"방황 처리 조항"이 작동하지만 유용한 명령을 보낼 수 없습니다.

Question

나는 방글러기가있는 기계를 설치하고 그에 대한 기본적인 무책임 노트를 만들었습니다. 예상대로 내가

vm-abla> vagrant provision 

을 실행할 때 모든 작동하지만 Ansible으로 컴퓨터에 임시 명령을 보낼 수 없습니다, 그 이유는? 나는 그 원인을 나타낼 것이라고 생각되는 선을 강조 표시했습니다.

-c ssh --private-key=~/.vagrant.d/insecure_private_key 

의 어떤 생각 :

vm-abla> ansible jon -i provisioning/hosts -a "echo 'TEST'" -vvvv 

<192.168.33.2> ESTABLISH CONNECTION FOR USER: user 
<192.168.33.2> REMOTE_MODULE command echo 'TEST' 
<192.168.33.2> EXEC ['ssh', '-C', '-tt', '-vvv', '-o', 'ControlMaster=auto', '-o', 'ControlPersist=60s', '-o', 'ControlPath=/home/user/.ansible/cp/ansible-ssh-%h-%p-%r', '-o', 'KbdInteractiveAuthentication=no', '-o', 'PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey', '-o', 'PasswordAuthentication=no', '-o', 'ConnectTimeout=10', '192.168.33.2', "/bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1394126994.26-73015876561126 && chmod a+rx $HOME/.ansible/tmp/ansible-tmp-1394126994.26-73015876561126 && echo $HOME/.ansible/tmp/ansible-tmp-1394126994.26-73015876561126'"] 

192.168.33.2 | FAILED => SSH encountered an unknown error. The output was: 
OpenSSH_6.0p1 Debian-4, OpenSSL 1.0.1e 11 Feb 2013 
debug1: Reading configuration data /etc/ssh/ssh_config 
debug1: /etc/ssh/ssh_config line 19: Applying options for * 
debug1: auto-mux: Trying existing master 

### debug1: Control socket "/home/user/.ansible/cp/ansible-ssh-192.168.33.2-22-user" does not exist 

debug2: ssh_connect: needpriv 0 
debug1: Connecting to 192.168.33.2 [192.168.33.2] port 22. 
debug2: fd 3 setting O_NONBLOCK 
debug1: fd 3 clearing O_NONBLOCK 
debug1: Connection established. 
debug3: timeout: 10000 ms remain after connect 
debug3: Incorrect RSA1 identifier 
debug3: Could not load "/home/user/.ssh/id_rsa" as a RSA1 public key 
debug1: identity file /home/user/.ssh/id_rsa type 1 
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 
debug1: identity file /home/user/.ssh/id_rsa-cert type -1 
debug3: Incorrect RSA1 identifier 
debug3: Could not load "/home/user/.ssh/id_dsa" as a RSA1 public key 
debug1: identity file /home/user/.ssh/id_dsa type 2 
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024 
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024 
debug1: identity file /home/user/.ssh/id_dsa-cert type -1 
debug3: Incorrect RSA1 identifier 
debug3: Could not load "/home/user/.ssh/id_ecdsa" as a RSA1 public key 
debug1: identity file /home/user/.ssh/id_ecdsa type 3 
debug1: Checking blacklist file /usr/share/ssh/blacklist.ECDSA-256 
debug1: Checking blacklist file /etc/ssh/blacklist.ECDSA-256 
debug1: identity file /home/user/.ssh/id_ecdsa-cert type -1 
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1.1 
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.1 pat OpenSSH_5* 
debug1: Enabling compatibility mode for protocol 2.0 
debug1: Local version string SSH-2.0-OpenSSH_6.0p1 Debian-4 
debug2: fd 3 setting O_NONBLOCK 
debug3: load_hostkeys: loading entries for host "192.168.33.2" from file "/home/user/.ssh/known_hosts" 
debug3: load_hostkeys: found key type ECDSA in file /home/user/.ssh/known_hosts:10 
debug3: load_hostkeys: loaded 1 keys 
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 
debug1: SSH2_MSG_KEXINIT sent 
debug1: SSH2_MSG_KEXINIT received 
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 
debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss 
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se 
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se 
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 
debug2: kex_parse_kexinit: zlib@openssh.com,zlib,none 
debug2: kex_parse_kexinit: zlib@openssh.com,zlib,none 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se 
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se 
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 
debug2: kex_parse_kexinit: none,zlib@openssh.com 
debug2: kex_parse_kexinit: none,zlib@openssh.com 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: mac_setup: found hmac-md5 
debug1: kex: server->client aes128-ctr hmac-md5 zlib@openssh.com 
debug2: mac_setup: found hmac-md5 
debug1: kex: client->server aes128-ctr hmac-md5 zlib@openssh.com 
debug1: sending SSH2_MSG_KEX_ECDH_INIT 
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY 
debug1: Server host key: ECDSA 32:53:5d:95:d9:2b:c0:92:ab:1d:a4:87:95:a6:5a:e2 
debug3: load_hostkeys: loading entries for host "192.168.33.2" from file "/home/user/.ssh/known_hosts" 
debug3: load_hostkeys: found key type ECDSA in file /home/user/.ssh/known_hosts:10 
debug3: load_hostkeys: loaded 1 keys 
debug1: Host '192.168.33.2' is known and matches the ECDSA host key. 
debug1: Found key in /home/user/.ssh/known_hosts:10 
debug1: ssh_ecdsa_verify: signature correct 
debug2: kex_derive_keys 
debug2: set_newkeys: mode 1 
debug1: SSH2_MSG_NEWKEYS sent 
debug1: expecting SSH2_MSG_NEWKEYS 
debug2: set_newkeys: mode 0 
debug1: SSH2_MSG_NEWKEYS received 
debug1: Roaming not allowed by server 
debug1: SSH2_MSG_SERVICE_REQUEST sent 
debug2: service_accept: ssh-userauth 
debug1: SSH2_MSG_SERVICE_ACCEPT received 
debug2: key: /home/user/.ssh/id_rsa (0x7fa1272d15d0) 
debug2: key: /home/user/.ssh/id_dsa (0x7fa1272d1610) 
debug2: key: /home/user/.ssh/id_ecdsa (0x7fa1272cd270) 
debug1: Authentications that can continue: publickey,password 
debug3: start over, passed a different list publickey,password 
debug3: preferred gssapi-with-mic,gssapi-keyex,hostbased,publickey 
debug3: authmethod_lookup publickey 
debug3: remaining preferred: ,gssapi-keyex,hostbased,publickey 
debug3: authmethod_is_enabled publickey 
debug1: Next authentication method: publickey 
debug1: Offering RSA public key: /home/user/.ssh/id_rsa 
debug3: send_pubkey_test 
debug2: we sent a publickey packet, wait for reply 
debug1: Authentications that can continue: publickey,password 
debug1: Offering DSA public key: /home/user/.ssh/id_dsa 
debug3: send_pubkey_test 
debug2: we sent a publickey packet, wait for reply 
debug1: Authentications that can continue: publickey,password 
debug1: Offering ECDSA public key: /home/user/.ssh/id_ecdsa 
debug3: send_pubkey_test 
debug2: we sent a publickey packet, wait for reply 
debug1: Authentications that can continue: publickey,password 
debug2: we did not send a packet, disable method 
debug1: No more authentication methods to try. 
Permission denied (publickey,password). 

