Develop Reference

Ansible SSH key mismatch

I wrote the following Ansible playbook:
---
- name: Create VLAN
hosts: exos_device
connection: ansible.netcommon.network_cli
vars:
ansible_user: admin
ansible_password: password
ansible_network_os: community.network.exos
tasks:
- name: Create VLAN 4050
community.network.exos_config:
lines:
- create vlan TESTVLAN tag 4050
match: exact
save_when: always
Where I'm trying to create a new vlan on an Extreme Networks machine (ExtremeXOS version 16.2.5.4). But when I execute it I keep getting the following error:
fatal: [10.12.2.10]: FAILED! => {
"changed": false,
"module_stderr": "ssh connection failed: ssh connect failed: kex error : no match for method server host key algo: server [ssh-rsa], client [rsa-sha2-512,rsa-sha2-256,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256]",
"module_stdout": "",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error"
}
I think this error indicates that there is a mismatch between the SSH key algorithms that the client (Ansible controller) and the server (the EXOS machine) support.
What is the best way to resolve this issue?
I've already tried specifying an algorithm inside the ansible.cfg file like this:
[defaults]
inventory = inventory.ini
ssh_args = -oKexAlgorithms=ssh-rsa
But with no success.

Run playbook as a different user

I have added ssh keys of ansible user to other hosts so ansible user is allowed on all hosts.Now I want to run playbook as root or any other service users like apache etc. i have already indicated user as ansible in my playbook i got below mentioned errors when I run playbook while logged in as root. But everything works fine when I run playbook while logging in as ansible user.
- hosts: nameservers
user: ansible
tasks:
- name: check hostname
command: hostname
Error,
[root#dev playbooks]# ansible-playbook pingtest.yml
PLAY [nameservers] *********************************************************************************************************************
TASK [Gathering Facts] *****************************************************************************************************************
fatal: [x.x.x.x]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true}
fatal: [x.x.x.x]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true}
fatal: [x.x.x.x]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true}.
note: i have replaced IPs with x

setuser in playbook
user: ansible
set keypath in ansible configuration file
private_key_file = /home/ansible/.ssh/id_rsa

Ansible error: Failed to connect to the host via ssh

I have read other links with the same error but they didn't work for me.
I'm quite new to Ansible and I'm trying to learn it with simple codes.
With the playbook below I want to install Foxitreader with win_chocolatey on a windows host:
---
- hosts: 192.168.2.123
gather_facts: no
tasks:
- name: manage foxitreader
win_chocolatey:
name: foxitreader
state: present
but when I run this playbook with the code below:
ansible-playbook test_choco.yaml -i 192.168.2.123,
I get this error:
fatal: [192.168.2.123]: UNREACHABLE! => {"changed": false, "msg": "Failed
to connect to the host via ssh: ssh: connect to host 192.168.2.123 port 22:
Connection refused", "unreachable": true}
Any help will be appreciated.

How to authenticate hosts with Ansible?

My hosts file
[all]
192.168.77.10
192.168.77.11
192.1680.77.12
And here is my playbook.yml
---
- hosts: all
tasks:
- name: Add the Google signing key
apt_key : url=https://packages.cloud.google.com/apt/doc/apt-key.gpg state=present
- name: Add the k8s APT repo
apt_repository: repo='deb http://apt.kubernetes.io/ kubernetes-xenial main' state=present
- name: Install packages
apt :
name: "{{ packages }}"
vars:
packages:
- vim
- htop
- tmux
- docker.io
- kubelet
- kubeadm
- kubectl
- kubernetes-cni
When I run
ansible-playbook -i hosts playbook.yml
unexpected authentication problem occurs.
The authenticity of host '192.168.77.11 (192.168.77.11)' can't be established.
ECDSA key fingerprint is SHA256:mgX/oadP2cL6g33u7xzrEblvga9CGfpW13K2YUdeKsE.
Are you sure you want to continue connecting (yes/no)? The authenticity of host '192.168.77.10 (192.168.77.10)' can't be established.
ECDSA key fingerprint is SHA256:ayWHzp/yquIuQxw7MKGR0+NbtrzHY86Z8PdIPv7r6og.
Are you sure you want to continue connecting (yes/no)? fatal: [192.1680.77.12]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname 192.1680.77.12: Name or service not known\r\n", "unreachable": true}
^C [ERROR]: User interrupted execution
I am following the example from DevOps book,I reproduced the original code. MY OS is Ubuntu 18.04.
telnet hosts
telnet: could not resolve hosts/telnet: Temporary failure in name resolution
VM ls output
vagrant#ubuntu-bionic:~$ ls
hosts playbook.retry playbook.yml
I edited /etc/ansible/ansible.cfg by ading False option.
Anyway it does not work again
fatal: [192.1680.77.12]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname 192.1680.77.12: Name or service not known\r\n", "unreachable": true}
fatal: [192.168.77.10]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Warning: Permanently added '192.168.77.10' (ECDSA) to the list of known hosts.\r\nvagrant#192.168.77.10: Permission denied (publickey).\r\n", "unreachable": true}
fatal: [192.168.77.11]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Warning: Permanently added '192.168.77.11' (ECDSA) to the list of known hosts.\r\nvagrant#192.168.77.11: Permission denied (publickey).\r\n", "unreachable": true}
to retry, use: --limit #/home/vagrant/playbook.retry
PLAY RECAP *************************************************************************************************************************************************************************************************
192.168.77.10 : ok=0 changed=0 unreachable=1 failed=0
192.168.77.11 : ok=0 changed=0 unreachable=1 failed=0
192.1680.77.12 : ok=0 changed=0 unreachable=1 failed=0
How to resolve this issue?

You have several options. One is of course to SSH to the hosts and add them to the known hosts files of your Ansible servers. Another option is to set the environment variable ANSIBLE_HOST_KEY_CHECKING to false. A third option is to use the ansible.cfg config file:
[defaults]
host_key_checking = False
See the official documentation.

Ansible delegate_to "Incorrect sudo password"

With ansible i want to configure rsyslog service for a group of hosts than add the name those hosts to a central host (different from the group of hosts) so my playbook:
- hosts: gourp_of_hosts
tasks:
- name: set rsyslog configuration
lineinfile:
path: /etc/rsyslog.conf
line: '{{item}}'
with_items:
- some items....
become: yes
- name: add host to rsyslog central
blockinfile:
path: /etc/rsyslog.conf
block: |
{{ansible_hostname}}....
delegate_to: x.x.x.x (my central host)
become: yes
My inventory file contains both the group of hosts and my central host:
[gourp_of_hosts]
host1 ansible_user=.... ansible_user_pass=.. ansible_sudo_pass=..
host2 ansible_user=.... ansible_user_pass=.. ansible_sudo_pass=..
[central]
x.x.x.x ansible_user=... ansible_user_pass=.. ansible_sudo_pass=..
Now i'm facing the following error:
fatal: [host1]: FAILED! => {"msg": "Incorrect sudo password"}
I tried removing central host from my inventory file and used ssh-copy-id user#x.x.x.x in result i'm having the following error:
fatal: [host]: UNREACHABLE! => {"changed": false, "msg": "Failed
to connect to the host via ssh: Permission denied
(publickey,gssapi-with-mic,password).\r\n", "unreachable": true}