Amazon web services Ubuntu WSL Ansible-user@localhost权限被拒绝（公钥、密码）_Amazon Web Services_Ubuntu_Ssh_Ansible_Windows Subsystem For Linux

Amazon web services Ubuntu WSL Ansible-user@localhost权限被拒绝（公钥、密码）

amazon-web-services ubuntu ssh ansible

Amazon web services Ubuntu WSL Ansible-user@localhost权限被拒绝（公钥、密码）,amazon-web-services,ubuntu,ssh,ansible,windows-subsystem-for-linux,Amazon Web Services,Ubuntu,Ssh,Ansible,Windows Subsystem For Linux,我使用ubuntu WSL作为ansible的控制器。尝试在localhost中安装python依赖项，然后启动ec2实例但由于以下错误而失败： “msg”：“无法通过ssh连接到主机：kevin@localhost：权限被拒绝（公钥、密码）。” 我为修复而做的事情： 1.ssh密钥生成了吗 2.生成公共/私有rsa密钥对。 3.输入保存密钥的文件（/home/user/.ssh/id\u rsa）： 4.最后是$cat~/id\u rsa.pub>~/.ssh/authorized\u密钥

我使用ubuntu WSL作为ansible的控制器。尝试在localhost中安装python依赖项，然后启动ec2实例但由于以下错误而失败： “msg”：“无法通过ssh连接到主机：kevin@localhost：权限被拒绝（公钥、密码）。”

我为修复而做的事情： 1.ssh密钥生成了吗 2.生成公共/私有rsa密钥对。 3.输入保存密钥的文件（/home/user/.ssh/id\u rsa）： 4.最后是$cat~/id\u rsa.pub>~/.ssh/authorized\u密钥

一切正常：

<localhost> ESTABLISH SSH CONNECTION FOR USER: kevin
<localhost> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=30m -o 'IdentityFile="/home/kevin/.ssh/id_rsa"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="kevin"' -o ConnectTimeout=10 -o ControlPath=/home/kevin/.ansible/cp/9faa73ac6e localhost '/bin/sh 
-c '"'"'echo ~kevin && sleep 0'"'"''
<localhost> (255, b'', b'kevin@localhost: Permission denied (publickey,password).\r\n')
<localhost> ESTABLISH SSH CONNECTION FOR USER: kevin
<localhost> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=30m -o 'IdentityFile="/home/kevin/.ssh/id_rsa"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="kevin"' -o ConnectTimeout=10 -o ControlPath=/home/kevin/.ansible/cp/9faa73ac6e localhost '/bin/sh 
-c '"'"'echo ~kevin && sleep 0'"'"''

1.ssh localhost正在为其工作kevin@localhost

2.首先，我将现有RHEL ec2实例与pem文件一起使用，这样我就可以运行我的任务并启动实例

不起作用的事情：

<localhost> ESTABLISH SSH CONNECTION FOR USER: kevin
<localhost> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=30m -o 'IdentityFile="/home/kevin/.ssh/id_rsa"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="kevin"' -o ConnectTimeout=10 -o ControlPath=/home/kevin/.ansible/cp/9faa73ac6e localhost '/bin/sh 
-c '"'"'echo ~kevin && sleep 0'"'"''
<localhost> (255, b'', b'kevin@localhost: Permission denied (publickey,password).\r\n')
<localhost> ESTABLISH SSH CONNECTION FOR USER: kevin
<localhost> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=30m -o 'IdentityFile="/home/kevin/.ssh/id_rsa"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="kevin"' -o ConnectTimeout=10 -o ControlPath=/home/kevin/.ansible/cp/9faa73ac6e localhost '/bin/sh 
-c '"'"'echo ~kevin && sleep 0'"'"''

--2类错误--

具有相同问题的Playbook任务

失败：[localhost]（item=webserverA）=>

{“ansible_loop_var”：“item”，“item”：“webserverA”，“msg”：“未能通过ssh连接到主机：kevin@localhost：权限被拒绝（公钥、密码）。“，“无法访问”：true} 致命：[localhost]：无法访问！=>{“changed”：false，“msg”：“所有项目已完成”，“results”：[{“ansible_loop_var”：“item”，“item”：“webserverA”，“msg”：“未能通过ssh连接到主机：kevin@localhost：权限被拒绝（公钥、密码）。“，“无法访问”：true}]}

为用户建立本地连接：

凯文 EXEC/bin/sh-c'echo~kevin&&sleep 0' EXEC/bin/sh-c“（umask 77和&mkdir-p“

echo/home/kevin/.ansible/tmp/ansible-tmp-1590382761.4873009-58188090245831

”&&echo-tmp-1590382761.4873009-58188090245831=“

echo/home/kevin/.ansible/tmp/ansible-tmp-1590382761.4873009-58188090245831

”&&0”

“MSG”：“身份验证或权限失败。在某些情况下，您可能已经能够对目标目录进行身份验证并且没有权限。请考虑将ANSILBE.CFG中的远程TMP路径更改为根植于\“/tMP\”中的路径。失败命令是：（UMASK 77和MKDIR -P）。

echo/home/kevin/.ansible/tmp/ansible-tmp-1590382762.0043557-97164890408687

\”&&echo-ansible-tmp-1590382762.0043557-97164890408687=\“

echo/home/kevin/.ansible/tmp/ansible-tmp-1590382762.0043557-971648904086887

\”），与结果1一起退出，标准输出：ansible-tmp-1590382762.0043557-97164890408687=/home/kevin/.ansible/tmp/ansible-tmp-1590382762.0043557-97164890408687\n“

