At this point, I am almost out of ideas. I am sorry, I couldn't be of much help.
One last thing you might want to try is turning of "gathering facts". Some devices have issues with that. You can do that by entering "gathering = explicit" in the ansible.cfg file. Regards, Ajay On Thu, Aug 9, 2018 at 5:04 PM Michael Ikram <[email protected]> wrote: > > > Hi Ajay, > > > > I tried with -k, it does not work > > > > netadmin@netadmin-Virtual-Machine:/etc/ansible$ ansible-playbook ios.yml > -k > > SSH password: > > > > PLAY [10.11.32.100] > ******************************************************************************************************************************************************************************** > > > > TASK [Gathering Facts] > ***************************************************************************************************************************************************************************** > > [WARNING]: sftp transfer mechanism failed on [10.11.32.100]. Use > ANSIBLE_DEBUG=1 to see detailed information > > [WARNING]: scp transfer mechanism failed on [10.11.32.100]. Use > ANSIBLE_DEBUG=1 to see detailed information > > fatal: [10.11.32.100]: UNREACHABLE! => {"changed": false, "msg": "SSH > Error: data could not be sent to remote host \"10.11.32.100\". Make sure > this host can be reached over ssh", "unreachable": true} > > [WARNING]: Could not create retry file '/etc/ansible/ios.retry'. > [Errno 13] Permission denied: u'/etc/ansible/ios.retry' > > > > PLAY RECAP > ***************************************************************************************************************************************************************************************** > > 10.11.32.100 : ok=0 changed=0 unreachable=1 > failed=0 > > > > > > > > Here is the output of -vvv > > > > > > netadmin@netadmin-Virtual-Machine:/etc/ansible$ ansible-playbook ios.yml > -vvv > > ansible-playbook 2.5.7 > > config file = /etc/ansible/ansible.cfg > > configured module search path = > [u'/home/netadmin/.ansible/plugins/modules', > u'/usr/share/ansible/plugins/modules'] > > ansible python module location = /usr/lib/python2.7/dist-packages/ansible > > executable location = /usr/bin/ansible-playbook > > python version = 2.7.15rc1 (default, Apr 15 2018, 21:51:34) [GCC 7.3.0] > > Using /etc/ansible/ansible.cfg as config file > > Parsed /etc/ansible/hosts inventory source with ini plugin > > > > PLAYBOOK: ios.yml > ********************************************************************************************************************************************************************************** > > 1 plays in ios.yml > > > > PLAY [10.11.32.100] > ******************************************************************************************************************************************************************************** > > > > TASK [Gathering Facts] > ***************************************************************************************************************************************************************************** > > task path: /etc/ansible/ios.yml:2 > > Using module file > /usr/lib/python2.7/dist-packages/ansible/modules/system/setup.py > > <10.11.32.100> ESTABLISH SSH CONNECTION FOR USER: 60081064 > > <10.11.32.100> SSH: EXEC ssh -C -o ControlMaster=auto -o > ControlPersist=60s -o KbdInteractiveAuthentication=no -o > PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey > -o PasswordAuthentication=no -o User=60081064 -o ConnectTimeout=10 -o > ControlPath=/home/netadmin/.ansible/cp/e0e6fa081f 10.11.32.100 '/bin/sh -c > '"'"'echo ~60081064 && sleep 0'"'"'' > > <10.11.32.100> (255, '', '[email protected]: Permission denied > (publickey,keyboard-interactive,password).\r\n') > > fatal: [10.11.32.100]: UNREACHABLE! => { > > "changed": false, > > "msg": "Failed to connect to the host via ssh: [email protected]: > Permission denied (publickey,keyboard-interactive,password).