Fatal编程技术网
  • ansible/
  • 如果设备位于PAT边界之后,在远程设备和我的ansible控制节点之间启动会话的正确语法是什么?

如果设备位于PAT边界之后,在远程设备和我的ansible控制节点之间启动会话的正确语法是什么?

ansible

如果设备位于PAT边界之后,在远程设备和我的ansible控制节点之间启动会话的正确语法是什么?,ansible,ansible-inventory,Ansible,Ansible Inventory,我是Ansible新手,目前每当我尝试运行我的playbook时,我都会收到一个错误“致命:[E3]:不可访问!=>{“更改”:false,“msg”:“未能通过ssh连接到主机:从76.81.200.163端口30003收到断开连接:2:错误字符串长度\r\n从76.81.200.163端口30003断开连接”,“不可访问”:true}” 这在清单文件中的所有设备上都是相同的 这是为了帮助审计我们设置的网关后面的网络设备。我已尝试调整清单文件的语法,以读取ansible\u ssh\u use

我是Ansible新手,目前每当我尝试运行我的playbook时,我都会收到一个错误“致命:[E3]:不可访问!=>{“更改”:false,“msg”:“未能通过ssh连接到主机:从76.81.200.163端口30003收到断开连接:2:错误字符串长度\r\n从76.81.200.163端口30003断开连接”,“不可访问”:true}”

这在清单文件中的所有设备上都是相同的

这是为了帮助审计我们设置的网关后面的网络设备。我已尝试调整清单文件的语法,以读取ansible\u ssh\u user而不是ansible\u user。这似乎产生了类似的结果

---
- hosts: switches
  vars:
    ansible_network_os: icx
    ansible_user: MyUsername
    ansible_become: True
    ansible_password: MyPassword
    ansible_become_method: enable
    ansible_become_pass: MyPassword
    ansible_command_timeout: 60

  tasks:
     - name: Collect the default facts
       icx_facts:
         gather_subset:
           - default
       register: result

     - name: Collect the hardware facts
       icx_facts:
         gather_subset:
           - hardware
       register: result

     - name: Collect the config facts
       icx_facts:
         gather_subset:
           - config
       register: result

    - name: Collect the interfaces facts
      icx_facts:
        gather_subset:
          - interfaces
      register: result

     - name: Collect all the facts
       icx_facts:
         gather_subset:
           - all
       register: result

    - name: debug
      debug:
        var: result
以下是库存文件:

[switches]
E3 ansible_port=30003 ansible_host=76.81.200.163
E4 ansible_port=30004 ansible_host=76.81.200.163
E5 ansible_port=30005 ansible_host=76.81.200.163
E6 ansible_port=30006 ansible_host=76.81.200.163
E7 ansible_port=30007 ansible_host=76.81.200.163
E8 ansible_port=30008 ansible_host=76.81.200.163
E9 ansible_port=30009 ansible_host=76.81.200.163
E10 ansible_port=30010 ansible_host=76.81.200.163
E11 ansible_port=30011 ansible_host=76.81.200.163
E12 ansible_port=30012 ansible_host=76.81.200.163
E13 ansible_port=30013 ansible_host=76.81.200.163
E14 ansible_port=30014 ansible_host=76.81.200.163
E15 ansible_port=30015 ansible_host=76.81.200.163
E16 ansible_port=30016 ansible_host=76.81.200.163
E17 ansible_port=30017 ansible_host=76.81.200.163
E18 ansible_port=30018 ansible_host=76.81.200.163
E19 ansible_port=30019 ansible_host=76.81.200.163
E20 ansible_port=30020 ansible_host=76.81.200.163
E21 ansible_port=30021 ansible_host=76.81.200.163
E22 ansible_port=30022 ansible_host=76.81.200.163
E23 ansible_port=30023 ansible_host=76.81.200.163
E24 ansible_port=30024 ansible_host=76.81.200.163
E25 ansible_port=30025 ansible_host=76.81.200.163
E26 ansible_port=30026 ansible_host=76.81.200.163
E27 ansible_port=30027 ansible_host=76.81.200.163
E28 ansible_port=30028 ansible_host=76.81.200.163
E29 ansible_port=30029 ansible_host=76.81.200.163
E30 ansible_port=30030 ansible_host=76.81.200.163
E31 ansible_port=30031 ansible_host=76.81.200.163
E32 ansible_port=30032 ansible_host=76.81.200.163
E33 ansible_port=30033 ansible_host=76.81.200.163
E34 ansible_port=30034 ansible_host=76.81.200.163
E35 ansible_port=30035 ansible_host=76.81.200.163
E36 ansible_port=30036 ansible_host=76.81.200.163


