Hey Bikram, Do you face a similar issue when the connection is set to libssh? Try using ansible_network_cli_ssh_type=libssh And, would you share some details of your environment, and which appliance version you are using?
Regards, Sagar Paul On Sat, Jul 8, 2023 at 11:37 AM Dick Visser <[email protected]> wrote: > What does your inventory look like? > > On Fri, 7 Jul 2023 at 21:07, Bikram <[email protected]> wrote: > >> Hi Team, >> >> >> While I am trying to run an ansible playbook to connect to a Cisco IOS >> switch, it is throwing me the following error which is related >> to KexAlgorithms (diffie-hellman-group1-sha1). >> >> >> Ansible-playbook run log: >> >> [FinAdmin@gns-ansible playbooks]$ ansible-playbook >> image_copy_cisco_ios.yaml --limit 'twddxcsw04' >> >> >> PLAY [Copy image file to device] >> ************************************************************************************************************************************************************ >> >> >> >> TASK [ twddxcsw04 Normalize variables] >> ********************************************************************************************************************************************************* >> >> ok: [ twddxcsw04 ] >> >> >> >> TASK [Get Hardware Type of Remote Device.] >> ************************************************************************************************************************************************** >> >> fatal: [ twddxcsw04 ]: FAILED! => {"changed": false, "msg": "ssh >> connection failed: ssh connect failed: kex error : no match for method kex >> algos: server [diffie-hellman-group1-sha1], client [curve25519-sha256, >> [email protected] >> ,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1]"} >> >> >> >> PLAY RECAP >> ********************************************************************************************************************************************************************************** >> >> twddxcsw04 : ok=1 changed=0 unreachable=0 >> failed=1 skipped=0 rescued=0 ignored=0 >> >> >> >> >> I tried to fix it by adding Kex Algo to '/etc/ssh/ssh_config file'. After >> that I can ssh to the switch >> >> [Host 10.xx.xx.* >> >> KexAlgorithms +diffie-hellman-group1-sha1] >> >> >> SSH output: >> >> >> [Admin@ gns-ansible playbooks]$ ssh user1@ <[email protected]> >> twddxcsw04 >> >> C >> >> >> ******************************************************************************** >> >> >> ******************************************************************************** >> >> ** WARNING! WARNING! >> WARNING! ** >> >> >> ******************************************************************************** >> >> >> ******************************************************************************** >> >> ** Unauthorized access to this system is strictly >> prohibited ** >> >> ** Unauthorized access will be subject to legal >> action ** >> >> ** If you are not authorized to access this >> system ** >> >> ** D I S C O N N E C T I M M E D I A T E L Y >> ! ** >> >> >> ******************************************************************************** >> >> (user1@ <[email protected]>twddxcsw04 ) Password: >> >> >> >> Even after adding the Kex Algo to the file above, ansible is giving me >> the same error. I also tried to add an argument as variable to the vars >> file as below but no luck. >> >> >> ansible_ssh_common_args: '-o KexAlgorithms=+diffie-hellman-group1-sha1 -o >> HostKeyAlgorithms=+ssh-rsa -o Ciphers=+aes256-cbc' >> >> >> In summary, even though ssh works, ansible-playbook fails. >> >> >> A resolution is much appreciated. >> >> >> Thank you. >> >> Bikram Biswas >> >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/CAEFfMJQbSjJknKyJsY9YhmOObssb-%2BChcRnqRcVsGWco1d1gKA%40mail.gmail.com >> <https://groups.google.com/d/msgid/ansible-project/CAEFfMJQbSjJknKyJsY9YhmOObssb-%2BChcRnqRcVsGWco1d1gKA%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> > -- > Sent from Gmail Mobile > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/CAF8BbLat4saM0O36wMVcHyKetcRMe1NODSDqxA3dE9T2Zq8HNw%40mail.gmail.com > <https://groups.google.com/d/msgid/ansible-project/CAF8BbLat4saM0O36wMVcHyKetcRMe1NODSDqxA3dE9T2Zq8HNw%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAEs9WgY5P0HDUehidA_oDdaT-ptYYfxAsR9SLByRNBr_qc%3DqTA%40mail.gmail.com.
