1. Zuhause
  2. Frage und Antwort
  3. nicht in der Lage ssh Remote-Host mit ansible mit aws zu erreichen Schlüssel

nicht in der Lage ssh Remote-Host mit ansible mit aws zu erreichen Schlüssel

2016-04-21 3 views
-1

Ich versuche, einen Server mit ansible ping, aber ich bin immer einige Fehlermeldungennicht in der Lage ssh Remote-Host mit ansible mit aws zu erreichen Schlüssel

[[email protected] kafka-scripts]$ ansible zook1 -m ping -vvv 

Using /home/ec2-user/kafka-scripts/ansible.cfg as config file 
<172.30.0.113> ESTABLISH SSH CONNECTION FOR USER: None 
<172.30.0.113> SSH: EXEC ssh -C -q -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile="/home/ec2-user/kafka-scripts/keys/kafka_broker.pem"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/ec2-user/.ansible/cp/ansible-ssh-%h-%p-%r -tt 172.30.0.113 '/bin/sh -c '"'"'(umask 22 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1461268838.85-234429685988133 `" && echo "` echo $HOME/.ansible/tmp/ansible-tmp-1461268838.85-234429685988133 `")'"'"'' 
zook1 | UNREACHABLE! => { 
    "changed": false, 
    "msg": "SSH encountered an unknown error during the connection. We recommend you re-run the command using -vvvv, which will enable SSH debugging output to help diagnose the issue", 
    "unreachable": true 
}