[test:vars]
ansible_user=username
ansible_password=password
ansible_become_pass=password

[test]
Manseau-E5 ansible_port=30005 ansible_host=67.53.178.51
Manseau-E6 ansible_port=30006 ansible_host=67.53.178.51
Manseau-E7 ansible_port=30006 ansible_host=67.53.178.51
Manseau-E8 ansible_port=30006 ansible_host=67.53.178.51
正在使用的命令如下所示:

sudo ansible playbook showFacts.yml-i主机

我们的目标是审核设备,并查看使用剧本中的命令可以在交换机上找到哪些信息

我使用-vvv运行命令并收到以下输出

<76.81.200.163> ESTABLISH SSH CONNECTION FOR USER: MyUserName
<76.81.200.163> SSH: ansible.cfg set ssh_args: (-C)(-o)(ControlMaster=auto)(-o)(ControlPersist=60s)
<76.81.200.163> SSH: ANSIBLE_HOST_KEY_CHECKING/host_key_checking disabled: (-o)(StrictHostKeyChecking=no)
<76.81.200.163> SSH: ANSIBLE_REMOTE_PORT/remote_port/ansible_port set: (-o)(Port=30014)
<76.81.200.163> SSH: ANSIBLE_REMOTE_USER/remote_user/ansible_user/user/-u set: (-o)(User="MyUserName")
<76.81.200.163> SSH: ANSIBLE_TIMEOUT/timeout set: (-o)(ConnectTimeout=10)
<76.81.200.163> SSH: PlayContext set ssh_common_args: ()
<76.81.200.163> SSH: PlayContext set ssh_extra_args: ()
<76.81.200.163> SSH: found only ControlPersist; added ControlPath: (-o)(ControlPath=/home/aws/.ansible/cp/7fcfcd09f0)
<76.81.200.163> SSH: EXEC sshpass -d10 ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o Port=30014 -o 'User="MyUserName"' -o ConnectTimeout=10 -o ControlPath=/home/aws/.ansible/cp/7fcfcd09f0 76.81.200.163 '/bin/sh -c '"'"'echo ~MyUserName && sleep 0'"'"''
<76.81.200.163> (255, '', 'OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g  1 Mar 2016\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: Applying options for *\r\ndebug3: kex names ok: [diffie-hellman-group1-sha1]\r\ndebug1: auto-mux: Trying existing master\r\ndebug1: Control socket "/home/aws/.ansible/cp/fe4276fa4d" does not exist\r\ndebug2: resolving "76.81.200.163" port 30010\r\ndebug2: ssh_connect_direct: needpriv 0\r\ndebug1: Connecting to 76.81.200.163 [76.81.200.163] port 30010.\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug1: fd 3 clearing O_NONBLOCK\r\ndebug1: Connection established.\r\ndebug3: timeout: 9931 ms remain after connect\r\ndebug1: permanently_set_uid: 0/0\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /root/.ssh/id_dsa type -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /root/.ssh/id_dsa-cert type -1\r\ndebug1: Enabling compatibility mode for protocol 2.0\r\ndebug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8\r\ndebug1: Remote protocol version 2.0, remote software version RomSShell_5.40\r\ndebug1: no match: RomSShell_5.40\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug1: Authenticating to 76.81.200.163:30010 as \'MyUserName\'\r\ndebug3: put_host_port: [76.81.200.163]:30010\r\ndebug3: hostkeys_foreach: reading file "/root/.ssh/known_hosts"\r\ndebug3: record_hostkey: found key type RSA in file /root/.ssh/known_hosts:16\r\ndebug3: load_hostkeys: loaded 1 keys from [76.81.200.163]:30010\r\ndebug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa\r\ndebug3: send packet: type 20\r\ndebug1: SSH2_MSG_KEXINIT sent\r\ndebug3: receive packet: type 20\r\ndebug1: SSH2_MSG_KEXINIT received\r\ndebug2: local client KEXINIT proposal\r\ndebug2: KEX algorithms: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c\r\ndebug2: host key algorithms: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519\r\ndebug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc\r\ndebug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc\r\ndebug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: compression ctos: zlib@openssh.com,zlib,none\r\ndebug2: compression stoc: zlib@openssh.com,zlib,none\r\ndebug2: languages ctos: \r\ndebug2: languages stoc: \r\ndebug2: first_kex_follows 0 \r\ndebug2: reserved 0 \r\ndebug2: peer server KEXINIT proposal\r\ndebug2: KEX algorithms: diffie-hellman-group14-sha1,diffie-hellman-group1-sha1\r\ndebug2: host key algorithms: ssh-rsa\r\ndebug2: ciphers ctos: aes256-cbc,aes192-cbc,aes128-cbc,aes256-ctr,aes192-ctr,aes128-ctr,3des-cbc\r\ndebug2: ciphers stoc: aes256-cbc,aes192-cbc,aes128-cbc,aes256-ctr,aes192-ctr,aes128-ctr,3des-cbc\r\ndebug2: MACs ctos: hmac-sha1\r\ndebug2: MACs stoc: hmac-sha1\r\ndebug2: compression ctos: none\r\ndebug2: compression stoc: none\r\ndebug2: languages ctos: \r\ndebug2: languages stoc: \r\ndebug2: first_kex_follows 0 \r\ndebug2: reserved 0 \r\ndebug1: kex: algorithm: diffie-hellman-group14-sha1\r\ndebug1: kex: host key algorithm: ssh-rsa\r\ndebug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha1 compression: none\r\ndebug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha1 compression: none\r\ndebug1: sending SSH2_MSG_KEXDH_INIT\r\ndebug2: bits set: 991/2048\r\ndebug3: send packet: type 30\r\ndebug1: expecting SSH2_MSG_KEXDH_REPLY\r\ndebug3: receive packet: type 31\r\ndebug1: Server host key: ssh-rsa SHA256:MPoSxa389tZ42pQuBeYhXnkud6aQRtnmpDcaT9SR7WQ\r\ndebug3: put_host_port: [76.81.200.163]:30010\r\ndebug3: put_host_port: [76.81.200.163]:30010\r\ndebug3: hostkeys_foreach: reading file "/root/.ssh/known_hosts"\r\ndebug3: record_hostkey: found key type RSA in file /root/.ssh/known_hosts:16\r\ndebug3: load_hostkeys: loaded 1 keys from [76.81.200.163]:30010\r\ndebug3: hostkeys_foreach: reading file "/root/.ssh/known_hosts"\r\ndebug3: record_hostkey: found key type RSA in file /root/.ssh/known_hosts:16\r\ndebug3: load_hostkeys: loaded 1 keys from [76.81.200.163]:30010\r\ndebug1: Host \'[76.81.200.163]:30010\' is known and matches the RSA host key.\r\ndebug1: Found key in /root/.ssh/known_hosts:16\r\ndebug2: bits set: 1036/2048\r\ndebug3: send packet: type 21\r\ndebug2: set_newkeys: mode 1\r\ndebug1: rekey after 4294967296 blocks\r\ndebug1: SSH2_MSG_NEWKEYS sent\r\ndebug1: expecting SSH2_MSG_NEWKEYS\r\ndebug3: receive packet: type 21\r\ndebug1: SSH2_MSG_NEWKEYS received\r\ndebug2: set_newkeys: mode 0\r\ndebug1: rekey after 4294967296 blocks\r\ndebug2: key: /root/.ssh/id_dsa ((nil))\r\ndebug3: send packet: type 5\r\ndebug3: receive packet: type 6\r\ndebug2: service_accept: ssh-userauth\r\ndebug1: SSH2_MSG_SERVICE_ACCEPT received\r\ndebug3: send packet: type 50\r\ndebug3: receive packet: type 51\r\ndebug1: Authentications that can continue: publickey,password,keyboard-interactive\r\ndebug3: start over, passed a different list publickey,password,keyboard-interactive\r\ndebug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password\r\ndebug3: authmethod_lookup publickey\r\ndebug3: remaining preferred: keyboard-interactive,password\r\ndebug3: authmethod_is_enabled publickey\r\ndebug1: Next authentication method: publickey\r\ndebug1: Trying private key: /root/.ssh/id_dsa\r\ndebug3: no such identity: /root/.ssh/id_dsa: No such file or directory\r\ndebug2: we did not send a packet, disable method\r\ndebug3: authmethod_lookup keyboard-interactive\r\ndebug3: remaining preferred: password\r\ndebug3: authmethod_is_enabled keyboard-interactive\r\ndebug1: Next authentication method: keyboard-interactive\r\ndebug2: userauth_kbdint\r\ndebug3: send packet: type 50\r\ndebug2: we sent a keyboard-interactive packet, wait for reply\r\ndebug3: receive packet: type 60\r\ndebug2: input_userauth_info_req\r\ndebug2: input_userauth_info_req: num_prompts 1\r\ndebug3: send packet: type 61\r\ndebug3: receive packet: type 52\r\ndebug1: Authentication succeeded (keyboard-interactive).