Hi Michael, By looking at this error :* "msg": "Failed to connect to the host via ssh: [email protected] <[email protected]>: Permission denied (publickey,keyboard-interactive,password).\r\n", "unreachable": true *it seems like your ansible VM can not SSH to the cisco switch in the first place.
Does normal SSH to the switch work? like if you do *ssh [email protected] <[email protected]> . *If it doesn't work, you have to fix that first. Maybe the switch is allowing connections only from particular IP addresses. Regards, Ajay On Thu, Aug 9, 2018 at 8:02 AM Michael Sawires <[email protected]> wrote: > Hi Ajay, > > I was able to build a new machine, still having same issue ansible & ssh > permission issue: > > netadmin@netadmin-Virtual-Machine:/etc/ansible/myplatform$ ansible > --version > ansible 2.5.7 > config file = /etc/ansible/ansible.cfg > configured module search path = > [u'/home/netadmin/.ansible/plugins/modules', > u'/usr/share/ansible/plugins/modules'] > ansible python module location = /usr/lib/python2.7/dist-packages/ansible > executable location = /usr/bin/ansible > python version = 2.7.15rc1 (default, Apr 15 2018, 21:51:34) [GCC 7.3.0] > netadmin@netadmin-Virtual-Machine:/etc/ansible/myplatform$ ls > ios.retry ios.yml > netadmin@netadmin-Virtual-Machine:/etc/ansible/myplatform$ ansible > --version > ansible 2.5.7 > config file = /etc/ansible/ansible.cfg > configured module search path = > [u'/home/netadmin/.ansible/plugins/modules', > u'/usr/share/ansible/plugins/modules'] > ansible python module location = /usr/lib/python2.7/dist-packages/ansible > executable location = /usr/bin/ansible > python version = 2.7.15rc1 (default, Apr 15 2018, 21:51:34) [GCC 7.3.0] > netadmin@netadmin-Virtual-Machine:/etc/ansible/myplatform$ > ansible-playbook ios.yml > > PLAY [10.11.32.100] > *********************************************************************************************************************************************************************************************** > > TASK [Gathering Facts] > ******************************************************************************************************************************************************************************************** > fatal: [10.11.32.100]: UNREACHABLE! => {"changed": false, "msg": "Failed > to connect to the host via ssh: [email protected]: Permission denied > (publickey,keyboard-interactive,password).\r\n", "unreachable": true} > [WARNING]: Could not create retry file > '/etc/ansible/myplatform/ios.retry'. [Errno 13] Permission denied: > u'/etc/ansible/myplatform/ios.retry' > > PLAY RECAP > ******************************************************************************************************************************************************************************************************** > 10.11.32.100 : ok=0 changed=0 unreachable=1 > failed=0 > > netadmin@netadmin-Virtual-Machine:/etc/ansible/myplatform$ cat ios.yml > --- > - hosts: 10.11.32.100 > user: 60081064 > > tasks: > - name: show version > ios_command: > commands: show version > ... > > also when I try: ansble all -m ping , it gives the same error Permission > denied (publickey,keyboard-interactive,password).\ > > On Fri, Aug 10, 2018 at 12:44 AM Ajay Kumar Manukonda < > [email protected]> wrote: > >> Hi Michael, >> >> I don't know any straight forward fix. >> >> So, did chmod 700 on /etc/ansible work? Is the playbook still giving the >> same error after the file permissions were changed? >> >> Regards, >> Ajay >> >> On Wed, Aug 8, 2018, 8:48 PM Michael Ikram <[email protected]> >> wrote: >> >>> I was able to fix the permission on Ubuntu, now back to the original >>> error: >>> >>> >>> >>> ansible all -i <switch_ip>, -c network_cli -u <username>-m >>> ios_command_1.yml >>> >>> [WARNING] Ansible is in a world writable directory (/etc/ansible), >>> ignoring it as an ansible.cfg source. >>> >>> 10.11.32.100 | FAILED! => { >>> >>> "msg": " [WARNING] Ansible is in a world writable directory >>> (/etc/ansible), ignoring it as an ansible.cfg source.\n{\"socket_path\": >>> \"/home/test/.ansible/pc/c5b7c67eba\", \"exception\": \"Traceback (most >>> recent call last):\\n File \\\"/usr/bin/ansible-connection\\\", line 87, >>> in start\\n self.connection._connect()\\n File >>> \\\"/usr/lib/python2.7/dist-packages/ansible/plugins/connection/network_cli.py\\\", >>> line 302, in _connect\\n self._ssh_shell = >>> ssh.ssh.invoke_shell()\\nNameError: global name 'ssh' is not defined\\n\", >>> \"messages\": [\"local domain socket does not exist, starting it\", >>> \"control socket path is /home/test/.ansible/pc/c5b7c67eba\", \"\"], >>> \"error\": \"global name 'ssh' is not defined\"}" >>> >>> } >>> >>> >>> >>> Do you know any straight forward fix? >>> >>> >>> >>> Thanks, >>> >>> Michael >>> >>> >>> >>> *From: *Michael Ikram <[email protected]> >>> *Sent: *Thursday, 9 August 2018 10:24 AM >>> *To: *[email protected] >>> *Subject: *RE: [ansible-project] Re: cannot login to cisco switch using >>> ansible >>> >>> >>> >>> Hi Ajay, >>> >>> >>> >>> - Tried to chmod 700, it gave me the following error >>> >>> >>> >>> test@TESTVM:/etc$ sudo chmod 700 /etc/ansible >>> >>> sudo: /etc/sudoers is world writable >>> >>> sudo: no valid sudoers sources found, quitting >>> >>> sudo: unable to initialize policy plugin >>> >>> >>> >>> - I think I have bigger issue than Ansible now, it is a permission >>> issue on Ubuntu box, any suggestions? >>> >>> Thanks, >>> >>> Michael >>> >>> >>> >>> *From: *Ajay <[email protected]> >>> *Sent: *Thursday, 9 August 2018 10:13 AM >>> *To: *Ansible Project <[email protected]> >>> *Subject: *Re: [ansible-project] Re: cannot login to cisco switch using >>> ansible >>> >>> >>> >>> First of all, try executing this command: "chmod 700 /etc/ansible" and >>> run the playbook again (since you are using network_cli as connection type, >>> I assume you also defined ansible_network_os as ios) >>> >>> >>> >>> Suggestions: >>> >>> 1. Don't use the default ansible.cfg file, it's too big to track all the >>> changes we made >>> >>> 2. "https://docs.ansible.com/ansible/latest/network/index.html"; is a >>> good place to start if you haven't checked already >>> >>> >>> >>> *"I think I have a problem with ssh but i do not understand how to fix >>> it" - *Can you directly ssh to the device from the VM you are using? >>> >>> >>> >>> Let me know if that works. >>> >>> >>> >>> Regards, >>> >>> Ajay >>> >>> On Wednesday, August 8, 2018 at 3:24:21 PM UTC-7, Michael Sawires wrote: >>> >>> I cannot understand what to do from the link you sent me, I am still new >>> in Ansible. >>> >>> >>> >>> Here is the permission and content of ansible.cfg file >>> >>> >>> >>> 1.Permission: >>> >>> ========== >>> >>> -r-xrwxrwx 1 root root 19573 Aug 9 00:52 ansible.cfg >>> >>> -r-xrwxrwx 1 root root 251 Aug 8 12:15 ios_facts.yml >>> >>> >>> >>> >>> >>> 2.Content >>> >>> ======== >>> >>> 2.1. ansible.cfg >>> >>> ============ >>> >>> test@TESTVM:/etc/ansible$ cat ansible.cfg >>> >>> # config file for ansible -- https://ansible.com/ >>> >>> # =============================================== >>> >>> >>> >>> # nearly all parameters can be overridden in ansible-playbook >>> >>> # or with command line flags. ansible will read ANSIBLE_CONFIG, >>> >>> # ansible.cfg in the current working directory, .ansible.cfg in >>> >>> # the home directory or /etc/ansible/ansible.cfg, whichever it >>> >>> # finds first >>> >>> >>> >>> [defaults] >>> >>> host_key_checking = false >>> >>> >>> >>> # some basic default values... >>> >>> >>> >>> #inventory = /etc/ansible/hosts >>> >>> #library = /usr/share/my_modules/ >>> >>> #module_utils = /usr/share/my_module_utils/ >>> >>> #remote_tmp = ~/.ansible/tmp >>> >>> #local_tmp = ~/.ansible/tmp >>> >>> #plugin_filters_cfg = /etc/ansible/plugin_filters.yml >>> >>> #forks = 5 >>> >>> #poll_interval = 15 >>> >>> #sudo_user = root >>> >>> #ask_sudo_pass = True >>> >>> #ask_pass = True >>> >>> #transport = smart >>> >>> #remote_port = 22 >>> >>> #module_lang = C >>> >>> #module_set_locale = False >>> >>> >>> >>> # plays will gather facts by default, which contain information about >>> >>> # the remote system. >>> >>> # >>> >>> # smart - gather by default, but don't reg >>> >>> >>> >>> -- >>> You received this message because you are subscribed to a topic in the >>> Google Groups "Ansible Project" group. >>> To unsubscribe from this topic, visit >>> https://groups.google.com/d/topic/ansible-project/QaZFGSaMNpk/unsubscribe >>> . >>> To unsubscribe from this group and all its topics, send an email to >>> [email protected]. >>> To post to this group, send email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/ansible-project/5b6bb990.1c69fb81.eaa12.efee%40mx.google.com >>> <https://groups.google.com/d/msgid/ansible-project/5b6bb990.1c69fb81.eaa12.efee%40mx.google.com?utm_medium=email&utm_source=footer> >>> . >>> For more options, visit https://groups.google.com/d/optout. >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To post to this group, send email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/CAOr1PY-%2BWvzwpsTVgS%2BoAh8bA%3DOereARQmddC9C10WEpVX1dvg%40mail.gmail.com >> <https://groups.google.com/d/msgid/ansible-project/CAOr1PY-%2BWvzwpsTVgS%2BoAh8bA%3DOereARQmddC9C10WEpVX1dvg%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > > > -- > ----------------------- > Michael Sawires > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Ansible Project" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/ansible-project/QaZFGSaMNpk/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/CAFYW21%3D2x4bDn%2B919zzPp8grf9BDyMMZwwgMzUBhdFC1e2fB0w%40mail.gmail.com > <https://groups.google.com/d/msgid/ansible-project/CAFYW21%3D2x4bDn%2B919zzPp8grf9BDyMMZwwgMzUBhdFC1e2fB0w%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAOr1PY8drHRUJ_FK8MXxjWnxtu%2B1XZ%3DfF0BtuNu2o01kWr3vNA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
