Wild guess was CORRECT - the runs work now. So, what could have changed on this box that "export ANSIBLE_HOST_KEY_CHECKING=False" would have fixed? (not a SSH guru here... pls educate me)
Thanks, Will On Thursday, September 4, 2014 3:07:19 PM UTC-4, Mikhail Koshelev wrote: > > Just a wild guess - can you try running ansible-playbook with > ANSIBLE_HOST_KEY_CHECKING=False ? > > > On Thursday, September 4, 2014 11:12:30 AM UTC-7, Willard Dennis wrote: >> >> I can indeed SSH straight in (using 'root' with password.) >> >> I made sure "PermitRootLogin" was explicitly set to 'yes' in sshd_config, >> restarted sshd, and tried again. The Ansible command still hangs, and no >> messages in /var/log/secure, other than when I kill the Ansible process, it >> reports "Connection closed": >> >> Sep 4 14:06:34 problem-svr sshd[1457]: Received signal 15; terminating. >> Sep 4 14:06:34 problem-svr sshd[17358]: Server listening on 0.0.0.0 port >> 22. >> Sep 4 14:06:34 problem-svr sshd[17358]: Server listening on :: port 22. >> Sep 4 14:07:16 problem-svr sshd[17360]: Connection closed by >> 192.168.180.53 [preauth] >> >> Very strange & frustrating... >> >> >> On Thursday, September 4, 2014 1:40:58 PM UTC-4, Dick Davies wrote: >>> >>> Huh weird - I've started porting some of our centos6 play books over >>> to centos7 and didn't have >>> any trouble (OSX client, pure ssh transport) but that was using SSH >>> pubkey auth. >>> >>> Maybe there's something up with the way centos7 does password auth? >>> >>> I'm guessing you can ssh straight in as the ansible user with the same >>> pass etc? >>> (If not, fix that first :) ) >>> >>> If so I'd check /var/log/secure and see if there are any differences >>> in how sshd is >>> seeing the sessions of the ansible connection vs. your vanilla ssh >>> client. >>> >>> >>> >>> On 4 September 2014 18:04, Willard Dennis <[email protected]> wrote: >>> > Hi all, >>> > >>> > >>> > I just installed CentOS 7 on a new machine, and 'yum update'-ed it to >>> pick >>> > up the latest packages. Here's the output of 'uname -a' and >>> > '/etc/redhat-release': >>> > >>> > [root@problem-svr ~]# uname -a >>> > Linux problem-svr.mycompany.com 3.10.0-123.6.3.el7.x86_64 #1 SMP Wed >>> Aug 6 >>> > 21:12:36 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux >>> > [root@problem-svr ~]# cat /etc/redhat-release >>> > CentOS Linux release 7.0.1406 (Core) >>> > >>> > >>> > When I try to do anything with Ansible (v1.7.1 running on Ubuntu >>> 12.04.5) >>> > against this box, it just hangs (even '-m ping') When I throw the >>> '-vvvv' on >>> > the run, here's what I see: >>> > >>> > >>> > will@wdennis-p390:~/ansible-stuff$ ansible -vvvv problem-svr -u root >>> -k -i >>> > test -m setup >>> > SSH password: >>> > <problem-svr> ESTABLISH CONNECTION FOR USER: root >>> > <problem-svr> REMOTE_MODULE setup >>> > <problem-svr> EXEC ['sshpass', '-d6', 'ssh', '-C', '-tt', '-vvv', >>> '-o', >>> > 'ControlMaster=auto', '-o', 'ControlPersist=60s', '-o', >>> > 'ControlPath=/home/will/.ansible/cp/ansible-ssh-%h-%p-%r', '-o', >>> 'Port=22', >>> > '-o', 'GSSAPIAuthentication=no', '-o', 'PubkeyAuthentication=no', >>> '-o', >>> > 'User=root', '-o', 'ConnectTimeout=10', 'problem-svr-new', "/bin/sh -c >>> > 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1409846776.31-88290040276656 >>> && >>> > echo $HOME/.ansible/tmp/ansible-tmp-1409846776.31-88290040276656'"] >>> > >>> > >>> > I do see a SSH session initiated on the host: >>> > >>> > >>> > [root@problem-svr ~]# ss -4 -t >>> > State Recv-Q Send-Q Local Address:Port Peer Address:Port >>> > ESTAB 0 208 192.168.180.22:ssh 192.168.180.50:63172 >>> > [root@problem-svr ~]# ss -4 -t >>> > State Recv-Q Send-Q Local Address:Port Peer Address:Port >>> > ESTAB 0 0 192.168.180.22:ssh 192.168.180.53:42717 <--- Ansible >>> session >>> > ESTAB 0 0 192.168.180.22:ssh 192.168.180.50:63172 >>> > >>> > >>> > But then, the session just times out and finally drops: >>> > >>> > >>> > State Recv-Q Send-Q Local Address:Port Peer Address:Port >>> > FIN-WAIT-2 0 0 192.168.180.22:ssh 192.168.180.53:42717 >>> > ESTAB 0 208 192.168.180.22:ssh 192.168.180.50:63172 >>> > [root@problem-svr ~]# ss -4 -t >>> > State Recv-Q Send-Q Local Address:Port Peer Address:Port >>> > ESTAB 0 208 192.168.180.22:ssh 192.168.180.50:63172 >>> > >>> > >>> > Meanwhile, the Ansible process on the control machine keeps trying >>> (i.e., >>> > does not die when the session ends) and eventually, I kill it with a >>> Ctrl-C. >>> > >>> > I did already try setting SELinux to "disabled" on the CentOS 7 box, >>> and >>> > turning off the 'firewalld' service (does not seem to make a >>> difference.) >>> > >>> > I do have another CentOS 7 box that I can successfully run Ansible >>> against, >>> > so I think it's just something strange on the target CentOS 7 box... >>> How can >>> > I further debug this? >>> > >>> > >>> > Thanks, >>> > Will >>> > >>> > -- >>> > You received this message because you are subscribed to the Google >>> Groups >>> > "Ansible Project" group. >>> > To unsubscribe from this group and stop receiving emails from it, send >>> an >>> > email to [email protected]. >>> > To post to this group, send email to [email protected]. >>> > To view this discussion on the web visit >>> > >>> https://groups.google.com/d/msgid/ansible-project/62be84d8-3911-4b74-b124-4c6cde89fc9a%40googlegroups.com. >>> >>> >>> > For more options, visit https://groups.google.com/d/optout. >>> >> -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/db82ddd9-38ef-4699-99c1-28b07ee01820%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
