SSH Config file not picked up during playbook execution.

[ayekaymail]

Hello Folks,

I am trying to execute a playbook from the control machine in the internal network to a VM located in the DMZ as shown in the diagram below

Access to the DMZ server is typically via a http proxy. I setup corkscrew to tunnel ssh over http and setup the configuration file as

~/.ssh/config

Host Target.Server.VM.IP
  ProxyCommand /usr/local/bin/corkscrew HTTP.Proxy.Server.IP 80 %h %p

using this setting, I am manually able to ssh from the Control Machine to the Target VM directly.

However when the playbook executes it does not seem to read this config file and attempts a direct connection from the control server machine to the target VM in the DMZ. Both the playbook execution and the manual ssh connection are being executed under the same linux OS user

Can you please let me know if I am missing something at my end.

[Brian Coca]

As long as you don't set the remote user (ssh limitation), the ssh config should be picked up automatically (just tested and works).

--

Brian Coca

[ayekaymail]

Thanks Brian

Unfortunately, its not working for me. It still tries to make a direct connection

-bash-4.1$ export ANSIBLE_SSH_ARGS="-F /var/lib/awx/.ssh/config" ; ansible-playbook -i /opt/ansiblework/inventory/dmzhosts helloworld.yml -u webuser --ask-pass  -vvvv
SSH password:

PLAY [Hello World!] ***********************************************************

GATHERING FACTS ***************************************************************
<Target.Server.VM.IP> ESTABLISH CONNECTION FOR USER: webuser on PORT 22 TO Target.Server.VM.IP
fatal: [Target.Server.VM.IP] => {'msg': 'FAILED: [Errno 111] Connection refused', 'failed': True}

TASK: [Hello World!] **********************************************************
FATAL: no hosts matched or all hosts have already failed -- aborting


PLAY RECAP ********************************************************************
           to retry, use: --limit @/var/lib/awx/helloworld.retry

Target.Server.VM.IP            : ok=0    changed=0    unreachable=1    failed=0

Not sure what I am missing here

[Brian Coca]

As I mentioned, if you set the remote user, it will ignore the .ssh
config and you have `-u webuser`



--
Brian Coca

[ayekaymail .]

tried removing the -u webuser. still the same issue

--
Brian Coca

--
You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/lgz7zOzMRRM/unsubscribe.
To unsubscribe from this group and all its topics, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAJ5XC8%3Derofgr4Z_Li5riZ2D_JVU861SxQzZo6DLE_N%3DQ50B2w%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

[Brian Coca]

weird, w/o the user it picks up my ssh config, including jumphost line
w/o any issues. In any case you can also pass that info in the
ansible_ssh_args per host/group

--
Brian Coca