Troubleshoot Ansible Authentication Errors When Managing Junos Devices

Problem

Cause

The Junos device might fail to authenticate the user for the following reasons:

• The user does not an have an account on the Junos device.

• The user has an account with a text-based password configured on the Junos device, but the wrong password or no password is supplied for the user when executing the module.

• The user has an account on the Junos device with SSH keys configured, but the SSH keys are inaccessible on either the device or the control node.

Solution

Ensure that the user executing the modules has a Junos OS login account on all target Junos devices and that an SSH public/private key pair or text-based password is configured for the account. If SSH keys are configured, verify that the user can access them. For more information, see Authenticate Users Executing Ansible Modules on Junos Devices.

Problem

Cause

Whereas the older, deprecated Juniper.junos modules supported using a provider dictionary to define connection and authentication parameters, the juniper.device modules do not support using a provider dictionary and generate the aforementioned error if one is referenced.

Solution

If you supply connection and authentication parameters in the playbook’s play for the juniper.device modules, the parameters must be defined in the location appropriate for the Ansible connection. For persistent connections (connection: juniper.device.pyez), define the parameters under the vars: section. For local connections (connection: local), define the parameters either under the vars: section or as top-level module arguments. For example: