is
> > reading the error message:
> > > Permissions 0644 for '/home/xyz/.ssh/known_hosts' are too open.
> > > It is required that your private key files are NOT accessible by
> > > others. This private key will be ignored.
> >
> > So, change that mode 644 to 600 and all should be fine.
> >
> >
> > Antony.
--
Ken Cheng
Feb 3, 2021, 2:06:17 PM2/3/21
to ansible...@googlegroups.com
hi Antony,
i changed the permissions of my ssh config file with chmod 600 ~/.ssh/config but it didnt help. why would i get an ssh error when i'm trying to ping?
Stefan Hornburg (Racke)
Feb 3, 2021, 2:07:48 PM2/3/21
to ansible...@googlegroups.com
On 2/3/21 8:05 PM, Ken Cheng wrote:
> hi Antony,
>
> i changed the permissions of my ssh config file with *chmod 600 ~/.ssh/config *but it didnt help. why would i get an ssh
> hi Antony,
>
> error when i'm trying to ping?
>
Because an Ansible ping is really testing the (SSH) connection to the target machine.
>
Regards
Racke
>
> On Wed, Feb 3, 2021 at 1:48 PM Antony Stone <Antony...@ansible.open.source.it
> <mailto:Antony...@ansible.open.source.it>> wrote:
>
> On Wednesday 03 February 2021 at 19:21:03, Ken Cheng wrote:
>
> > i'm sorry if this was already covered but why does ansible's ping module
> > giving me an ssh error?
> >
> > i installed ansible version 2.9.17 on a centos vm. that vm can ping & ssh
> > to my test destination router from the command line. for some reason
> > "ansible lab -m ping" gives me an ssh error. my /etc/ansible/hosts file
> > looks ok (i just started with ansible this monday). what am i missing?
>
> Not to put too fine a point on it, I think what you are missing is reading the
> error message:
>
> > Permissions 0644 for '/home/xyz/.ssh/known_hosts' are too open.
> > It is required that your private key files are NOT accessible by others.
> > This private key will be ignored.
>
> So, change that mode 644 to 600 and all should be fine.
>
>
> Antony.
>
> --
> Numerous psychological studies over the years have demonstrated that the
> majority of people genuinely believe they are not like the majority of people.
>
> Please reply to the list;
> please *don't* CC me.
>
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
> ansible-proje...@googlegroups.com <mailto:ansible-proje...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAFqN8snapYeGfnTgzVch%2BmSjJd%2BK7%3D3cKOZpU3JYfgEERUK8iw%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CAFqN8snapYeGfnTgzVch%2BmSjJd%2BK7%3D3cKOZpU3JYfgEERUK8iw%40mail.gmail.com?utm_medium=email&utm_source=footer>.
--
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.
Tej Singh Rana
Feb 3, 2021, 2:27:06 PM2/3/21
to ansible...@googlegroups.com
It's a permission denied error. Enable the password authentication in the target server. Or add parameters in the ansible's hosts ansible_ssh_pass=password.
Regards,
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/8f779bba-9a2b-4540-921e-b033a82dcdd0n%40googlegroups.com.
---------------------
Tej Singh RanaAntony Stone
Feb 3, 2021, 2:42:07 PM2/3/21
to ansible...@googlegroups.com
On Wednesday 03 February 2021 at 20:05:52, Ken Cheng wrote:
> hi Antony,
>
> hi Antony,
>
> i changed the permissions of my ssh config file with *chmod 600
> ~/.ssh/config *but it didnt help.
Try changing the permissions on the file mentioned in the error message.
> ~/.ssh/config *but it didnt help.
Antony.
> > On Wednesday 03 February 2021 at 19:21:03, Ken Cheng wrote:
> >
> > > Permissions 0644 for '/home/xyz/.ssh/known_hosts' are too open.
> > > It is required that your private key files are NOT accessible by
> > > others. This private key will be ignored.
> >
> > So, change that mode 644 to 600 and all should be fine.
> >
> >
> > Antony.
--
- Peter Moore, Asia-Pacific general manager, Microsoft
Joseph Alexander
Feb 3, 2021, 2:48:41 PM2/3/21
to ansible...@googlegroups.com
your private key (id_rsa) has the wrong permissions. It needs to be 0600 and you:you and having said that the .ssh/ directory its in needs to be 0700 and also owned by you:you
Ken Cheng
Feb 4, 2021, 8:09:46 AM2/4/21
to ansible...@googlegroups.com
Gotcha, thx
Sent from by iPad
> On Feb 3, 2021, at 2:07 PM, Stefan Hornburg (Racke) <ra...@linuxia.de> wrote:
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/4302577d-530d-425d-8ac0-23d0b6daee3e%40linuxia.de.
Sent from by iPad
> On Feb 3, 2021, at 2:07 PM, Stefan Hornburg (Racke) <ra...@linuxia.de> wrote:
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/4302577d-530d-425d-8ac0-23d0b6daee3e%40linuxia.de.
Reply all
Reply to author
Forward
0 new messages