SSH Error: data could not be sent to the remote host. Make sure this host can be reached over ssh

Archives Ansible Project
1

I’m trying to use private keys. I’ve got it all setup and it works when I use this command.

ssh -C james@172.30.129.174 some command

It works when I use the command as formatted by Ansible too.

ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath=“/Users/james/.ansible/cp/ansible-ssh-%h-%p-%r” -o IdentityFile=“/Users/james/.ssh/id_rsa” -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=james -o ConnectTimeout=10 172.30.129.174 some command

When I use Ansible it doesn’t work.

ansible -vvvv 172.30.129.174 -m raw -a "show switch”

<172.30.129.174> ESTABLISH CONNECTION FOR USER: james
<172.30.129.174> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath=“/Users/james
/.ansible/cp/ansible-ssh-%h-%p-%r” -o IdentityFile=“/Users/james/.ssh/id_rsa” -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=james -o ConnectTimeout=10 172.30.129.174 show switch
sw_b2-1 | FAILED => SSH Error: data could not be sent to the remote host. Make sure this host can be reached over ssh

Does anyone have any ideas why I can’t get private keys to work?

James

2

One more comment, if I add --ask-pass to the Ansible command it works. I just can’t get the private keys to work.

3

Am I missing a flag or setting? I’ve got “ansible_ssh_private_key_file” set to the full path to my id_rsa file. Is that all it takes to get Ansible to use private keys?

4

Well, I just tried anything and everything I could and it looks like adding “-c paramiko” fixed it.

5

this is probably a control persist issue, try disabling those options
(empty ssh_args in ansible.cfg) and see if that also fixes the
problem.

if so, you can switch to paramiko (its faster than ssh w/o control
persist) or play with the timeout settings (default 60s). In some
cases it has to do with older Openssh versions not behaving well or
using different ssh server software.

6

The version on my master computer is: OpenSSL 0.9.8zc 15 Oct 2014. I can’t seem to find the version on the the clients, which are switches.

What I don’t get is why --ask-pass works with OpenSSH but private keys don’t.

I added this to my ansible.cfg and it made no difference but I’m not sure if this is what you meant by “empty ssh_args”.

[ssh_connection]
ssh_args =

7

i'm going with 'custom ssh server' that is probably the issue with
most switches.