Hi Ajay, If username is 60081064, it works, if root, it does not.
Thanks, Michael On Fri, 10 Aug 2018 at 4:41 am, Ajay Kumar Manukonda < [email protected]> wrote: > Hi Michael, > > By looking at this error :* "msg": "Failed to connect to the host via > ssh: [email protected] <[email protected]>: Permission denied > (publickey,keyboard-interactive,password).\r\n", "unreachable": true *it > seems like your ansible VM can not SSH to the cisco switch in the first > place. > > Does normal SSH to the switch work? like if you do *ssh > [email protected] <[email protected]> . *If it doesn't work, you > have to fix that first. Maybe the switch is allowing connections only from > particular IP addresses. > > Regards, > Ajay > > > > On Thu, Aug 9, 2018 at 8:02 AM Michael Sawires <[email protected]> > wrote: > >> Hi Ajay, >> >> I was able to build a new machine, still having same issue ansible & ssh >> permission issue: >> >> netadmin@netadmin-Virtual-Machine:/etc/ansible/myplatform$ ansible >> --version >> ansible 2.5.7 >> config file = /etc/ansible/ansible.cfg >> configured module search path = >> [u'/home/netadmin/.ansible/plugins/modules', >> u'/usr/share/ansible/plugins/modules'] >> ansible python module location = >> /usr/lib/python2.7/dist-packages/ansible >> executable location = /usr/bin/ansible >> python version = 2.7.15rc1 (default, Apr 15 2018, 21:51:34) [GCC 7.3.0] >> netadmin@netadmin-Virtual-Machine:/etc/ansible/myplatform$ ls >> ios.retry ios.yml >> netadmin@netadmin-Virtual-Machine:/etc/ansible/myplatform$ ansible >> --version >> ansible 2.5.7 >> config file = /etc/ansible/ansible.cfg >> configured module search path = >> [u'/home/netadmin/.ansible/plugins/modules', >> u'/usr/share/ansible/plugins/modules'] >> ansible python module location = >> /usr/lib/python2.7/dist-packages/ansible >> executable location = /usr/bin/ansible >> python version = 2.7.15rc1 (default, Apr 15 2018, 21:51:34) [GCC 7.3.0] >> netadmin@netadmin-Virtual-Machine:/etc/ansible/myplatform$ >> ansible-playbook ios.yml >> >> PLAY [10.11.32.100] >> *********************************************************************************************************************************************************************************************** >> >> TASK [Gathering Facts] >> ******************************************************************************************************************************************************************************************** >> fatal: [10.11.32.100]: UNREACHABLE! => {"changed": false, "msg": "Failed >> to connect to the host via ssh: [email protected]: Permission denied >> (publickey,keyboard-interactive,password).\r\n", "unreachable": true} >> [WARNING]: Could not create retry file >> '/etc/ansible/myplatform/ios.retry'. [Errno 13] Permission denied: >> u'/etc/ansible/myplatform/ios.retry' >> >> PLAY RECAP >> ******************************************************************************************************************************************************************************************************** >> 10.11.32.100 : ok=0 changed=0 unreachable=1 >> failed=0 >> >> netadmin@netadmin-Virtual-Machine:/etc/ansible/myplatform$ cat ios.yml >> --- >> - hosts: 10.11.32.100 >> user: 60081064 >> >> tasks: >> - name: show version >> ios_command: >> commands: show version >> ... >> >> also when I try: ansble all -m ping , it gives the same error Permission >> denied (publickey,keyboard-interactive,password).