SSH to literal IPv6 address
581 views
Skip to first unread message
Dick Visser
Feb 7, 2017, 4:39:49 AM2/7/17
to ansible...@googlegroups.com
Hi
I'm trying to set up a quick test host and have added this entry in my
~/.ssh/config:
# Test host
Host imapsync
Hostname 2001:610:148:f00d:20c:29ff:fe14:ccfe
Just issuing "ssh imapsync" works fine.
I have this corresponding in my ansible inventory:
# test host
imapsync
But when I try to run "ansible imapsync -m setup", I get:
"SSH Error: data could not be sent to the remote host. Make sure this
host can be reached over ssh".
It turns out that the literal IPv6 address is the culprit.
If I enable IPv4 on the host and change the ssh config to:
# Test host
Host imapsync
Hostname 192.87.38.66
Then things work.
Is there another way of specifying a literal IPv6 address.
PS I also tested using DNS by adding the name to /etc/hosts, and that
seems to work as well.
But the whole point of having ssh config's "Hostname" and ansible's
inventory is to no use DNS.
Thanks!
--
Dick Visser
Sr. System & Network Engineer
GÉANT
Want to join us? We're hiring: https://www.geant.org/jobs
I'm trying to set up a quick test host and have added this entry in my
~/.ssh/config:
# Test host
Host imapsync
Hostname 2001:610:148:f00d:20c:29ff:fe14:ccfe
Just issuing "ssh imapsync" works fine.
I have this corresponding in my ansible inventory:
# test host
imapsync
But when I try to run "ansible imapsync -m setup", I get:
"SSH Error: data could not be sent to the remote host. Make sure this
host can be reached over ssh".
It turns out that the literal IPv6 address is the culprit.
If I enable IPv4 on the host and change the ssh config to:
# Test host
Host imapsync
Hostname 192.87.38.66
Then things work.
Is there another way of specifying a literal IPv6 address.
PS I also tested using DNS by adding the name to /etc/hosts, and that
seems to work as well.
But the whole point of having ssh config's "Hostname" and ansible's
inventory is to no use DNS.
Thanks!
--
Dick Visser
Sr. System & Network Engineer
GÉANT
Want to join us? We're hiring: https://www.geant.org/jobs
Johannes Kastl
Feb 7, 2017, 5:24:33 AM2/7/17
to ansible...@googlegroups.com
On 07.02.17 10:38 Dick Visser wrote:
> # Test host
> Host imapsync
> Hostname 2001:610:148:f00d:20c:29ff:fe14:ccfe
> # Test host
> Host imapsync
> Hostname 2001:610:148:f00d:20c:29ff:fe14:ccfe
> Is there another way of specifying a literal IPv6 address.
I thought ssh needed IPv6 addresses in square brackets (to avoid
confusion with ports added as suffix)?
Host imapsync
Hostname [2001:610:148:f00d:20c:29ff:fe14:ccfe]
Johannes
Dick Visser
Feb 7, 2017, 6:24:38 AM2/7/17
to ansible...@googlegroups.com
You need the Port option, or -p on the command line.
The bracket notation isn't used by OpenSSH.
I know that for web browsers the brackets are mandatory when using
IPv6 literals.
Johannes Kastl
Feb 7, 2017, 6:34:43 AM2/7/17
to ansible...@googlegroups.com
On 07.02.17 12:23 Dick Visser wrote:
> Nope that doesn't work, neither in .ss/config nor on the command
> line. You need the Port option, or -p on the command line.
As a workaround, what happens if you append the port?
> Nope that doesn't work, neither in .ss/config nor on the command
> line. You need the Port option, or -p on the command line.
Host imapsync
Hostname [2001:610:148:f00d:20c:29ff:fe14:ccfe]:22
This should be valid ssh syntax, at least I have some of those in my
config or known_hosts.
Johannes
Dick Visser
Feb 7, 2017, 7:14:02 AM2/7/17
to ansible...@googlegroups.com
~$ ssh imapsync
ssh: Could not resolve hostname
[2001:610:148:f00d:20c:29ff:fe14:ccfe]:22: nodename nor servname
provided, or not known
This is on MacOS using OpenSSH_7.3p1, LibreSSL 2.4.1.
