I don't see you setting ansible_connection anywhere. According to https://docs.ansible.com/ansible/latest/network/user_guide/network_best_practices_2.5.html that is recommended. There are a bunch of other settings as well
On Mon, 10 Jul 2023 at 15:12, Bikram <[email protected]> wrote: > Hi Dick, > > Here is the sample of my inventory: > > [ios] > twddxcsw04 ansible_host = 10.x.x.x ansible_ssh_user=xxxx > ansible_ssh_pass=xxxx > > > Thanks > Bikram > > On Sat, Jul 8, 2023 at 2:07 AM Dick Visser <[email protected]> wrote: > >> What does your inventory look like? >> >> On Fri, 7 Jul 2023 at 21:07, Bikram <[email protected]> wrote: >> >>> Hi Team, >>> >>> >>> While I am trying to run an ansible playbook to connect to a Cisco IOS >>> switch, it is throwing me the following error which is related >>> to KexAlgorithms (diffie-hellman-group1-sha1). >>> >>> >>> Ansible-playbook run log: >>> >>> [FinAdmin@gns-ansible playbooks]$ ansible-playbook >>> image_copy_cisco_ios.yaml --limit 'twddxcsw04' >>> >>> >>> PLAY [Copy image file to device] >>> ************************************************************************************************************************************************************ >>> >>> >>> >>> TASK [ twddxcsw04 Normalize variables] >>> ********************************************************************************************************************************************************* >>> >>> ok: [ twddxcsw04 ] >>> >>> >>> >>> TASK [Get Hardware Type of Remote Device.] >>> ************************************************************************************************************************************************** >>> >>> fatal: [ twddxcsw04 ]: FAILED! => {"changed": false, "msg": "ssh >>> connection failed: ssh connect failed: kex error : no match for method kex >>> algos: server [diffie-hellman-group1-sha1], client [curve25519-sha256, >>> [email protected] >>> ,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1]"} >>> >>> >>> >>> PLAY RECAP >>> ********************************************************************************************************************************************************************************** >>> >>> twddxcsw04 : ok=1 changed=0 unreachable=0 >>> failed=1 skipped=0 rescued=0 ignored=0 >>> >>> >>> >>> >>> I tried to fix it by adding Kex Algo to '/etc/ssh/ssh_config file'. >>> After that I can ssh to the switch >>> >>> [Host 10.xx.xx.* >>> >>> KexAlgorithms +diffie-hellman-group1-sha1] >>> >>> >>> SSH output: >>> >>> >>> [Admin@ gns-ansible playbooks]$ ssh user1@ <[email protected]> >>> twddxcsw04 >>> >>> C >>> >>> >>> ******************************************************************************** >>> >>> >>> ******************************************************************************** >>> >>> ** WARNING! WARNING! >>> WARNING! ** >>> >>> >>> ******************************************************************************** >>> >>> >>> ******************************************************************************** >>> >>> ** Unauthorized access to this system is strictly >>> prohibited ** >>> >>> ** Unauthorized access will be subject to legal >>> action ** >>> >>> ** If you are not authorized to access this >>> system ** >>> >>> ** D I S C O N N E C T I M M E D I A T E L Y >>> ! ** >>> >>> >>> ******************************************************************************** >>> >>> (user1@ <[email protected]>twddxcsw04 ) Password: >>> >>> >>> >>> Even after adding the Kex Algo to the file above, ansible is giving me >>> the same error. I also tried to add an argument as variable to the vars >>> file as below but no luck. >>> >>> >>> ansible_ssh_common_args: '-o KexAlgorithms=+diffie-hellman-group1-sha1 >>> -o HostKeyAlgorithms=+ssh-rsa -o Ciphers=+aes256-cbc' >>> >>> >>> In summary, even though ssh works, ansible-playbook fails. >>> >>> >>> A resolution is much appreciated. >>> >>> >>> Thank you. >>> >>> Bikram Biswas >>> >>> >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Ansible Project" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/ansible-project/CAEFfMJQbSjJknKyJsY9YhmOObssb-%2BChcRnqRcVsGWco1d1gKA%40mail.gmail.com >>> <https://groups.google.com/d/msgid/ansible-project/CAEFfMJQbSjJknKyJsY9YhmOObssb-%2BChcRnqRcVsGWco1d1gKA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- >> Sent from Gmail Mobile >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> > To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/CAF8BbLat4saM0O36wMVcHyKetcRMe1NODSDqxA3dE9T2Zq8HNw%40mail.gmail.com >> <https://groups.google.com/d/msgid/ansible-project/CAF8BbLat4saM0O36wMVcHyKetcRMe1NODSDqxA3dE9T2Zq8HNw%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/CAEFfMJTwqxzWksV9Z_tdEydph3sFq81DeSHbA-FNKuuUaTZNxw%40mail.gmail.com > <https://groups.google.com/d/msgid/ansible-project/CAEFfMJTwqxzWksV9Z_tdEydph3sFq81DeSHbA-FNKuuUaTZNxw%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- Sent from Gmail Mobile -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAF8BbLbHN%2B9YOJEx8LZV6S3_VcJqqE-nxuhG0DLjXADzhXZT0A%40mail.gmail.com.