\r\n", > > "unreachable": true > > } > > [WARNING]: Could not create retry file '/etc/ansible/ios.retry'. > [Errno 13] Permission denied: u'/etc/ansible/ios.retry' > > > > PLAY RECAP > ***************************************************************************************************************************************************************************************** > > 10.11.32.100 : ok=0 changed=0 unreachable=1 > failed=0 > > > > netadmin@netadmin-Virtual-Machine:/etc/ansible$ > > > > Sent from Mail <https://go.microsoft.com/fwlink/?LinkId=550986> for > Windows 10 > > > > *From: *Ajay Kumar Manukonda <[email protected]> > *Sent: *Friday, 10 August 2018 9:59 AM > *To: *[email protected] > *Subject: *Re: [ansible-project] Re: cannot login to cisco switch using > ansible > > > > Hi Michael, > > > > *"ansble all -m ping , it gives the same error Permission denied > (publickey,keyboard-interactive,password)" *doesn't work because ansible > ping module requires the remote node to run python. You can find more about > it here: > https://docs.ansible.com/ansible/latest/modules/ping_module.html#ping-module > > > > So, it works for your username, and based on "*Failed to connect to the > host via ssh: [email protected] <[email protected]>: Permission > denied (publickey,keyboard-interactive,password)" *ansible is using the > correct username. Where are you defining your password? In the hosts file? > If that is the case, hash the password in the hosts file and use -k option > instead ( ansible-playbook ios.yml -k ) and enter the password manually > just to eliminate one source of the problem. > > > > If that doesn't work, revert the changes and get the output of > *"ansible-playbook > ios.yml -vvvv " *command. It could help us find the source of the issue. > > > > Regards, > > Ajay > > > > On Thu, Aug 9, 2018 at 1:35 PM Michael Sawires <[email protected]> > wrote: > > Hi Ajay, > > > > If username is 60081064, it works, if root, it does not. > > > > Thanks, > > Michael > > > > On Fri, 10 Aug 2018 at 4:41 am, Ajay Kumar Manukonda < > [email protected]> wrote: > > Hi Michael, > > > > By looking at this error :* "msg": "Failed to connect to the host via > ssh: [email protected] <[email protected]>: Permission denied > (publickey,keyboard-interactive,password).\r\n", "unreachable": true *it > seems like your ansible VM can not SSH to the cisco switch in the first > place. > > > > Does normal SSH to the switch work? like if you do *ssh > [email protected] <[email protected]> . *If it doesn't work, you > have to fix that first. Maybe the switch is allowing connections only from > particular IP addresses. > > > > Regards, > > Ajay > > > > > > > > On Thu, Aug 9, 2018 at 8:02 AM Michael Sawires <[email protected]> > wrote: > > Hi Ajay, > > > > I was able to build a new machine, still having same issue ansible & ssh > permission issue: > > > > netadmin@netadmin-Virtual-Machine:/etc/ansible/myplatform$ ansible > --version > > ansible 2.5.7 > > config file = /etc/ansible/ansible.cfg > > configured module search path = > [u'/home/netadmin/.ansible/plugins/modules', > u'/usr/share/ansible/plugins/modules'] > > ansible python module location = /usr/lib/python2.7/dist-packages/ansible > > executable location = /usr/bin/ansible > > python version = 2.7.15rc1 (default, Apr 15 2018, 21:51:34) [GCC 7.3.0] > > netadmin@netadmin-Virtual-Machine:/etc/ansible/myplatform$ ls > > ios.retry ios.yml > > netadmin@netadmin-Virtual-Machine:/etc/ansible/myplatform$ ansible > --version > > ansible 2.5.7 > > config file = /etc/ansible/ansible.cfg > > configured module search path = > [u'/home/netadmin/.ansible/plugins/modules', > u'/usr/share/ansible/plugins/modules'] > > ansible python module location = /usr/lib/python2.7/dist-packages/ansible > > executable location = /usr/bin/ansible > > python version = 2.7.15rc1 (default, Apr 15 2018, 21:51:34) [GCC 7.3.0] > > netadmin@netadmin-Virtual-Machine:/etc/ansible/myplatform$ > ansible-playbook ios.yml > > > > PLAY [10.11.32.100] > *********************************************************************************************************************************************************************************************** > > > > TASK [Gathering Facts] > ******************************************************************************************************************************************************************************************** > > fatal: [10.11.32.100]: UNREACHABLE! => {"changed": false, "msg": "Failed > to connect to the host via ssh: [email protected]: Permission denied > (publickey,keyboard-interactive,password).