AWX SSH connection not establishing

Archives AWX Project
1

Trying to run my first playbook. Running AWX on CentOS8,trying to connect to remote device using SSH. On my remote device I have run ssh-genkey on my device and added the .pub key to authorized_keys file. I have also taken the .pub private key and created a credentials machine type and added the private key. Username and password are blank. I can only connect using root user to my remote device enter image description here

My playbook is:

— - name: use machine credentials(1) hosts: ACS connection: ssh gather_facts: false timeout: 10 tasks: - name: Get firmware version from host shell: “date” #shell: cat /firmware | grep ^VERSION | cut -d"=" -f2 register: firmware_version tags: firmware_version

I am trying to SSH to my remote devicve and read the firmware details from a file on the remote device.

When I run my playbook the output fails and I do not believe it is connecting to the remote device. I can manually SSH from my AWX host to the remote device from a putty session. I tried with private key file on the AWX host and can SSH to my remote device using the key from putty.

Output from AWX:

Identity added: /runner/artifacts/196/ssh_key_data (/runner/artifacts/196/ssh_key_data) ansible-playbook [core 2.14.2] config file = None configured module search path = [‘/home/runner/.ansible/plugins/modules’, ‘/usr/share/ansible/plugins/modules’] ansible python module location = /usr/local/lib/python3.9/site-packages/ansible ansible collection location = /runner/requirements_collections:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.9.16 (main, Dec 8 2022, 00:00:00) [GCC 11.3.1 20221121 (Red Hat 11.3.1-4)] (/usr/bin/python3) jinja version = 3.1.2 libyaml = True No config file found; using defaults host_list declined parsing /runner/inventory/hosts as it did not pass its verify_file() method Parsed /runner/inventory/hosts inventory source with script plugin Skipping callback ‘awx_display’, as we already have a stdout callback. Skipping callback ‘default’, as we already have a stdout callback. Skipping callback ‘minimal’, as we already have a stdout callback. Skipping callback ‘oneline’, as we already have a stdout callback. PLAYBOOK: acs_backup.yml ******************************************************* 1 plays in acs_backup.yml PLAY [use machine credentials(1)] ********************************************** TASK [Get firmware version from host] ****************************************** task path: /runner/project/acs_backup.yml:18 <10.162.29.138> ESTABLISH SSH CONNECTION FOR USER: root <10.162.29.138> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ‘User=“root”’ -o ConnectTimeout=10 -o ‘ControlPath=“/runner/cp/4477df8717”’ 10.162.29.138 ‘/bin/sh -c ‘"’“‘echo ~root && sleep 0’”’“‘’ <10.162.29.138> (0, b’/home/root\r\n’, b"Warning: Permanently added ‘10.162.29.138’ (ED25519) to the list of known hosts.\r\n”) <10.162.29.138> ESTABLISH SSH CONNECTION FOR USER: root <10.162.29.138> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ‘User=“root”’ -o ConnectTimeout=10 -o ‘ControlPath=“/runner/cp/4477df8717”’ 10.162.29.138 ‘/bin/sh -c ‘"’"’( umask 77 && mkdir -p “echo /home/root/.ansible/tmp”&& mkdir “echo /home/root/.ansible/tmp/ansible-tmp-1677124576.2755764-27-69248210230276” && echo ansible-tmp-1677124576.2755764-27-69248210230276=“echo /home/root/.ansible/tmp/ansible-tmp-1677124576.2755764-27-69248210230276” ) && sleep 0’“'”‘’ <10.162.29.138> (0, b’ansible-tmp-1677124576.2755764-27-69248210230276=/home/root/.ansible/tmp/ansible-tmp-1677124576.2755764-27-69248210230276\r\n’, b’‘) <ACS-10.162.29.138> Attempting python interpreter discovery <10.162.29.138> ESTABLISH SSH CONNECTION FOR USER: root <10.162.29.138> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ‘User=“root”’ -o ConnectTimeout=10 -o ‘ControlPath=“/runner/cp/4477df8717”’ 10.162.29.138 ‘/bin/sh -c ‘"’“'echo PLATFORM; uname; echo FOUND; command -v '”’"’“'”‘"’“'”‘“‘python3.11’”’“'”‘"’“'”‘"’“'; command -v '”‘"’“'”‘"’“'”‘“‘python3.10’”’“'”‘"’“'”‘"’“'; command -v '”‘"’“'”‘"’“'”‘“‘python3.9’”’“'”‘"’“'”‘"’“'; command -v '”‘"’“'”‘"’“'”‘“‘python3.8’”’“'”‘"’“'”‘"’“'; command -v '”‘"’“'”‘"’“'”‘“‘python3.7’”’“'”‘"’“'”‘"’“'; command -v '”‘"’“'”‘"’“'”‘“‘python3.6’”’“'”‘"’“'”‘"’“'; command -v '”‘"’“'”‘"’“'”‘“‘python3.5’”’“'”‘"’“'”‘"’“'; command -v '”‘"’“'”‘"’“'”‘"’/usr/bin/python3’“'”‘"’“'”‘"’“'”‘; command -v ‘"’"’“'”‘"’“'”‘"’/usr/libexec/platform-python’“'”‘"’“'”‘"’“'”‘; command -v ‘"’"’“'”‘"’“'”‘“‘python2.7’”’“'”‘"’“'”‘"’“'; command -v '”‘"’“'”‘"’“'”‘"’/usr/bin/python’“'”‘"’“'”‘"’“'”‘; command -v ‘"’"’“'”‘"’“'”‘“‘python’”’“'”‘"’“'”‘"’“‘; echo ENDFOUND && sleep 0’”‘"’’ <10.162.29.138> (0, b’PLATFORM\r\nLinux\r\nFOUND\r\n/usr/bin/python3.5\r\n/usr/bin/python3\r\n/usr/bin/python2.7\r\n/usr/bin/python\r\n/usr/bin/python\r\nENDFOUND\r\n’, b’‘) <10.162.29.138> ESTABLISH SSH CONNECTION FOR USER: root <10.162.29.138> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ‘User=“root”’ -o ConnectTimeout=10 -o ‘ControlPath=“/runner/cp/4477df8717”’ 10.162.29.138 ‘/bin/sh -c ‘"’"’/usr/bin/python3.5 && sleep 0’“'”‘’ fatal: [ACS-10.162.29.138]: FAILED! => { “changed”: false, “msg”: “The shell action failed to execute in the expected time frame (10) and was terminated” } PLAY RECAP ********************************************************************* ACS-10.162.29.138 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0

