I have created an autoscaling group for Amazon EC2
and I have added my public key when I created the AMI with packer
, I can run ansible-playbook and ssh to the hosts.
But there is a problem when I run the playbook like this
ansible-playbook load.yml
I am getting this message that I need to write my password
Enter passphrase for key '/Users/XXX/.ssh/id_rsa':
Enter passphrase for key '/Users/XXX/.ssh/id_rsa':
Enter passphrase for key '/Users/XXX/.ssh/id_rsa':
The problem is it doesn't accept my password (I am sure I am typing my password correctly).
I found that I can send my password with ask-pass
flag, so I have changed my command to ansible-playbook load.yml --ask-pass
and I got some progress but again for some other task it asks for the password again and it didn't accept my password
[WARNING]: Unable to parse /etc/ansible/hosts as an inventory source
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'
PLAY [localhost] *************************************************************************************************************
TASK [ec2_instance_facts] ****************************************************************************************************
ok: [localhost]
TASK [add_host] **************************************************************************************************************
changed: [localhost] => (item=xx.xxx.xx.xxx)
changed: [localhost] => (item=yy.yyy.yyy.yyy)
PLAY [instances] *************************************************************************************************************
TASK [Copy gatling.conf] *****************************************************************************************************
ok: [xx.xxx.xx.xxx]
ok: [yy.yyy.yyy.yyy]
Enter passphrase for key '/Users/ccc/.ssh/id_rsa': Enter passphrase for key '/Users/ccc/.ssh/id_rsa':
Enter passphrase for key '/Users/ccc/.ssh/id_rsa':
Enter passphrase for key '/Users/ccc/.ssh/id_rsa':
Enter passphrase for key '/Users/ccc/.ssh/id_rsa':
If I don't use ask-pass
flag even the task [Copy gatling.conf]
doesn't complete and complaining about could not access the hosts. By adding the flag this part passes, but my next task again asks for pass.
How should I solve this issue? What am I doing wrong here?
A passphrase is a word or phrase that protects private key files. It prevents unauthorized users from encrypting them. Usually it's just the secret encryption/decryption key used for Ciphers. To change the passphrase you simply have to read it with the old pass-phrase and write it again, specifying the new pass-phrase.
SSH uses private/public key pairs to protect your communication with the server. SSH passphrases protect your private key from being used by someone who doesn't know the passphrase. Without a passphrase, anyone who gains access to your computer has the potential to copy your private key.
In ansible There is no option to store passphrase-protected private key
For that we need to add the passphrase-protected private key in the ssh-agent
Start the ssh-agent in the background.
# eval "$(ssh-agent -s)"
Add SSH private key to the ssh-agent
# ssh-add ~/.ssh/id_rsa
Now try running ansible-playbook and ssh to the hosts.
I solved it by running ssh-add
once and use it like if it's not password protected.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With