「ssh：Permission denied（publickey）」でホストに接続できませんでした。リモート接続

Question

とエラー私は、次の脚本があります

- hosts: localhost 
    connection: local 
    remote_user: test 
    gather_facts: no 

    vars_files: 
    - files/aws_creds.yml 
    - files/info.yml 

    environment: 
    AWS_ACCESS_KEY_ID: "{{ aws_id }}" 
    AWS_SECRET_ACCESS_KEY: "{{ aws_key }}" 
    s3cmd_access_key: "{{ aws_id }}" 
    s3cmd_secret_key: "{{ aws_key }}" 

    tasks: 
    - name: Basic provisioning of EC2 instance 
     ec2: 
     assign_public_ip: no 
     aws_access_key: "{{ aws_id }}" 
     aws_secret_key: "{{ aws_key }}" 
     region: "{{ aws_region }}" 
     image: "{{image_instance }}" 
     instance_type: "{{ free_instance }}" 
     key_name: "{{ ssh_keyname }}" 
     count: 3 
     state: present 
     group_id: "{{ secgroup_id }}" 
     vpc_subnet_id: "{{ private_subnet_id }}" 
     wait: no 
     instance_tags: 
      Name: Dawny33Template 
     #delete_on_termination: yes 
     register: ec2 


    - name: Add new instance to host group 
     add_host: 
     hostname: "{{ item.private_ip }}" 
     groupname: launched 
     with_items: "{{ ec2.instances }}" 

    - name: Wait for SSH to come up 
     wait_for: 
     host: "{{ item.private_ip }}" 
     port: 22 
     delay: 60 
     timeout: 320 
     state: started 
     with_items: "{{ ec2.instances }}" 

- hosts: launched 
    sudo: true 
    remote_user: test 
    gather_facts: yes 

    vars_files: 
    - files/aws_creds.yml 
    - files/info.yml 

    environment: 
    AWS_ACCESS_KEY_ID: "{{ aws_id }}" 
    AWS_SECRET_ACCESS_KEY: "{{ aws_key }}" 
    s3cmd_access_key: "{{ aws_id }}" 
    s3cmd_secret_key: "{{ aws_key }}" 

    tasks: 
    - name: Add file system for the volume 
     command: mkfs -t ext4 /dev/xvdb 
     sudo: yes 

    - name: Create a directory for mounting 
     command: mkdir /home/ec2-user/EncryptedEBS 

    - name: Mount the volume 
     command: mount /dev/xvdb /home/ec2-user/EncryptedEBS 
     sudo: yes 

    - name: Owning the mounted folder 
     command: chown ec2-user /home/ec2-user/EncryptedEBS/lost+found/ 
     sudo: yes 

    - name: check out a git repository 
     git: repo={{ repo_url }} dest=/home/ec2-user/EncryptedEBS/GitRepo accept_hostkey=yes force=yes 
     vars: 
     repo_url: https://github.com/Dawny33/AnsibleExperiments 
     become: yes 


    - name: Go to the folder and execute command 
     command: chmod 0755 /home/ec2-user/EncryptedEBS/GitRepo/processing.py 
     become: yes 
     become_user: root 

    - name: Run Py script 
     command: /home/ec2-user/EncryptedEBS/GitRepo/processing.py {{ N }} {{ bucket_name }} 
     become: yes 
     become_user: root 

はしかし、私はAnsible私はENVを定義しているにもかかわらず、私のリモートホストに接続しようとすると、「Permission denied」エラーが得られます。変数は

ここに間違いがありますか？

エラー：

fatal: [10.0.1.62]: UNREACHABLE! => { 
    "changed": false, 
    "msg": "Failed to connect to the host via ssh: Permission denied (publickey).\r\n", 
    "unreachable": true 
} 
fatal: [10.0.1.177]: UNREACHABLE! => { 
    "changed": false, 
    "msg": "Failed to connect to the host via ssh: Permission denied (publickey).\r\n", 
    "unreachable": true 
} 
fatal: [10.0.1.151]: UNREACHABLE! => { 
    "changed": false, 
    "msg": "Failed to connect to the host via ssh: Permission denied (publickey).\r\n", 
    "unreachable": true 
} 

