Ansible-Playbook: Failed to connect to the host via ssh: no such identity

Question

I am trying to run a playbook on some servers I am trying to setup with Ansible playbook. To do this I created a hosts file for dev inventories:

all:
  servers:
    hosts:
      my_server1:
      my_server2:
  vars:
    ansible_ssh_user: myremoteuser
    ansible_ssh_private_key_file: "{{ private_key }}"

I populate the private_key from my vault like so: private_key: "{{vault_private_key | b64decode}}"

vault_private_key is the base64 encoded private 2048 rsa key that I generated, and I can see that it correctly decodes in the error message like so:

   "msg": "Failed to connect to the host via ssh: no such identity: -----BEGIN OPENSSH PRIVATE KEY-----\n

I generated the ssh key with the following command: ssh-keygen -b 2048 -t rsa -f myremoteuser_key -C myremoteuser

When I ssh into my_server1 or 2, I can verify that /home/myremoteuser/.ssh/authorized_keys has the public key generated in there, which I verified by greping the public key text.

I can ssh via commandline. Is there something I am missing when attempting to set the private key?

Answer 1

I can't quite tell from your question -- can you confirm you are not confusing private key file path with private key file contents?

Are you writing the private key to disk? If so, are you setting the permissions to 0600? SSH won't read a private key file where the permissions are too broad.

I suspect you are running into an issue with permissions.

Why don't you just use a template task to populate the contents of your private key? See https://docs.ansible.com/ansible/latest/collections/ansible/builtin/template_module.html

You can put a variable into your template file, {{vault_private_key | b64decode}}