ssh-copy-id error

26 views
Skip to first unread message

Arvind Thatikonda

unread,
Nov 19, 2018, 5:03:18 PM11/19/18
to Ansible Project

I created a ansible control server, and client server. I created 'ansible' users on both control and remote client server. I created ssh keys use ssh-keygen, I tried to copy the ssh keys ( public key) to remote client using ssh-copy-id it fails. The OS on the two servers is Ubuntu 18.04 LTS on GCP


Please let me know what is the issue. looks like permission issue. I followed the some recommednation to update the sshd-congfiguration files to change parameters. But it still didn't work.


/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/ansible/.ssh/id_rsa.pub"

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

Permission denied (publickey).






Dick Visser

unread,
Nov 20, 2018, 3:03:20 AM11/20/18
to ansible...@googlegroups.com
ssh-copy-id is meant to copy a public key to an account that you can already authenticate to using other means, such as password. It’s not possible to copy a key and use it to authenticate at the same time (i.e. chicken/egg).
If you didn’t set a password for the account (or you disabled password authentication, which I highly recommend) then sign in to your ‘client server’ using another account that has the right permissions, and provision the ansible account from there.


Dick 

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/e40053b4-a0e3-4d9c-a7c2-c64506ccb663%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
Sent from a mobile device - please excuse the brevity, spelling and punctuation.

Arvind Thatikonda

unread,
Nov 24, 2018, 7:38:26 PM11/24/18
to ansible...@googlegroups.com
Hi Dick,
I did login to the client using public IP and created ansible user , updated the visudo to add 'ansible ALL=(ALL) NOPASSWD: ALL
I am able to login to client with the ansible user.
I am trying to copy the id_rsa.pub to client using ssh-copy-id. As far as I know that is correct method.

Can anyone recommend what is the correct approach to setup password less authentication to run ansible playbook on the clients from the control server?

can we use become, become_user parameters in the playbook ?



To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAL8fbwMmOKZ1LmUW0OpNmUtpHqyE4WXAxzsd1dLJZS_s9yO8hg%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.


--
Thanks & Regards,
Arvind;
Reply all
Reply to author
Forward
0 new messages