Can anyone spot the why I am not connecting via SSH to my remote device?

2

are you using a docker or k8s deployment?

how long does it take to establish the connection via putty? we see the timeout is set to 10 seconds, so if it takes longer than that to establish a connection, it will fail

3

I am using K8

I am connecting to GITHUB and syncing the project on my local AWX host. Both AWX and the device I am trying to ssh to are on the same local network 10.162.29.x.

I can connect using NCAP and ssh but when in verbose mode for ssh it just stays saying "Connecting to 10.162.29.138 [10.162.29.138] port 22 so not sure why that is and not completing the connection.

[localadmin@centOS8-awx ~]$ nc -zv 10.162.29.138 22 Ncat: Version 7.70 ( https://nmap.org/ncat ) Ncat: Connected to 10.162.29.138:22. Ncat: 0 bytes sent, 0 bytes received in 0.01 seconds.

[localadmin@centOS8-awx ~]$ ssh root@10.162.29.138 Password:

WARNING: Improper use of shell commands could lead to data loss, the deletion of important system files or other unexpected result. Please double-check your syntax when typing shell commands.

[root@ACS8008-0520414440 ~]# exitConnection to 10.162.29.138 closed.

[localadmin@centOS8-awx ~]$ ssh -vv root@10.162.28.138 OpenSSH_8.0p1, OpenSSL 1.1.1k FIPS 25 Mar 2021 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Reading configuration data /etc/ssh/ssh_config.d/05-redhat.conf debug2: checking match for ‘final all’ host 10.162.28.138 originally 10.162.28.138 debug2: match not found debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config debug1: configuration requests final Match pass debug2: resolve_canonicalize: hostname 10.162.28.138 is address debug1: re-parsing configuration debug1: Reading configuration data /etc/ssh/ssh_config debug1: Reading configuration data /etc/ssh/ssh_config.d/05-redhat.conf debug2: checking match for ‘final all’ host 10.162.28.138 originally 10.162.28.138 debug2: match found debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config debug2: ssh_connect_direct debug1: Connecting to 10.162.28.138 [10.162.28.138] port 22.

4

Hi, thanks for the detailed info. Sounds like ncat can see the port 22 on the host, but your ssh connections still fail. This sounds like an ssh configuration problem (either client side or server side), not an issue with AWX.

AWX Team