1. 问题1
1、背景
ansible批量安装Prometheus监控时存在个别主机ping命令时异常
10.xxx.xxx.xxx | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\n@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @\r\n@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\nIT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!\r\nSomeone could be eavesdropping on you right now (man-in-the-middle attack)!\r\nIt is also possible that a host key has just been changed.\r\nThe fingerprint for the ED25519 key sent by the remote host is\nSHA256:u79JrY6CPeDHMC7THWhLeek/BvnZ4AmFFj37YrndGiw.\r\nPlease contact your system administrator.\r\nAdd correct host key in /root/.ssh/known_hosts to get rid of this message.\r\nOffending ECDSA key in /root/.ssh/known_hosts:70\r\nPassword authentication is disabled to avoid man-in-the-middle attacks.\r\nKeyboard-interactive authentication is disabled to avoid man-in-the-middle attacks.\r\nUpdateHostkeys is disabled because the host key is not trusted.\r\n\nAuthorized users only. All activities may be monitored and reported.\nroot@10.223.225.161: Permission denied (publickey,gssapi-with-mic,password).",
"unreachable": true
}
使用ssh连接时
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
SHA256:5EA+FhrKm+TIVacBJhpOISexNpdmgY51FXFK6Ph4E98.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /root/.ssh/known_hosts:64
Host key for xx.xxx.xxx.xxx has changed and you have requested strict checking.
Host key verification failed.
2、处理
使用ssh-keygen -R xx.xxx.xxx.xxx
重新拷贝公钥信息
ssh-keygen -R xx.xxx.xxx.xxx
Host xx.xxx.xxx.xxx not found in /root/.ssh/known_hosts
- 发现相关认证文件不存在,登陆到服务器上查看实际是存在的
3、处理办法
- 重命名配置文件:
mv /root/.ssh/known_hosts /root/.ssh/known_hosts-bak
- 重新执行命令:
ssh-keygen -R xxx.xxx.xxx.xxx
2. 问题2
个别服务存在密码错误或无效
密码无效/不正确:\n仅限授权用户。所有活动均可进行监测和报告。\n许可被拒绝,请重试。
- 使用ssh测试发现密码实际正确
解决办法
ansible_ssh_pass
密码字段将密码使用双引号包裹起来ansible_ssh_pass="密码"
存在该现象的密码存在同一个现象,密码中有’#’ 符,可能时由于改特殊字符导致