Closed turnrye closed 1 year ago
having issues with using this from client to server to router. Able to ssh from server to route using ssh-agent, but it does not work within ansible. Looking at logs on the router, I see this:
echo: ssh,error expected: 50 got: 5
A bit more troubleshooting... ran the following test:
ryan_turner@ns1:~/infrastructure-configs$ python
Python 2.7.6 (default, Jun 22 2015, 17:58:13)
[GCC 4.8.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import paramiko
>>> ssh = paramiko.SSHClient()
>>> ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
>>> ssh.connect('r1.leb.memhamwan.net', username='ryan_turner', allow_agent=True,look_for_keys=True)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python2.7/dist-packages/paramiko/client.py", line 337, in connect
self._auth(username, password, pkey, key_filenames, allow_agent, look_for_keys)
File "/usr/lib/python2.7/dist-packages/paramiko/client.py", line 528, in _auth
raise saved_exception
paramiko.SSHException: No existing session
From the router:
jul/13/2015 22:48:41 ssh,error expected: 50 got: 5
Yet this still works (and the key is coming from agent forwarding):
ryan_turner@ns1:~/infrastructure-configs$ ssh ryan_turner@r1.leb.memhamwan.net
So, I must be using paramiko or have the router misconfigured?
ryan_turner@ns1:~/infrastructure-configs$ ssh-add -l
2048 ad:d8:93:97:ad:94:2c:7d:5c:e0:94:41:05:cc:e3:ac ryan@ryanturner.me (RSA)
2048 c6:b2:f4:4b:b4:f0:69:3b:6a:b2:00:9d:aa:24:ee:4c ryanturner@Ryans-MacBook-Pro.local (RSA)
1024 0b:2c:ff:1b:1b:54:53:50:03:92:64:db:70:36:d7:72 ryanturner@Ryans-MacBook-Pro.local (DSA)
Updated paramiko! New error!
ryan_turner@ns1:~/infrastructure-configs$ python
Python 2.7.6 (default, Jun 22 2015, 17:58:13)
[GCC 4.8.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import paramiko
>>> print paramiko.__version__
1.15.2
>>> ssh = paramiko.SSHClient()
>>> ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
>>> sh.connect('r1.leb.memhamwan.net', username='ryan_turner', allow_agent=True,look_for_keys=True)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
NameError: name 'sh' is not defined
>>> ssh.connect('r1.leb.memhamwan.net', username='ryan_turner', allow_agent=True,look_for_keys=True)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/local/lib/python2.7/dist-packages/paramiko/client.py", line 307, in connect
look_for_keys, gss_auth, gss_kex, gss_deleg_creds, gss_host)
File "/usr/local/lib/python2.7/dist-packages/paramiko/client.py", line 520, in _auth
raise SSHException('No authentication methods available')
paramiko.ssh_exception.SSHException: No authentication methods available
OK, so the fix was to make it where ssh-add -l only had one key listed; ansible still doesnt work, but at least paramiko does not...
ryan_turner@ns1:~/infrastructure-configs$ python
Python 2.7.6 (default, Jun 22 2015, 17:58:13)
[GCC 4.8.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import paramiko
>>> ssh = paramiko.SSHClient()
>>> ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
>>> ssh.connect('r1.leb.memhamwan.net', username='ryan_turner', allow_agent=True,look_for_keys=True)
>>>
ryan_turner@ns1:~/infrastructure-configs$ ansible-playbook -i locales/memphis/hosts -vvvv hamwan_site_config.yml
PLAY [mikrotik-cell-core-routers] *********************************************
TASK: [common-mikrotik-routers | query device for hardware] *******************
<r1.leb.memhamwan.net> ESTABLISH CONNECTION FOR USER: memhamwan on PORT 22 TO r1.leb.memhamwan.net
fatal: [r1.leb.memhamwan.net] => {'msg': 'FAILED: Authentication failed.', 'failed': True}
FATAL: all hosts have already failed -- aborting
PLAY RECAP ********************************************************************
to retry, use: --limit @/home/ryan_turner/hamwan_site_config.retry
r1.leb.memhamwan.net : ok=0 changed=0 unreachable=1 failed=0
ryan_turner@ns1:~/infrastructure-configs$ ssh-add -l
1024 0b:2c:ff:1b:1b:54:53:50:03:92:64:db:70:36:d7:72 ryanturner@Ryans-MacBook-Pro.local (DSA)