\r\n", "unreachable": true} > > [WARNING]: Could not create retry file > '/etc/ansible/myplatform/ios.retry'. [Errno 13] Permission denied: > u'/etc/ansible/myplatform/ios.retry' > > > > PLAY RECAP > ******************************************************************************************************************************************************************************************************** > > 10.11.32.100 : ok=0 changed=0 unreachable=1 > failed=0 > > > > netadmin@netadmin-Virtual-Machine:/etc/ansible/myplatform$ cat ios.yml > > --- > > - hosts: 10.11.32.100 > > user: 60081064 > > > > tasks: > > - name: show version > > ios_command: > > commands: show version > > ... > > > > also when I try: ansble all -m ping , it gives the same error Permission > denied (publickey,keyboard-interactive,password).\ > > > > On Fri, Aug 10, 2018 at 12:44 AM Ajay Kumar Manukonda < > [email protected]> wrote: > > Hi Michael, > > > > I don't know any straight forward fix. > > > > So, did chmod 700 on /etc/ansible work? Is the playbook still giving the > same error after the file permissions were changed? > > > > Regards, > > Ajay > > > > On Wed, Aug 8, 2018, 8:48 PM Michael Ikram <[email protected]> wrote: > > I was able to fix the permission on Ubuntu, now back to the original error: > > > > ansible all -i <switch_ip>, -c network_cli -u <username>-m > ios_command_1.yml > > [WARNING] Ansible is in a world writable directory (/etc/ansible), > ignoring it as an ansible.cfg source. > > 10.11.32.100 | FAILED! => { > > "msg": " [WARNING] Ansible is in a world writable directory > (/etc/ansible), ignoring it as an ansible.cfg source.\n{\"socket_path\": > \"/home/test/.ansible/pc/c5b7c67eba\", \"exception\": \"Traceback (most > recent call last):\\n File \\\"/usr/bin/ansible-connection\\\", line 87, > in start\\n self.connection._connect()\\n File > \\\"/usr/lib/python2.7/dist-packages/ansible/plugins/connection/network_cli.py\\\", > line 302, in _connect\\n self._ssh_shell = > ssh.ssh.invoke_shell()\\nNameError: global name 'ssh' is not defined\\n\", > \"messages\": [\"local domain socket does not exist, starting it\", > \"control socket path is /home/test/.ansible/pc/c5b7c67eba\", \"\"], > \"error\": \"global name 'ssh' is not defined\"}" > > } > > > > Do you know any straight forward fix? > > > > Thanks, > > Michael > > > > *From: *Michael Ikram <[email protected]> > *Sent: *Thursday, 9 August 2018 10:24 AM > *To: *[email protected] > *Subject: *RE: [ansible-project] Re: cannot login to cisco switch using > ansible > > > > Hi Ajay, > > > > - Tried to chmod 700, it gave me the following error > > > > test@TESTVM:/etc$ sudo chmod 700 /etc/ansible > > sudo: /etc/sudoers is world writable > > sudo: no valid sudoers sources found, quitting > > sudo: unable to initialize policy plugin > > > > - I think I have bigger issue than Ansible now, it is a permission > issue on Ubuntu box, any suggestions? > > Thanks, > > Michael > > > > *From: *Ajay <[email protected]> > *Sent: *Thursday, 9 August 2018 10:13 AM > *To: *Ansible Project <[email protected]> > *Subject: *Re: [ansible-project] Re: cannot login to cisco switch using > ansible > > > > First of all, try executing this command: "chmod 700 /etc/ansible" and run > the playbook again (since you are using network_cli as connection type, I > assume you also defined ansible_network_os as ios) > > > > Suggestions: > > 1. Don't use the default ansible.cfg file, it's too big to track all the > changes we made > > 2. "https://docs.ansible.com/ansible/latest/network/index.html"; is a good > place to start if you haven't checked already > > > > *"I think I have a problem with ssh but i do not understand how to fix it" > - *Can you directly ssh to the device from the VM you are using? > > > > Let me know if that works. > > > > Regards, > > Ajay > > On Wednesday, August 8, 2018 at 3:24:21 PM UTC-7, Michael Sawires wrote: > > I cannot understand what to do from the link you