I had a very similar problem that was resolved by creating a file called
config under the users .ssh directory. this file contains
Host k200 hoitsw0* hosw*0* hoswe0* mislxsrv stage instore central zzswm01
sysadm rvswm0* clswm0* cmswa0* cmswm0* crsw* gwswm*
Ciphers +aes256-cbc,3des-cbc
KexAlgorithms
+diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
HostKeyAlgorithms +ssh-dss
I hope that helps you!
On Friday, July 7, 2023 at 3:07:12 PM UTC-4 Bikram wrote:
> Hi Team,
>
>
> While I am trying to run an ansible playbook to connect to a Cisco IOS
> switch, it is throwing me the following error which is related
> to KexAlgorithms (diffie-hellman-group1-sha1).
>
>
> Ansible-playbook run log:
>
> [FinAdmin@gns-ansible playbooks]$ ansible-playbook
> image_copy_cisco_ios.yaml --limit 'twddxcsw04'
>
>
> PLAY [Copy image file to device]
> ************************************************************************************************************************************************************
>
>
>
> TASK [ twddxcsw04 Normalize variables]
> *********************************************************************************************************************************************************
>
> ok: [ twddxcsw04 ]
>
>
>
> TASK [Get Hardware Type of Remote Device.]
> **************************************************************************************************************************************************
>
> fatal: [ twddxcsw04 ]: FAILED! => {"changed": false, "msg": "ssh
> connection failed: ssh connect failed: kex error : no match for method kex
> algos: server [diffie-hellman-group1-sha1], client [curve25519-sha256,
> [email protected]
> ,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1]"}
>
>
>
> PLAY RECAP
> **********************************************************************************************************************************************************************************
>
> twddxcsw04 : ok=1 changed=0 unreachable=0
> failed=1 skipped=0 rescued=0 ignored=0
>
>
>
>
> I tried to fix it by adding Kex Algo to '/etc/ssh/ssh_config file'. After
> that I can ssh to the switch
>
> [Host 10.xx.xx.*
>
> KexAlgorithms +diffie-hellman-group1-sha1]
>
>
> SSH output:
>
>
> [Admin@ gns-ansible playbooks]$ ssh user1@twddxcsw04
>
> C
>
>
> ********************************************************************************
>
>
> ********************************************************************************
>
> ** WARNING! WARNING!
> WARNING! **
>
>
> ********************************************************************************
>
>
> ********************************************************************************
>
> ** Unauthorized access to this system is strictly
> prohibited **
>
> ** Unauthorized access will be subject to legal
> action **
>
> ** If you are not authorized to access this
> system **
>
> ** D I S C O N N E C T I M M E D I A T E L Y
> ! **
>
>
> ********************************************************************************
>
> (user1@twddxcsw04 ) Password:
>
>
>
> Even after adding the Kex Algo to the file above, ansible is giving me the
> same error. I also tried to add an argument as variable to the vars file as
> below but no luck.
>
>
> ansible_ssh_common_args: '-o KexAlgorithms=+diffie-hellman-group1-sha1 -o
> HostKeyAlgorithms=+ssh-rsa -o Ciphers=+aes256-cbc'
>
>
> In summary, even though ssh works, ansible-playbook fails.
>
>
> A resolution is much appreciated.
>
>
> Thank you.
>
> Bikram Biswas
>
>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/82e5d803-9f58-4c21-acd1-f7d1c86bb4a7n%40googlegroups.com.