But I just tried on an Ubuntu box (OpenSSH_7.2p2 Ubuntu-4ubuntu2.1,
OpenSSL 1.0.2g 1 Mar 2016) and the same result there.
Not a show stopper but I'd like to avoid using scarce IPv4 addresses.
Dick
Johannes Kastl
Feb 7, 2017, 7:21:26 AM2/7/17
to ansible...@googlegroups.com
On 07.02.17 13:13 Dick Visser wrote:
>> This should be valid ssh syntax, at least I have some of those in
>> my config or known_hosts.
> It doesn't work here:
Sorry, my mistake, those were not in Hostname declarations.
>> This should be valid ssh syntax, at least I have some of those in
>> my config or known_hosts.
> It doesn't work here:
I do not have a ipv6 host handy, so I can't test...
Johannes
Kai Stian Olstad
Feb 7, 2017, 1:28:13 PM2/7/17
to ansible...@googlegroups.com
On 07. feb. 2017 10:38, Dick Visser wrote:
> I'm trying to set up a quick test host and have added this entry in my
> ~/.ssh/config:
>
> # Test host
> Host imapsync
> Hostname 2001:610:148:f00d:20c:29ff:fe14:ccfe
>
>
> Just issuing "ssh imapsync" works fine.
>
> I have this corresponding in my ansible inventory:
>
> # test host
> imapsync
>
> But when I try to run "ansible imapsync -m setup", I get:
>
> "SSH Error: data could not be sent to the remote host. Make sure this
> host can be reached over ssh".
Just for fun I tested this, it work for me.
> I'm trying to set up a quick test host and have added this entry in my
> ~/.ssh/config:
>
> # Test host
> Host imapsync
> Hostname 2001:610:148:f00d:20c:29ff:fe14:ccfe
>
>
> Just issuing "ssh imapsync" works fine.
>
> I have this corresponding in my ansible inventory:
>
> # test host
> imapsync
>
> But when I try to run "ansible imapsync -m setup", I get:
>
> "SSH Error: data could not be sent to the remote host. Make sure this
> host can be reached over ssh".
I'm running Ansible 2.1.2 at the moment.
--
Kai Stian Olstad
Dick Visser
Feb 7, 2017, 2:22:48 PM2/7/17
to ansible...@googlegroups.com
Just check the output of -vvvvv and ran the same command in a shell:
dick.visser@MacBookAir-DIck:~$ ssh -C -o ControlMaster=auto -o
ControlPersist=60s -o KbdInteractiveAuthentication=no -o
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
-o PasswordAuthentication=no -o ConnectTimeout=20 -o
ControlPath=/Users/dick.visser/.ansible/cp/ansible-ssh-%h-%p-%r
imapsync
unix_listener: "/Users/dick.visser/.ansible/cp/ansible-ssh-2001:610:148:f00d:20c:29ff:fe14:ccfe-22-visser.yQ7UwntkXwvGTUmk"
too long for Unix domain socket
After using the hint from
http://docs.ansible.com/ansible/intro_configuration.html#control-path
things started working.
Dick
On 7 February 2017 at 19:27, Kai Stian Olstad
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/c5e945dc-4abf-c3f8-d764-e8240d9c12d8%40olstad.com.
>
> For more options, visit https://groups.google.com/d/optout.
dick.visser@MacBookAir-DIck:~$ ssh -C -o ControlMaster=auto -o
ControlPersist=60s -o KbdInteractiveAuthentication=no -o
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
-o PasswordAuthentication=no -o ConnectTimeout=20 -o
ControlPath=/Users/dick.visser/.ansible/cp/ansible-ssh-%h-%p-%r
imapsync
unix_listener: "/Users/dick.visser/.ansible/cp/ansible-ssh-2001:610:148:f00d:20c:29ff:fe14:ccfe-22-visser.yQ7UwntkXwvGTUmk"
too long for Unix domain socket
After using the hint from
http://docs.ansible.com/ansible/intro_configuration.html#control-path
things started working.
Dick
On 7 February 2017 at 19:27, Kai Stian Olstad
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/c5e945dc-4abf-c3f8-d764-e8240d9c12d8%40olstad.com.
>
> For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages