ksaid
Mission Specialist
Mission Specialist
  • 1,154 Views

ansible-navigator private_key_file

Jump to solution

Hi,

 

I am studying for RHCE and one thing I am trying to do is making sure all my playbooks are working with both ansible-playbook and ansible-navigator run commands.

There is one thing that makes the ansible-navigator to not work as it expected and that is when I specify "private_key_file" variable in ansible.cfg

The strange thing is when I specify the relative path (~/.ssh/id_rsa), its working as excepted, but not when I write the full path (/home/vagrant/.ssh/id_rsa) to the ssh key file. Both entries are working fine with ansible-playbook command.

I am getting this error message:

msg: |
  Failed to connect to the host via ssh: no such identity: /home/vagrant/.ssh/id_rsa: No such file or directory vagrant@server1.example.com: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).

I am aware that ansible-navigator is running in its own execution environment, but it should be able to get the full path if its able to get the relative path - or I am missing some details?

Greatful if someone can advise how to procees.

Labels (2)
1 Solution

Accepted Solutions
Fran_Garcia
Starfighter Starfighter
Starfighter
  • 1,128 Views

There is no /home/vagrant inside the container because Ansible within the EE is launched under another user.  You can check which user with regular OS commands like whoami, id, pwd, etc. However in other to create portable playbooks it's recommended to not use any hardcoded references to users or paths local to the EE.

View solution in original post

3 Replies
Fran_Garcia
Starfighter Starfighter
Starfighter
  • 1,129 Views

There is no /home/vagrant inside the container because Ansible within the EE is launched under another user.  You can check which user with regular OS commands like whoami, id, pwd, etc. However in other to create portable playbooks it's recommended to not use any hardcoded references to users or paths local to the EE.

ksaid
Mission Specialist
Mission Specialist
  • 1,125 Views

@Fran_GarciaI undertand that the vagrant user does not exist in EE, but I thought it would make some kind of bind mounting somehow.

How would the correct approach be if the ssh key is located in /home/vagrant/.ssh/ directory?

I mean sometime we dont have an option to locate the key where we want. Without knowing anything about the RHCE exam. I would probably think that we will be instructed to put the ssh key within a speficic folder. In that case how would the private_key_file variable be written?

ksaid
Mission Specialist
Mission Specialist
  • 1,119 Views

I found the below information on https://github.com/ansible/ansible-navigator/blob/main/docs/faq.md

SSH keys

How do I use my SSH keys with an execution environment?

The simplest way to use SSH keys with an execution environment is to use ssh-agent and use default key names. Register keys as needed if they do not use one of the default key names. (~/.ssh/id_rsa, ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519, and ~/.ssh/identity. (eg ssh-add ~/.ssh/my_key). ansible-navigator will automatically setup and enable the use of ssh-agent within the execution environment by volume mounting the SSH authentication socket path and setting the SSH_AUTH_SOCK environment variable.

 

In other words, if ssh-agent is available and the ssh key name is one of the default, then there is no need to specify anything.

Join the discussion
You must log in to join this conversation.