mit -vvvv

[[email protected] kafka-scripts]$ ansible zookservers -m ping -vvvv 
Using /home/ec2-user/kafka-scripts/ansible.cfg as config file 
Loaded callback minimal of type stdout, v2.0 
<172.30.0.113> ESTABLISH SSH CONNECTION FOR USER: None 
<172.30.0.113> SSH: EXEC ssh -C -vvv -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile="/home/ec2-user/kafka-scripts/keys/kafka_broker.pem"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/ec2-user/.ansible/cp/ansible-ssh-%h-%p-%r -tt 172.30.0.113 '/bin/sh -c '"'"'(umask 22 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1461270664.7-212192719472156 `" && echo "` echo $HOME/.ansible/tmp/ansible-tmp-1461270664.7-212192719472156 `")'"'"'' 
zook1 | UNREACHABLE! => { 
"changed": false, 
"msg": "SSH encountered an unknown error. The output was:\nOpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 56: Applying options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug1: Control socket \"/home/ec2-user/.ansible/cp/ansible-ssh-172.30.0.113-22-ec2-user\" does not exist\r\ndebug2: ssh_connect: needpriv 0\r\ndebug1: Connecting to 172.30.0.113 [172.30.0.113] port 22.\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug1: fd 3 clearing O_NONBLOCK\r\ndebug1: Connection established.\r\ndebug3: timeout: 10000 ms remain after connect\r\ndebug3: Incorrect RSA1 identifier\r\ndebug3: Could not load \"/home/ec2-user/kafka-scripts/keys/kafka_broker.pem\" as a RSA1 public key\r\ndebug1: identity file /home/ec2-user/kafka-scripts/keys/kafka_broker.pem type -1\r\ndebug1: identity file /home/ec2-user/kafka-scripts/keys/kafka_broker.pem-cert type -1\r\ndebug1: Enabling compatibility mode for protocol 2.0\r\ndebug1: Local version string SSH-2.0-OpenSSH_6.6.1\r\ndebug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1\r\ndebug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug3: load_hostkeys: loading entries for host \"172.30.0.113\" from file \"/home/ec2-user/.ssh/known_hosts\"\r\ndebug3: load_hostkeys: found key type ECDSA in file /home/ec2-user/.ssh/known_hosts:1\r\ndebug3: load_hostkeys: loaded 1 keys\r\ndebug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521\r\ndebug1: SSH2_MSG_KEXINIT sent\r\ndebug1: SSH2_MSG_KEXINIT received\r\ndebug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1\r\ndebug2: kex_parse_kexinit: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,ssh-rsa,ssh-dss\r\ndebug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]\r\ndebug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]\r\ndebug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96\r\ndebug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96\r\ndebug2: kex_parse_kexinit: [email protected],zlib,none\r\ndebug2: kex_parse_kexinit: [email protected],zlib,none\r\ndebug2: kex_parse_kexinit: \r\ndebug2: kex_parse_kexinit: \r\ndebug2: kex_parse_kexinit: first_kex_follows 0 \r\ndebug2: kex_parse_kexinit: reserved 0 \r\ndebug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1\r\ndebug2: kex_parse_kexinit: ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519\r\ndebug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]\r\ndebug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]\r\ndebug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96\r\ndebug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96\r\ndebug2: kex_parse_kexinit: none,[email protected]\r\ndebug2: kex_parse_kexinit: none,[email protected]\r\ndebug2: kex_parse_kexinit: \r\ndebug2: kex_parse_kexinit: \r\ndebug2: kex_parse_kexinit: first_kex_follows 0 \r\ndebug2: kex_parse_kexinit: reserved 0 \r\ndebug2: mac_setup: setup [email protected]\r\ndebug1: kex: server->client aes128-ctr [email protected] [email protected]\r\ndebug2: mac_setup: setup [email protected]\r\ndebug1: kex: client->server aes128-ctr [email protected] [email protected]\r\ndebug1: kex: [email protected] need=16 dh_need=16\r\ndebug1: kex: [email protected] need=16 dh_need=16\r\ndebug1: sending SSH2_MSG_KEX_ECDH_INIT\r\ndebug1: expecting SSH2_MSG_KEX_ECDH_REPLY\r\ndebug1: Server host key: ECDSA 55:88:b1:5a:cd:bb:87:ff:dd:54:b0:36:39:c7:e2:ea\r\ndebug3: load_hostkeys: loading entries for host \"172.30.0.113\" from file \"/home/ec2-user/.ssh/known_hosts\"\r\ndebug3: load_hostkeys: found key type ECDSA in file /home/ec2-user/.ssh/known_hosts:1\r\ndebug3: load_hostkeys: loaded 1 keys\r\ndebug1: Host '172.30.0.113' is known and matches the ECDSA host key.\r\ndebug1: Found key in /home/ec2-user/.ssh/known_hosts:1\r\ndebug1: ssh_ecdsa_verify: signature correct\r\ndebug2: kex_derive_keys\r\ndebug2: set_newkeys: mode 1\r\ndebug1: SSH2_MSG_NEWKEYS sent\r\ndebug1: expecting SSH2_MSG_NEWKEYS\r\ndebug2: set_newkeys: mode 0\r\ndebug1: SSH2_MSG_NEWKEYS received\r\ndebug1: SSH2_MSG_SERVICE_REQUEST sent\r\ndebug2: service_accept: ssh-userauth\r\ndebug1: SSH2_MSG_SERVICE_ACCEPT received\r\ndebug2: key: /home/ec2-user/kafka-scripts/keys/kafka_broker.pem ((nil)), explicit\r\ndebug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic\r\ndebug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic\r\ndebug3: preferred gssapi-with-mic,gssapi-keyex,hostbased,publickey\r\ndebug3: authmethod_lookup gssapi-with-mic\r\ndebug3: remaining preferred: gssapi-keyex,hostbased,publickey\r\ndebug3: authmethod_is_enabled gssapi-with-mic\r\ndebug1: Next authentication method: gssapi-with-mic\r\ndebug1: Unspecified GSS failure. Minor code may provide more information\nNo Kerberos credentials available\n\r\ndebug1: Unspecified GSS failure. Minor code may provide more information\nNo Kerberos credentials available\n\r\ndebug1: Unspecified GSS failure. Minor code may provide more information\n\n\r\ndebug1: Unspecified GSS failure. Minor code may provide more information\nNo Kerberos credentials available\n\r\ndebug2: we did not send a packet, disable method\r\ndebug3: authmethod_lookup gssapi-keyex\r\ndebug3: remaining preferred: hostbased,publickey\r\ndebug3: authmethod_is_enabled gssapi-keyex\r\ndebug1: Next authentication method: gssapi-keyex\r\ndebug1: No valid Key exchange context\r\ndebug2: we did not send a packet, disable method\r\ndebug3: authmethod_lookup publickey\r\ndebug3: remaining preferred: ,publickey\r\ndebug3: authmethod_is_enabled publickey\r\ndebug1: Next authentication method: publickey\r\ndebug1: Trying private key: /home/ec2-user/kafka-scripts/keys/kafka_broker.pem\r\[email protected]@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\[email protected]   WARNING: UNPROTECTED PRIVATE KEY FILE!   @\r\[email protected]@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\nPermissions 0777 for '/home/ec2-user/kafka-scripts/keys/kafka_broker.pem' are too open.\r\nIt is required that your private key files are NOT accessible by others.\r\nThis private key will be ignored.\r\nbad permissions: ignore key: /home/ec2-user/kafka-scripts/keys/kafka_broker.pem\r\ndebug2: we did not send a packet, disable method\r\ndebug1: No more authentication methods to try.\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic).\r\n", 
"unreachable": true 
}