\ >> >> On Fri, Aug 10, 2018 at 12:44 AM Ajay Kumar Manukonda < >> [email protected]> wrote: >> >>> Hi Michael, >>> >>> I don't know any straight forward fix. >>> >>> So, did chmod 700 on /etc/ansible work? Is the playbook still giving the >>> same error after the file permissions were changed? >>> >>> Regards, >>> Ajay >>> >>> On Wed, Aug 8, 2018, 8:48 PM Michael Ikram <[email protected]> >>> wrote: >>> >>>> I was able to fix the permission on Ubuntu, now back to the original >>>> error: >>>> >>>> >>>> >>>> ansible all -i <switch_ip>, -c network_cli -u <username>-m >>>> ios_command_1.yml >>>> >>>> [WARNING] Ansible is in a world writable directory (/etc/ansible), >>>> ignoring it as an ansible.cfg source. >>>> >>>> 10.11.32.100 | FAILED! => { >>>> >>>> "msg": " [WARNING] Ansible is in a world writable directory >>>> (/etc/ansible), ignoring it as an ansible.cfg source.\n{\"socket_path\": >>>> \"/home/test/.ansible/pc/c5b7c67eba\", \"exception\": \"Traceback (most >>>> recent call last):\\n File \\\"/usr/bin/ansible-connection\\\", line 87, >>>> in start\\n self.connection._connect()\\n File >>>> \\\"/usr/lib/python2.7/dist-packages/ansible/plugins/connection/network_cli.py\\\", >>>> line 302, in _connect\\n self._ssh_shell = >>>> ssh.ssh.invoke_shell()\\nNameError: global name 'ssh' is not defined\\n\", >>>> \"messages\": [\"local domain socket does not exist, starting it\", >>>> \"control socket path is /home/test/.ansible/pc/c5b7c67eba\", \"\"], >>>> \"error\": \"global name 'ssh' is not defined\"}" >>>> >>>> } >>>> >>>> >>>> >>>> Do you know any straight forward fix? >>>> >>>> >>>> >>>> Thanks, >>>> >>>> Michael >>>> >>>> >>>> >>>> *From: *Michael Ikram <[email protected]> >>>> *Sent: *Thursday, 9 August 2018 10:24 AM >>>> *To: *[email protected] >>>> *Subject: *RE: [ansible-project] Re: cannot login to cisco switch >>>> using ansible >>>> >>>> >>>> >>>> Hi Ajay, >>>> >>>> >>>> >>>> - Tried to chmod 700, it gave me the following error >>>> >>>> >>>> >>>> test@TESTVM:/etc$ sudo chmod 700 /etc/ansible >>>> >>>> sudo: /etc/sudoers is world writable >>>> >>>> sudo: no valid sudoers sources found, quitting >>>> >>>> sudo: unable to initialize policy plugin >>>> >>>> >>>> >>>> - I think I have bigger issue than Ansible now, it is a permission >>>> issue on Ubuntu box, any suggestions? >>>> >>>> Thanks, >>>> >>>> Michael >>>> >>>> >>>> >>>> *From: *Ajay <[email protected]> >>>> *Sent: *Thursday, 9 August 2018 10:13 AM >>>> *To: *Ansible Project <[email protected]> >>>> *Subject: *Re: [ansible-project] Re: cannot login to cisco switch >>>> using ansible >>>> >>>> >>>> >>>> First of all, try executing this command: "chmod 700 /etc/ansible" and >>>> run the playbook again (since you are using network_cli as connection type, >>>> I assume you also defined ansible_network_os as ios) >>>> >>>> >>>> >>>> Suggestions: >>>> >>>> 1. Don't use the default ansible.cfg file, it's too big to track all >>>> the changes we made >>>> >>>> 2. "https://docs.ansible.com/ansible/latest/network/index.html"; is a >>>> good place to start if you haven't checked already >>>> >>>> >>>> >>>> *"I think I have a problem with ssh but i do not understand how to fix >>>> it" - *Can you directly ssh to the device from the VM you are using? >>>> >>>> >>>> >>>> Let me know if that works. >>>> >>>> >>>> >>>> Regards, >>>> >>>> Ajay >>>> >>>> On Wednesday, August 8, 2018 at 3:24:21 PM UTC-7, Michael Sawires wrote: >>>> >>>> I cannot understand what to do from the link you sent me, I am still >>>> new in Ansible. >>>> >>>> >>>> >>>> Here is the permission and content of ansible.cfg file >>>> >>>> >>>> >>>> 1.Permission: >>>> >>>> ========== >>>> >>>> -r-xrwxrwx 1 root root 19573 Aug 9 00:52 ansible.cfg >>>> >>>> -r-xrwxrwx 1 root root 251 Aug 8 12:15 ios_facts.yml >>>> >>>> >>>> >>>> >>>> >>>> 2.Content >>>> >>>> ======== >>>> >>>> 2.1. ansible.cfg >>>> >>>> ============ >>>> >>>> test@TESTVM:/etc/ansible$ cat ansible.cfg >>>> >>>> # config file for ansible -- https://ansible.com/ >>>> >>>> # =============================================== >>>> >>>> >>>> >>>> # nearly all parameters can be overridden in ansible-playbook >>>> >>>> # or with command line flags. ansible will read ANSIBLE_CONFIG, >>>> >>>> # ansible.cfg in the current working directory, .ansible.cfg in >>>> >>>> # the home directory or /etc/ansible/ansible.cfg, whichever it >>>> >>>> # finds first >>>> >>>> >>>> >>>> [defaults] >>>> >>>> host_key_checking = false >>>> >>>> >>>> >>>> # some basic default values... >>>> >>>> >>>> >>>> #inventory = /etc/ansible/hosts >>>> >>>> #library = /usr/share/my_modules/ >>>> >>>> #module_utils = /usr/share/my_module_utils/ >>>> >>>> #remote_tmp = ~/.ansible/tmp >>>> >>>> #local_tmp = ~/.ansible/tmp >>>> >>>> #plugin_filters_cfg = /etc/ansible/plugin_filters.yml >>>> >>>> #forks = 5 >>>> >>>> #poll_interval = 15 >>>> >>>> #sudo_user = root >>>> >>>> #ask_sudo_pass = True >>>> >>>> #ask_pass = True >>>> >>>> #transport = smart >>>> >>>> #remote_port = 22 >>>> >>>> #module_lang = C >>>> >>>> #module_set_locale = False >>>> >>>> >>>> >>>> # plays will gather facts by default, which contain information about >>>> >>>> # the remote system. >>>> >>>> # >>>> >>>> # smart - gather by default, but don't reg >>>> >>>> >>>> >>>> -- >>>> You received this message because you are subscribed to a topic in the >>>> Google Groups "Ansible Project" group. >>>> To unsubscribe from this topic, visit >>>> https://groups.google.com/d/topic/ansible-project/QaZFGSaMNpk/unsubscribe >>>> . >>>> To unsubscribe from this group and all its topics, send an email to >>>> [email protected]. >>>> To post to this group, send email to [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/d/msgid/ansible-project/5b6bb990.1c69fb81.eaa12.efee%40mx.google.com >>>> <https://groups.google.com/d/msgid/ansible-project/5b6bb990.1c69fb81.eaa12.efee%40mx.google.com?utm_medium=email&utm_source=footer> >>>> . >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Ansible Project" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To post to this group, send email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/ansible-project/CAOr1PY-%2BWvzwpsTVgS%2BoAh8bA%3DOereARQmddC9C10WEpVX1dvg%40mail.gmail.com >>> <https://groups.google.com/d/msgid/ansible-project/CAOr1PY-%2BWvzwpsTVgS%2BoAh8bA%3DOereARQmddC9C10WEpVX1dvg%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> >> -- >> ----------------------- >> Michael Sawires >> >> -- >> You received this message because you are subscribed to a topic in the >> Google Groups "Ansible Project" group. >> To unsubscribe from this topic, visit >> https://groups.google.com/d/topic/ansible-project/QaZFGSaMNpk/unsubscribe >> . >> To unsubscribe from this group and all its topics, send an email to >> [email protected]. >> To post to this group, send email to [email protected]. >> > To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/CAFYW21%3D2x4bDn%2B919zzPp8grf9BDyMMZwwgMzUBhdFC1e2fB0w%40mail.gmail.com >> <https://groups.google.com/d/msgid/ansible-project/CAFYW21%3D2x4bDn%2B919zzPp8grf9BDyMMZwwgMzUBhdFC1e2fB0w%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/CAOr1PY8drHRUJ_FK8MXxjWnxtu%2B1XZ%3DfF0BtuNu2o01kWr3vNA%40mail.gmail.com > <https://groups.google.com/d/msgid/ansible-project/CAOr1PY8drHRUJ_FK8MXxjWnxtu%2B1XZ%3DfF0BtuNu2o01kWr3vNA%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- Sent from Gmail Mobile -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAFYW21kxHsEsUx-tqH79JJZTdwRbTcXUNRUoJzu7BGQcz3ZFCw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