が完了-vvv出力の追加：キーも手動SSHを許可されていない理由はここに

Using module file /usr/local/lib/python2.7/site-packages/ansible/modules/core/system/setup.py 
<10.0.1.170> ESTABLISH SSH CONNECTION FOR USER: ec2-user 
Using module file /usr/local/lib/python2.7/site-packages/ansible/modules/core/system/setup.py 
<10.0.1.11> ESTABLISH SSH CONNECTION FOR USER: ec2-user 
<10.0.1.170> SSH: EXEC ssh -o ForwardAgent=yes -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ec2-user -o ConnectTimeout=10 10.0.1.170 '/bin/sh -c '"'"'(umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1487158610.11-137345507492691 `" && echo ansible-tmp-1487158610.11-137345507492691="` echo ~/.ansible/tmp/ansible-tmp-1487158610.11-137345507492691 `") && sleep 0'"'"'' 
<10.0.1.11> SSH: EXEC ssh -o ForwardAgent=yes -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ec2-user -o ConnectTimeout=10 10.0.1.11 '/bin/sh -c '"'"'(umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1487158610.11-2307895121172 `" && echo ansible-tmp-1487158610.11-2307895121172="` echo ~/.ansible/tmp/ansible-tmp-1487158610.11-2307895121172 `") && sleep 0'"'"'' 
Using module file /usr/local/lib/python2.7/site-packages/ansible/modules/core/system/setup.py 
<10.0.1.45> ESTABLISH SSH CONNECTION FOR USER: ec2-user 
<10.0.1.45> SSH: EXEC ssh -o ForwardAgent=yes -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ec2-user -o ConnectTimeout=10 10.0.1.45 '/bin/sh -c '"'"'(umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1487158610.12-3620848798638 `" && echo ansible-tmp-1487158610.12-3620848798638="` echo ~/.ansible/tmp/ansible-tmp-1487158610.12-3620848798638 `") && sleep 0'"'"'' 
<10.0.1.170> ssh_retry: attempt: 0, ssh return code is 255. cmd (/bin/sh -c '(umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1487158610.11-137345507492691 `" && echo ansible-tmp-1487158610.11-137345507492691="` echo ~/.ansible/tmp/ansible-tmp-1487158610.11-137345507492691 `") && sleep 0'...), pausing for 0 seconds 
<10.0.1.170> ESTABLISH SSH CONNECTION FOR USER: ec2-user 
<10.0.1.170> SSH: EXEC ssh -o ForwardAgent=yes -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ec2-user -o ConnectTimeout=10 10.0.1.170 '/bin/sh -c '"'"'(umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1487158610.11-137345507492691 `" && echo ansible-tmp-1487158610.11-137345507492691="` echo ~/.ansible/tmp/ansible-tmp-1487158610.11-137345507492691 `") && sleep 0'"'"'' 
<10.0.1.11> ssh_retry: attempt: 0, ssh return code is 255. cmd (/bin/sh -c '(umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1487158610.11-2307895121172 `" && echo ansible-tmp-1487158610.11-2307895121172="` echo ~/.ansible/tmp/ansible-tmp-1487158610.11-2307895121172 `") && sleep 0'...), pausing for 0 seconds 
<10.0.1.11> ESTABLISH SSH CONNECTION FOR USER: ec2-user 
<10.0.1.11> SSH: EXEC ssh -o ForwardAgent=yes -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ec2-user -o ConnectTimeout=10 10.0.1.11 '/bin/sh -c '"'"'(umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1487158610.11-2307895121172 `" && echo ansible-tmp-1487158610.11-2307895121172="` echo ~/.ansible/tmp/ansible-tmp-1487158610.11-2307895121172 `") && sleep 0'"'"'' 
<10.0.1.45> ssh_retry: attempt: 0, ssh return code is 255. cmd (/bin/sh -c '(umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1487158610.12-3620848798638 `" && echo ansible-tmp-1487158610.12-3620848798638="` echo ~/.ansible/tmp/ansible-tmp-1487158610.12-3620848798638 `") && sleep 0'...), pausing for 0 seconds 
<10.0.1.45> ESTABLISH SSH CONNECTION FOR USER: ec2-user 
