I’m very interested in using Trellis and gave it a go this morning. I got the development environment set up no problem and i’m following the example project. When I go to provision my AWS Ubuntu 14.04 server, however, I get SSH Error: Permission denied (publickey).
The server is set up to use a pem key and I’m on a vpn, but I can ssh in on my own with no problem. I’ve even used a very basic Ansible setup that I built with no problem on a server just like this… Any suggestions on what to look for would be great! My staging/users.yml file is:
admin_user: ubuntu
users:
- name: "{{ web_user }}"
groups:
- "{{ web_group }}"
keys:
- "{{ lookup('file', '~/.ssh/myprecious.pem') }}"
# - https://github.com/username.keys
- name: "{{ admin_user }}"
groups:
- sudo
keys:
- "{{ lookup('file', '~/.ssh/myprecious.pem') }}"
# - https://github.com/username.keys
web_user: web
web_group: www-data
web_sudoers:
- "/usr/sbin/service php5-fpm *"
My hosts/staging file is:
[web]
10.0.11.187
[staging:children]
web
The -vvvv edition of my command is:
PLAY [Determine Remote User] **************************************************
TASK: [remote-user | Determine whether to connect as root or admin_user] ******
<127.0.0.1> REMOTE_MODULE command ansible 10.0.11.187 -m ping -i hosts/staging -u root
<127.0.0.1> EXEC ['/bin/sh', '-c', 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1443459446.82-146080007544667 && chmod a+rx $HOME/.ansible/tmp/ansible-tmp-1443459446.82-146080007544667 && echo $HOME/.ansible/tmp/ansible-tmp-1443459446.82-146080007544667']
<127.0.0.1> PUT /var/folders/tp/jk7zh0yx1jzg4_xpq17mnv140000gn/T/tmpm0icWi TO /Users/swain/.ansible/tmp/ansible-tmp-1443459446.82-146080007544667/command
<127.0.0.1> EXEC ['/bin/sh', '-c', u'LANG=en_US.UTF-8 LC_CTYPE=en_US.UTF-8 /usr/bin/python /Users/swain/.ansible/tmp/ansible-tmp-1443459446.82-146080007544667/command; rm -rf /Users/swain/.ansible/tmp/ansible-tmp-1443459446.82-146080007544667/ >/dev/null 2>&1']
ok: [10.0.11.187 -> 127.0.0.1] => {"changed": false, "cmd": ["ansible", "10.0.11.187", "-m", "ping", "-i", "hosts/staging", "-u", "root"], "delta": "0:00:00.398513", "end": "2015-09-28 12:57:27.279631", "failed": false, "failed_when_result": false, "rc": 3, "start": "2015-09-28 12:57:26.881118", "stderr": "10.0.11.187 | FAILED => SSH Error: Permission denied (publickey).\n while connecting to 10.0.11.187:22\nIt is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.", "stdout": "", "stdout_lines": [], "warnings": []}
TASK: [remote-user | Set remote user for each host] ***************************
<10.0.11.187> ESTABLISH CONNECTION FOR USER: swain
ok: [10.0.11.187] => {"ansible_facts": {"ansible_ssh_user": "ubuntu"}}
TASK: [remote-user | Announce which user was selected] ************************
<10.0.11.187> ESTABLISH CONNECTION FOR USER: ubuntu
ok: [10.0.11.187] => {
"msg": "Note: Ansible will attempt connections as user = ubuntu"
}
PLAY [WordPress Server - Install LEMP Stack with PHP 5.6 and MariaDB MySQL] ***
GATHERING FACTS ***************************************************************
<10.0.11.187> ESTABLISH CONNECTION FOR USER: ubuntu
<10.0.11.187> REMOTE_MODULE setup
<10.0.11.187> EXEC ssh -C -tt -v -o ForwardAgent=yes -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/Users/swain/.ansible/cp/ansible-ssh-%h-%p-%r" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ubuntu -o ConnectTimeout=10 10.0.11.187 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1443459447.32-135083032644451 && chmod a+rx $HOME/.ansible/tmp/ansible-tmp-1443459447.32-135083032644451 && echo $HOME/.ansible/tmp/ansible-tmp-1443459447.32-135083032644451'
fatal: [10.0.11.187] => SSH Error: Permission denied (publickey).
while connecting to 10.0.11.187:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
TASK: [common | Validate Ansible version] *************************************
FATAL: no hosts matched or all hosts have already failed -- aborting
PLAY RECAP ********************************************************************
to retry, use: --limit @/Users/swain/server.retry
10.0.11.187 : ok=3 changed=0 unreachable=1 failed=0
Thanks!