澄清： 1.在ansible.cfg文件中，应为private_key_file.pem文件或id_rsa提供哪个密钥我的理解是ssh localhost需要id\u rsa，ssh ec2实例需要.pem文件因此，请支持解决问题1

2.对于问题2，我尝试在ansible.cfg中提供远程\u tmp路径，连接=本地，但未工作

库存文件：

<localhost> ESTABLISH SSH CONNECTION FOR USER: kevin
<localhost> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=30m -o 'IdentityFile="/home/kevin/.ssh/id_rsa"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="kevin"' -o ConnectTimeout=10 -o ControlPath=/home/kevin/.ansible/cp/9faa73ac6e localhost '/bin/sh 
-c '"'"'echo ~kevin && sleep 0'"'"''
<localhost> (255, b'', b'kevin@localhost: Permission denied (publickey,password).\r\n')
<localhost> ESTABLISH SSH CONNECTION FOR USER: kevin
<localhost> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=30m -o 'IdentityFile="/home/kevin/.ssh/id_rsa"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="kevin"' -o ConnectTimeout=10 -o ControlPath=/home/kevin/.ansible/cp/9faa73ac6e localhost '/bin/sh 
-c '"'"'echo ~kevin && sleep 0'"'"''

主机开发 详细输出：

<localhost> ESTABLISH SSH CONNECTION FOR USER: kevin
<localhost> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=30m -o 'IdentityFile="/home/kevin/.ssh/id_rsa"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="kevin"' -o ConnectTimeout=10 -o ControlPath=/home/kevin/.ansible/cp/9faa73ac6e localhost '/bin/sh 
-c '"'"'echo ~kevin && sleep 0'"'"''
<localhost> (255, b'', b'kevin@localhost: Permission denied (publickey,password).\r\n')
<localhost> ESTABLISH SSH CONNECTION FOR USER: kevin
<localhost> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=30m -o 'IdentityFile="/home/kevin/.ssh/id_rsa"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="kevin"' -o ConnectTimeout=10 -o ControlPath=/home/kevin/.ansible/cp/9faa73ac6e localhost '/bin/sh 
-c '"'"'echo ~kevin && sleep 0'"'"''

为用户建立SSH连接：kevin
SSH:EXEC SSH-C-o ControlMaster=auto-o ControlPersist=30m-o'IdentityFile=“/home/kevin/.SSH/id_rsa”'-o kbdinteractivateauthentication=no-o PreferredAuthentications=gssapi with mic，gssapi keyex，基于主机，公钥-o PasswordAuthentication=no-o'User=“kevin”'-o ConnectTimeout=10-o ControlPath=/home/kevin/.ansible/cp/9faa73ac6e localhost'/bin/sh
-c''echo~kevin&&sleep 0''
（255，b''，b'kevin@localhost：权限被拒绝（公钥、密码）。\r\n'）
为用户建立SSH连接：kevin
SSH:EXEC SSH-C-o ControlMaster=auto-o ControlPersist=30m-o'IdentityFile=“/home/kevin/.SSH/id_rsa”'-o kbdinteractivateauthentication=no-o PreferredAuthentications=gssapi with mic，gssapi keyex，基于主机，公钥-o PasswordAuthentication=no-o'User=“kevin”'-o ConnectTimeout=10-o ControlPath=/home/kevin/.ansible/cp/9faa73ac6e localhost'/bin/sh
-c''echo~kevin&&sleep 0''

您从Amazon获得的.pem与id\u rsa一样是私钥

通过执行ssh-i~/.ssh/id\u rsa验证Ansible应该做什么kevin@localhost.

如果这是可行的，那么您基本上已经具备了所需的所有部件，并且应该查看您的ansible配置来确定

如果无法执行以下验证：

您有权限访问该密钥吗？它应该是chmod 400，所有者是运行Ansible的用户
该服务器上的用户是否正确
在末尾添加-v将提供更详细的调试，您可以继续添加另一个v（即-vv或-vvv），以获得更详细的调试，最多4个v

您的ansible.cfg应该如下所示

[defaults]
private_key_file = /home/kevin/.ssh/id_rsa

您从Amazon获得的.pem与id_rsa一样是私钥

通过执行ssh-i~/.ssh/id\u rsa验证Ansible应该做什么kevin@localhost.

如果这是可行的，那么您基本上已经具备了所需的所有部件，并且应该查看您的ansible配置来确定

如果无法执行以下验证：

您有权限访问该密钥吗？它应该是chmod 400，所有者是运行Ansible的用户
该服务器上的用户是否正确
在末尾添加-v将提供更详细的调试，您可以继续添加另一个v（即-vv或-vvv），以获得更详细的调试，最多4个v

您的ansible.cfg应该如下所示

[defaults]
private_key_file = /home/kevin/.ssh/id_rsa

是的，我可以执行ssh-I~/.ssh/id\u rsakevin@localhost.Right，您是否可以将更多配置示例My Playbook粘贴为play 1。Hosts作为本地主机，需要运行python角色并启动ec2实例。在ansible.cfg private_key_file=/home/kevin/.ssh/id_rsa和chmod 400中，为用户“kevin”Hi授予权限，你能验证ansible.cfg文件与我添加到我的answerYes我验证了我的ansible.cfg与你的是一样的。请检查我的详细输出是的，我能执行ssh-I~/.ssh/id\u rsakevin@localhost