Custom ssh_config Not Working As Expected
652 views
Skip to first unread message
James Goodhouse
Sep 23, 2014, 9:27:30 PM9/23/14
to ansible...@googlegroups.com
I am having some issues with a custom ssh_config file and not sure if I'm doing something wrong, if it's an ssh bug, or if it's an Ansible bug.
Host bastion
HostName xxx.xxx.xxx.xxx
User ubuntu
Host app01
HostName xxx.xxx.xxx.xxx
ProxyCommand ssh bastion nc %h %p
User ubuntu
If I then run the command ssh app01 -F ssh_config I receive the following error:
ssh: Could not resolve hostname bastion: nodename nor servname provided, or not known
However, if instead of referencing the ssh_config file, I instead place the contents into ~/.ssh/config and run the command ssh app01, all is well and it is able to resolve the hostname, bastion.
Is there a setting I am missing somewhere or is this potentially a bug in either ssh or Ansible?
Thanks for your help and if you need any more info, please ask!
- James
Michael DeHaan
Sep 23, 2014, 9:55:56 PM9/23/14
to ansible...@googlegroups.com
Could this possibly be because the CWD when executing ansible can't find your specified ssh_config ?
Maybe try fulling pathing it for starters?
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/65690467-b6e1-4206-bb87-9250b2371c40%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
James Goodhouse
Sep 24, 2014, 4:19:30 AM9/24/14
to ansible...@googlegroups.com
I tried fully pathing it to no avail. It seems to be picking up on the custom ssh_config because if I change the ProxyCommand from ssh bastion nc %h %p to ssh ubu...@x.x.x.x nc %h %p then it works fine. It's almost like it's not referencing the custom ssh_config for the ProxyCommand and is defaulting back to looking in the config in ~/.ssh or /etc/ssh.
Karl E. Jorgensen
Sep 24, 2014, 4:20:38 AM9/24/14
to ansible...@googlegroups.com
Hi
On Tue, Sep 23, 2014 at 06:27:30PM -0700, James Goodhouse wrote:
> I am having some issues with a custom ssh_config file and not sure if I'm doing
> something wrong, if it's an ssh bug, or if it's an Ansible bug.
>
> I currently have a custom ssh_config file placed next to my ansible.cfg file.
> In the ansible.cfg file I have the line ssh_args = -F ssh_config under the
> [ssh_connection] section. Inside of my ssh_config file is the following:
>
> Host bastion
> HostName xxx.xxx.xxx.xxx
> User ubuntu
> Host app01
> HostName xxx.xxx.xxx.xxx
> ProxyCommand ssh bastion nc %h %p
> User ubuntu
>
> If I then run the command ssh app01 -F ssh_config I receive the following
> error:
>
> ssh: Could not resolve hostname bastion: nodename nor servname provided, or
> not known
>
> However, if instead of referencing the ssh_config file, I instead place the
> contents into ~/.ssh/config and run the command ssh app01, all is well and it
> is able to resolve the hostname, bastion.
That makes sense.
When you run "ssh app01 -F ssh_config", it will obviously use the
given SSH config file.... But in order to connect to app01, it needs
to run the ProxyCommand. But this will use the *default* ssh config
file. Not the one in the current directory...
As far as SSH is concerned, the ProxyCommand is simply a shell
command - even if it just invokes ssh...
--
Karl E. Jorgensen
On Tue, Sep 23, 2014 at 06:27:30PM -0700, James Goodhouse wrote:
> I am having some issues with a custom ssh_config file and not sure if I'm doing
> something wrong, if it's an ssh bug, or if it's an Ansible bug.
>
> I currently have a custom ssh_config file placed next to my ansible.cfg file.
> In the ansible.cfg file I have the line ssh_args = -F ssh_config under the
> [ssh_connection] section. Inside of my ssh_config file is the following:
>
> Host bastion
> HostName xxx.xxx.xxx.xxx
> User ubuntu
> Host app01
> HostName xxx.xxx.xxx.xxx
> ProxyCommand ssh bastion nc %h %p
> User ubuntu
>
> If I then run the command ssh app01 -F ssh_config I receive the following
> error:
>
> ssh: Could not resolve hostname bastion: nodename nor servname provided, or
> not known
>
> However, if instead of referencing the ssh_config file, I instead place the
> contents into ~/.ssh/config and run the command ssh app01, all is well and it
> is able to resolve the hostname, bastion.
When you run "ssh app01 -F ssh_config", it will obviously use the
given SSH config file.... But in order to connect to app01, it needs
to run the ProxyCommand. But this will use the *default* ssh config
file. Not the one in the current directory...
As far as SSH is concerned, the ProxyCommand is simply a shell
command - even if it just invokes ssh...
--
Karl E. Jorgensen
James Goodhouse
Sep 24, 2014, 3:28:45 PM9/24/14
to ansible...@googlegroups.com
Thanks for your reply, Karl!
So given that is the case, would there be a way for it to behave the way I'm expecting when using a custom ssh_config file?
On a separate but related note, I'm trying to use a wildcard entry in my ssh_config for various servers. So for example, my inventory file has the entry app01-stg ansible_ssh_host=10.0.11.195 and my ssh_config file is as follows:
Host app*-stg
ProxyCommand ssh ubuntu@*.*.*.* nc %h %p
User ubuntu
When I then run the command ansible all -m ping -i inventory/staging.ini -l app01-stg I receive the error app01-stg | FAILED => SSH Error: data could not be sent to the remote host. Make sure this host can be reached over ssh. However, all works fine if I remove the ansible_ssh_host address from the inventory file and rerun the command with the following ssh_config file:
Host app01-stg
HostName 10.0.11.195
ProxyCommand ssh ubuntu@*.*.*.* nc %h %p
User ubuntu
Thanks in advance!!
- James
Reply all
Reply to author
Forward
0 new messages