sent me, I am still new > in Ansible. > > > > Here is the permission and content of ansible.cfg file > > > > 1.Permission: > > ========== > > -r-xrwxrwx 1 root root 19573 Aug 9 00:52 ansible.cfg > > -r-xrwxrwx 1 root root 251 Aug 8 12:15 ios_facts.yml > > > > > > 2.Content > > ======== > > 2.1. ansible.cfg > > ============ > > test@TESTVM:/etc/ansible$ cat ansible.cfg > > # config file for ansible -- https://ansible.com/ > > # =============================================== > > > > # nearly all parameters can be overridden in ansible-playbook > > # or with command line flags. ansible will read ANSIBLE_CONFIG, > > # ansible.cfg in the current working directory, .ansible.cfg in > > # the home directory or /etc/ansible/ansible.cfg, whichever it > > # finds first > > > > [defaults] > > host_key_checking = false > > > > # some basic default values... > > > > #inventory = /etc/ansible/hosts > > #library = /usr/share/my_modules/ > > #module_utils = /usr/share/my_module_utils/ > > #remote_tmp = ~/.ansible/tmp > > #local_tmp = ~/.ansible/tmp > > #plugin_filters_cfg = /etc/ansible/plugin_filters.yml > > #forks = 5 > > #poll_interval = 15 > > #sudo_user = root > > #ask_sudo_pass = True > > #ask_pass = True > > #transport = smart > > #remote_port = 22 > > #module_lang = C > > #module_set_locale = False > > > > # plays will gather facts by default, which contain information about > > # the remote system. > > # > > # smart - gather by default, but don't reg > > > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Ansible Project" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/ansible-project/QaZFGSaMNpk/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/5b6bb990.1c69fb81.eaa12.efee%40mx.google.com > <https://groups.google.com/d/msgid/ansible-project/5b6bb990.1c69fb81.eaa12.efee%40mx.google.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/CAOr1PY-%2BWvzwpsTVgS%2BoAh8bA%3DOereARQmddC9C10WEpVX1dvg%40mail.gmail.com > <https://groups.google.com/d/msgid/ansible-project/CAOr1PY-%2BWvzwpsTVgS%2BoAh8bA%3DOereARQmddC9C10WEpVX1dvg%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > > > > > -- > > ----------------------- > > Michael Sawires > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Ansible Project" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/ansible-project/QaZFGSaMNpk/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To post to this group, send email to [email protected]. > > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/CAFYW21%3D2x4bDn%2B919zzPp8grf9BDyMMZwwgMzUBhdFC1e2fB0w%40mail.gmail.com > <https://groups.google.com/d/msgid/ansible-project/CAFYW21%3D2x4bDn%2B919zzPp8grf9BDyMMZwwgMzUBhdFC1e2fB0w%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/CAOr1PY8drHRUJ_FK8MXxjWnxtu%2B1XZ%3DfF0BtuNu2o01kWr3vNA%40mail.gmail.com > <https://groups.google.com/d/msgid/ansible-project/CAOr1PY8drHRUJ_FK8MXxjWnxtu%2B1XZ%3DfF0BtuNu2o01kWr3vNA%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > > -- > > Sent from Gmail Mobile > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Ansible Project" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/ansible-project/QaZFGSaMNpk/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/CAFYW21kxHsEsUx-tqH79JJZTdwRbTcXUNRUoJzu7BGQcz3ZFCw%40mail.gmail.com > <https://groups.google.com/d/msgid/ansible-project/CAFYW21kxHsEsUx-tqH79JJZTdwRbTcXUNRUoJzu7BGQcz3ZFCw%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/CAOr1PY-%2BsyQiqnDRWHzN3V%2BK-3McYWoO1WiL6Nwp4N_XVNi5SQ%40mail.gmail.com > <https://groups.google.com/d/msgid/ansible-project/CAOr1PY-%2BsyQiqnDRWHzN3V%2BK-3McYWoO1WiL6Nwp4N_XVNi5SQ%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > > > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Ansible Project" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/ansible-project/QaZFGSaMNpk/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/5b6cd689.1c69fb81.ee703.e269%40mx.google.com > <https://groups.google.com/d/msgid/ansible-project/5b6cd689.1c69fb81.ee703.e269%40mx.google.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAOr1PY-y51CQ3E2hX-5hte7pCZXqX7pBa3EFyZjd-eOdu3vTsA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