는 this page의 문제 해결 부분을 읽은 후, 나는 또한 매우 비슷한 결과, 명령의 마지막에이를 추가하여 방랑의 SSH 키를 사용하여 시도 무슨 일 이니? 감사합니다.

EDIT : Ah! 나는 SSH를 사용하여 시스템에 로그인하기 위해 관리하지만이 같은 가상 머신에서 나는 사용자 "방랑"는 것을 선언했다 : 나는 동일 할 수있는 방법,

ssh vagrant@192.168.33.2 

을 그래서, 지금이 작동 안심할 수 있니? (또는이 좋은 해결책이 될 수없는 것?) 내가 관리

Answer 1

@mascip이 이미 자체 답장을했기 때문에, inventory_file, ssh_user 및 ssh_private_key를 알려줄 필요가 있습니다. (나는 -c ssh 설정이 필요하다고 생각하지 않습니다.)

"우아한 방법"은 모든 설정을 프로젝트 별 ansible.cfg 파일에 저장하는 것입니다. 그러면 ansible jon -a "echo 'TEST'"을 실행할 수 있습니다.

하나의 "gotcha"는 명령을 실행하는 곳과 동일한 디렉토리에 ansible.cfg가 있어야한다는 것입니다. 나는 안심할 수있는 디렉토리 아래에 safety.cfg를 두는 것을 좋아한다. 그래서 나는 먼저 cd을 필요로한다는 것을 의미한다. 프로젝트 루트에서 ansible을 실행하려면 대신 해당하는 곳에서 다음과 같이 (그리고 샘플 구성 파일에 상대 경로를 조정하십시오) 해당하는 곳에.

ansible.cfg :

[defaults] 

remote_user = vagrant 
private_key_file = ~/.vagrant.d/insecure_private_key 

# aka inventory file 
hostfile = ../.vagrant/provisioners/ansible/inventory/vagrant_ansible_inventory 

Answer 2

: 사람이 더 우아한 또는 보안 솔루션이있는 경우

가

vm-abla> ansible jon -i provisioning/hosts -a "echo 'TEST'" -vvvv -c ssh --user=vagrant --private-key=~/.vagrant.d/insecure_private_key 

하지만, 내가 관심이 있어요.