Ansible with private Key

craigpero · January 7, 2025, 10:12pm

I’m using Packer to build images and I have gotten SSH to work for the communicator using username and password (complicated reasons for that option). Admittedly, I do not know much about SSH and my situation is a windows scenario (winRM is not an option for me)

I need ansible to communicate now with the node using a private key.

Packer sets up a VM with a startup script (which creates/configures the key)
Packer then downloads the key locally on our Jenkins instance (bash environment)
I verify the file is downloaded
I tell ansible (so it can tell SSH where the private key file is but the path I use to verify it does not work for SSH when ansible initiates it.

this is what packer says it is doing

Executing Ansible: ansible-playbook -e packer_build_name="windows-2019" -e packer_builder_type=googlecompute --ssh-extra-args '-o 'StrictHostKeyChecking=no'' '-i '/home/....<FULL PATH>..../packeruser'' --private-key='/home/....<FULL PATH>...../provisioners/packeruser' -e ansible_ssh_private_key_file=/tmp/ansible-key1909779047 -i /tmp/packer-provisioner-ansible1260882358 /home/....<FULL PATH>...../provisioners/ansible/windows/test.yaml

Next I get this error

ssh: Warning: Identity file  /home/....<FULL PATH>...../provisioners/packeruser not accessible: No such file or directory.

Since I can view the contents of the private key in a “shell-local” provisioner, I’m confused why the same path is not found when the path is provided to SSH. UNLESS I need to set some permissions on the private key. And if I need to set permissions… what do I set the permissions to?

My ssh_user=“packeruser” which exists on the target VM and I can SSH without a password using the private key.

when packer launches ansible-playbook, does it do something unique with it? Perhaps making the full path to the private key invalid?

Any suggestions would help. If I could add an LS command to see what SSH is seeing, that would help but the ansible provisioner doesn’t offer such a critter.

thanks for any help or suggestions and the ansible provisioner is listed below

  provisioner "ansible" {
    playbook_file           = "./provisioners/ansible/windows/-test.yaml"
    use_proxy               = false
    ansible_ssh_extra_args  = ["-o 'StrictHostKeyChecking=no'" , "-i '${var.WORKSPACE}/provisioners/${var.ssh_username}'"]      
    extra_arguments = [
                       "--private-key='provisioners/${var.ssh_username}'"
                      ]
    user = "${var.ssh_username}"
  }

NOTE: used chmod 777 filename and this did not address anything.

Topic		Replies	Views
Unable to ansible provision with ssh key only with ssh_pass and become_pass Packer	1	2996	January 6, 2022
Ansible provisioner Packer	1	575	November 9, 2019
Using Packer with local SSH Packer	2	4333	May 25, 2022
Packer with ansible provisioner Packer	4	2564	April 1, 2020
Packer + Vault - tmp ssh key location correction Packer	1	797	October 10, 2022

Ansible with private Key

Related topics