<10.0.1.45> SSH: EXEC ssh -o ForwardAgent=yes -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ec2-user -o ConnectTimeout=10 10.0.1.45 '/bin/sh -c '"'"'(umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1487158610.12-3620848798638 `" && echo ansible-tmp-1487158610.12-3620848798638="` echo ~/.ansible/tmp/ansible-tmp-1487158610.12-3620848798638 `") && sleep 0'"'"'' 
<10.0.1.170> ssh_retry: attempt: 1, ssh return code is 255. cmd (/bin/sh -c '(umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1487158610.11-137345507492691 `" && echo ansible-tmp-1487158610.11-137345507492691="` echo ~/.ansible/tmp/ansible-tmp-1487158610.11-137345507492691 `") && sleep 0'...), pausing for 1 seconds 
<10.0.1.11> ssh_retry: attempt: 1, ssh return code is 255. cmd (/bin/sh -c '(umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1487158610.11-2307895121172 `" && echo ansible-tmp-1487158610.11-2307895121172="` echo ~/.ansible/tmp/ansible-tmp-1487158610.11-2307895121172 `") && sleep 0'...), pausing for 1 seconds 
<10.0.1.45> ssh_retry: attempt: 1, ssh return code is 255. cmd (/bin/sh -c '(umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1487158610.12-3620848798638 `" && echo ansible-tmp-1487158610.12-3620848798638="` echo ~/.ansible/tmp/ansible-tmp-1487158610.12-3620848798638 `") && sleep 0'...), pausing for 1 seconds 
<10.0.1.170> ESTABLISH SSH CONNECTION FOR USER: ec2-user 
<10.0.1.170> SSH: EXEC ssh -o ForwardAgent=yes -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ec2-user -o ConnectTimeout=10 10.0.1.170 '/bin/sh -c '"'"'(umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1487158610.11-137345507492691 `" && echo ansible-tmp-1487158610.11-137345507492691="` echo ~/.ansible/tmp/ansible-tmp-1487158610.11-137345507492691 `") && sleep 0'"'"'' 
<10.0.1.11> ESTABLISH SSH CONNECTION FOR USER: ec2-user 
<10.0.1.11> SSH: EXEC ssh -o ForwardAgent=yes -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ec2-user -o ConnectTimeout=10 10.0.1.11 '/bin/sh -c '"'"'(umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1487158610.11-2307895121172 `" && echo ansible-tmp-1487158610.11-2307895121172="` echo ~/.ansible/tmp/ansible-tmp-1487158610.11-2307895121172 `") && sleep 0'"'"'' 
<10.0.1.45> ESTABLISH SSH CONNECTION FOR USER: ec2-user 
<10.0.1.45> SSH: EXEC ssh -o ForwardAgent=yes -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ec2-user -o ConnectTimeout=10 10.0.1.45 '/bin/sh -c '"'"'(umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1487158610.12-3620848798638 `" && echo ansible-tmp-1487158610.12-3620848798638="` echo ~/.ansible/tmp/ansible-tmp-1487158610.12-3620848798638 `") && sleep 0'"'"'' 
fatal: [10.0.1.11]: UNREACHABLE! => { 
    "changed": false, 
    "msg": "Failed to connect to the host via ssh: Permission denied (publickey).\r\n", 
    "unreachable": true 
} 
fatal: [10.0.1.170]: UNREACHABLE! => { 
    "changed": false, 
    "msg": "Failed to connect to the host via ssh: Permission denied (publickey).\r\n", 
    "unreachable": true 
} 
fatal: [10.0.1.45]: UNREACHABLE! => { 
    "changed": false, 
    "msg": "Failed to connect to the host via ssh: Permission denied (publickey).\r\n", 
    "unreachable": true 
} 

Answer 1

を、私は確認されませんでした。そこで、私は新しい鍵（pemファイル）を生成し、それを使って作業しました。 [Manual ssh worked with that file]

さて、問題は、次のブロックにある：

- hosts: launched 
    sudo: true 
    remote_user: test 
    gather_facts: yes 

私がするそれを編集した：

- hosts: launched 
    sudo: no 
    connection: ssh 
    remote_user: ec2-user 
    gather_facts: yes 

、それが働きました。理由は明白でなければならない。接続はsshで、localでなければなりません。ユーザー名はAmazon Linuxインスタンスの場合はec2-user、ubuntuインスタンスの場合はUbuntuでなければなりません。

Answer 2

あなたが最初にあなたのPEMを追加する必要がありますec2.py使用する場合は、このように、忘れてはいけない：

ssh-add /home/yourusername/.ssh/your.pem 

Answer 3

のssh-keygenのツール を使用してSSH公開鍵を生成し、の〜/ .sshを/コピーid_rsa.pubキーを〜/ .ssh/authorized_keysファイルにコピーします。