I typically SSH into my server using:
ssh -l root -p 34775 -i ~/.ssh/mysite.com mysite.com
This works just fine, but I can’t get Trellis to use the public key (~/.ssh/mysite.com). The contents of group_vars/all/users.yml is:
admin_user: root
users:
- name: "{{ web_user }}"
groups:
- "{{ web_group }}"
keys:
- "{{ lookup('file', '~/.ssh/mysite.com') }}"
# - https://github.com/username.keys
- name: "{{ admin_user }}"
groups:
- sudo
keys:
- "{{ lookup('file', '~/.ssh/mysite.com') }}"
# - https://github.com/username.keys
web_user: www
web_group: www-data
web_sudoers:
- "/usr/sbin/service hhvm *"
- "/usr/sbin/service php5-fpm *"
Any ideas why I can’t connect? It seems like my public key just gets ignored. Here’s what the console output looks like (actual hostnames and IP addresses are not disclosed):
$ ansible-playbook -i hosts/production deploy.yml -vvvv
PLAY [Deploy Bedrock] *********************************************************
GATHERING FACTS ***************************************************************
<mysite.com> ESTABLISH CONNECTION FOR USER: root
<mysite.com> REMOTE_MODULE setup
<mysite.com> EXEC ssh -C -tt -vvv -o ForwardAgent=yes -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/Users/Me/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=34775 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=root -o ConnectTimeout=10 mysite.com /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1449438037.2-6438931786702 && echo $HOME/.ansible/tmp/ansible-tmp-1449438037.2-6438931786702'
fatal: [mysite.com] => SSH Error: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
while connecting to 55.55.555.555:34775
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
TASK: [deploy | Initialize] ***************************************************
FATAL: no hosts matched or all hosts have already failed -- aborting
PLAY RECAP ********************************************************************
to retry, use: --limit @/Users/Me/deploy.retry
mysite.com : ok=0 changed=0 unreachable=1 failed=0