SSH-Debugging Ausgang:

SSH encountered an unknown error. The output was:\nOpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013 
debug1: Reading configuration data /etc/ssh/ssh_config 
debug1: /etc/ssh/ssh_config line 56: Applying options for * 
debug1: auto-mux: Trying existing master 
debug1: Control socket "/home/ec2-user/.ansible/cp/ansible-ssh-172.30.0.113-22-ec2-user" does not exist 
debug2: ssh_connect: needpriv 0 
debug1: Connecting to 172.30.0.113 [172.30.0.113] port 22. 
debug2: fd 3 setting O_NONBLOCK 
debug1: fd 3 clearing O_NONBLOCK 
debug1: Connection established. 
debug3: timeout: 10000 ms remain after connect 
debug3: Incorrect RSA1 identifier 
debug3: Could not load "/home/ec2-user/kafka-scripts/keys/kafka_broker.pem" as a RSA1 public key 
debug1: identity file /home/ec2-user/kafka-scripts/keys/kafka_broker.pem type -1 
debug1: identity file /home/ec2-user/kafka-scripts/keys/kafka_broker.pem-cert type -1 
debug1: Enabling compatibility mode for protocol 2.0 
debug1: Local version string SSH-2.0-OpenSSH_6.6.1 
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1 
debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000 
debug2: fd 3 setting O_NONBLOCK 
debug3: load_hostkeys: loading entries for host "172.30.0.113" from file "/home/ec2-user/.ssh/known_hosts" 
debug3: load_hostkeys: found key type ECDSA in file /home/ec2-user/.ssh/known_hosts:1 
debug3: load_hostkeys: loaded 1 keys 
debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 
debug1: SSH2_MSG_KEXINIT sent 
debug1: SSH2_MSG_KEXINIT received 
debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,ssh-rsa,ssh-dss 
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] 
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] 
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected].com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 
debug2: kex_parse_kexinit: [email protected],zlib,none 
debug2: kex_parse_kexinit: [email protected],zlib,none 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 
debug2: kex_parse_kexinit: ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] 
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] 
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 
debug2: kex_parse_kexinit: none,[email protected] 
debug2: kex_parse_kexinit: none,[email protected] 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: mac_setup: setup [email protected] 
debug1: kex: server->client aes128-ctr [email protected] [email protected] 
debug2: mac_setup: setup [email protected] 
debug1: kex: client->server aes128-ctr [email protected] [email protected] 
debug1: kex: [email protected] need=16 dh_need=16 
debug1: kex: [email protected] need=16 dh_need=16 
debug1: sending SSH2_MSG_KEX_ECDH_INIT 
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY 
debug1: Server host key: ECDSA 55:88:b1:5a:cd:bb:87:ff:dd:54:b0:36:39:c7:e2:ea 
debug3: load_hostkeys: loading entries for host "172.30.0.113" from file "/home/ec2-user/.ssh/known_hosts" 
debug3: load_hostkeys: found key type ECDSA in file /home/ec2-user/.ssh/known_hosts:1 
debug3: load_hostkeys: loaded 1 keys 
debug1: Host '172.30.0.113' is known and matches the ECDSA host key. 
debug1: Found key in /home/ec2-user/.ssh/known_hosts:1 
debug1: ssh_ecdsa_verify: signature correct 
debug2: kex_derive_keys 
debug2: set_newkeys: mode 1 
debug1: SSH2_MSG_NEWKEYS sent 
debug1: expecting SSH2_MSG_NEWKEYS 
debug2: set_newkeys: mode 0 
debug1: SSH2_MSG_NEWKEYS received 
debug1: SSH2_MSG_SERVICE_REQUEST sent 
debug2: service_accept: ssh-userauth 
debug1: SSH2_MSG_SERVICE_ACCEPT received 
debug2: key: /home/ec2-user/kafka-scripts/keys/kafka_broker.pem ((nil)), explicit 
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic 
debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic 
debug3: preferred gssapi-with-mic,gssapi-keyex,hostbased,publickey 
debug3: authmethod_lookup gssapi-with-mic 
debug3: remaining preferred: gssapi-keyex,hostbased,publickey 
debug3: authmethod_is_enabled gssapi-with-mic 
debug1: Next authentication method: gssapi-with-mic 
debug1: Unspecified GSS failure. Minor code may provide more information\nNo Kerberos credentials available\n 
debug1: Unspecified GSS failure. Minor code may provide more information\nNo Kerberos credentials available\n 
debug1: Unspecified GSS failure. Minor code may provide more information\n\n 
debug1: Unspecified GSS failure. Minor code may provide more information\nNo Kerberos credentials available\n 
debug2: we did not send a packet, disable method 
debug3: authmethod_lookup gssapi-keyex 
debug3: remaining preferred: hostbased,publickey 
debug3: authmethod_is_enabled gssapi-keyex 
debug1: Next authentication method: gssapi-keyex 
debug1: No valid Key exchange context 
debug2: we did not send a packet, disable method 
debug3: authmethod_lookup publickey 
debug3: remaining preferred: ,publickey 
debug3: authmethod_is_enabled publickey 
debug1: Next authentication method: publickey 
debug1: Trying private key: /home/ec2-user/kafka-scripts/keys/kafka_broker.pem 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ 
@   WARNING: UNPROTECTED PRIVATE KEY FILE!   @ 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ 
Permissions 0777 for '/home/ec2-user/kafka-scripts/keys/kafka_broker.pem' are too open. 
It is required that your private key files are NOT accessible by others. 
This private key will be ignored. 
bad permissions: ignore key: /home/ec2-user/kafka-scripts/keys/kafka_broker.pem 
debug2: we did not send a packet, disable method 
debug1: No more authentication methods to try. 
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

