ansible: using ssh key authentication but asked multiple times for passphrase - why?

Question

On my management hosts, i have installed ansible 2.2.0.0 and i am attempting to connect to my client.

The client is an EC2 instance that only accepts SSH keys to login. I have a simple playbook that is creating a temporary file on the client

I am seeing the behaviour that i am asked multiple times to enter the passphrase for the private key and would like to know why? I did not see this behaviorr on a previous version of Ansible.

  ansible-playbook -i inventory soe-yml --verbose --private-key <keyfile> -vvv

  ansible-playbook -i inventory soe-yml --verbose --private-key <keyfile>
  Using /home/X/ansible/ansible.cfg as config file

PLAY [<instance-dns>] **************************

TASK [setup] *******************************************************************
Enter passphrase for key 'X':
 [WARNING]: sftp transfer mechanism failed on [<instance-dns>]. Use ANSIBLE_DEBUG=1 to see detailed information

Enter passphrase for key 'X':
Enter passphrase for key 'X':
Enter passphrase for key 'X':
ok: [<instance-dns>]

TASK [Create test file] ********************************************************
Enter passphrase for key '<keyfile>':

  Enter passphrase for key 'X':
  Enter passphrase for key 'X':
  Enter passphrase for key 'X':
  Enter passphrase for key 'X':
  Enter passphrase for key 'X':
changed: [] => {"changed": true, "dest": "/tmp/hello", "gid": 1000, "group": "centos", "mode": "0664", "owner": "centos", "secontext": "unconfined_u:object_r:user_tmp_t:s0", "size": 0, "state": "file", "uid": 1000}

PLAY RECAP *********************************************************************
<instance-dns> : ok=2    changed=1    unreachable=0    failed=0`


```

I found this link https://github.com/ansible/ansible/issues/16354 Which pointed me to use the ssh-agent which i am now using and it works but i am keen to understand why i am asked SO many time for this interaction with the client?

Also, if i use the ask-pass option, ansible just hangs

[X@X ansible]$ ansible-playbook -i inventory soe-yml --verbose --private-key key --ask-pass
Using /home/x/ansible/ansible.cfg as config file
SSH password:

PLAY [hostx] **************************

TASK [setup] ***************

* Is this a bug? seen something similar?

Answer 1

Your ssh keys are encrypted. You need to setup something so that it decrypts the key when you login: https://askubuntu.com/questions/362280/enter-ssh-passphrase-once

Or you can not encrypted or private key (which is less secure).