Quelle

2016-04-21 Manoj Kalluri

+2

Was passiert also, wenn Sie den Befehl "-vvvv" wie vorgeschlagen erneut ausführen? –

+0

Ich fügte hinzu, dass zu der Post, überprüfen Sie bitte –

Antwort

1

wie in der Fehlermeldung geschrieben, wird die Schlüssel-Datei, wie es soll nicht geschützt.

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ 
@   WARNING: UNPROTECTED PRIVATE KEY FILE!   @ 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ 
Permissions 0777 for '/home/ec2-user/kafka-scripts/keys/kafka_broker.pem' are too open. 
It is required that your private key files are NOT accessible by others.

Das Ausführen des folgenden Befehls sollte Ihr Problem beheben, indem Sie die Autorisierung entfernen, damit andere die Schlüsseldatei lesen können.

chmod 600 /home/ec2-user/kafka-scripts/keys/kafka_broker.pem

Quelle

2016-04-21 20:42:03

+0

früher war es nicht 777 war es 700 und das Problem trat auf, wenn ich herumspiele, änderte ich es zu 777. wie auch immer ich versuche, alles von Grund auf neu zu erstellen. Ich werde Sie danach wissen lassen. Die von ansible.co angegebene anfängliche Installation in RHEL-Schritten funktioniert übrigens nicht. Haben Sie eine Ahnung, wie Sie Ansible auf RHEL installieren können? –

+1

Sie sollten niemals die Beschränkungen für einen privaten Schlüssel verringern, wenn Sie nicht genau wissen, was Sie tun. Schmiede dich nicht und nimm die Frage an, wenn sie dein Problem löst. Bitte öffnen Sie eine weitere Frage, um Ihre Installationsanliegen zu stellen. –

Verwandte Themen

 Verwandte Themen