\r\nAuthenticated to 76.81.200.163 ([76.81.200.163]:30010).\r\ndebug1: setting up multiplex master socket\r\ndebug3: muxserver_listen: temporary control path /home/aws/.ansible/cp/fe4276fa4d.TXOAtXG8SQgQI5BF\r\ndebug2: fd 4 setting O_NONBLOCK\r\ndebug3: fd 4 is O_NONBLOCK\r\ndebug3: fd 4 is O_NONBLOCK\r\ndebug1: channel 0: new [/home/aws/.ansible/cp/fe4276fa4d]\r\ndebug3: muxserver_listen: mux listener channel 0 fd 4\r\ndebug2: fd 3 setting TCP_NODELAY\r\ndebug3: ssh_packet_set_tos: set IP_TOS 0x08\r\ndebug1: control_persist_detach: backgrounding master process\r\ndebug2: control_persist_detach: background process is 17612\r\ndebug2: fd 4 setting O_NONBLOCK\r\ndebug1: forking to background\r\ndebug1: Entering interactive session.\r\ndebug1: pledge: id\r\ndebug2: set_control_persist_exit_time: schedule exit in 60 seconds\r\ndebug1: multiplexing control connection\r\ndebug2: fd 5 setting O_NONBLOCK\r\ndebug3: fd 5 is O_NONBLOCK\r\ndebug1: channel 1: new [mux-control]\r\ndebug3: channel_post_mux_listener: new mux channel 1 fd 5\r\ndebug3: mux_master_read_cb: channel 1: hello sent\r\ndebug2: set_control_persist_exit_time: cancel scheduled exit\r\ndebug3: mux_master_read_cb: channel 1 packet type 0x00000001 len 4\r\ndebug2: process_mux_master_hello: channel 1 slave version 4\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_master_read_cb: channel 1 packet type 0x10000004 len 4\r\ndebug2: process_mux_alive_check: channel 1: alive check\r\ndebug3: mux_client_request_alive: done pid = 17614\r\ndebug3: mux_client_request_session: session request sent\r\ndebug3: mux_master_read_cb: channel 1 packet type 0x10000002 len 381\r\ndebug2: process_mux_new_session: channel 1: request tty 0, X 0, agent 0, subsys 0, term "xterm", cmd "/bin/sh -c \'( umask 77 && mkdir -p "` echo \\001Protocol error, doesn\'"\'"\'t start with scp!/.ansible/tmp/ansible-tmp-1565800866.89-171947226254301 `" && echo ansible-tmp-1565800866.89-171947226254301="` echo \\001Protocol error, doesn\'"\'"\'t start with scp!/.ansible/tmp/ansible-tmp-1565800866.89-171947226254301 `" ) && sleep 0\'", env 1\r\ndebug3: process_mux_new_session: got fds stdin 6, stdout 7, stderr 8\r\ndebug2: fd 7 setting O_NONBLOCK\r\ndebug2: fd 8 setting O_NONBLOCK\r\ndebug1: channel 2: new [client-session]\r\ndebug2: process_mux_new_session: channel_new: 2 linked to control channel 1\r\ndebug2: channel 2: send open\r\ndebug3: send packet: type 90\r\ndebug3: receive packet: type 91\r\ndebug2: callback start\r\ndebug2: client_session2_setup: id 2\r\ndebug1: Sending environment.\r\ndebug1: Sending env LANG = en_US.UTF-8\r\ndebug2: channel 2: request env confirm 0\r\ndebug3: send packet: type 98\r\ndebug1: Sending command: /bin/sh -c \'( umask 77 && mkdir -p "` echo \\001Protocol error, doesn\'"\'"\'t start with scp!/.ansible/tmp/ansible-tmp-1565800866.89-171947226254301 `" && echo ansible-tmp-1565800866.89-171947226254301="` echo \\001Protocol error, doesn\'"\'"\'t start with scp!/.ansible/tmp/ansible-tmp-1565800866.89-171947226254301 `" ) && sleep 0\'\r\ndebug2: channel 2: request exec confirm 1\r\ndebug3: send packet: type 98\r\ndebug3: mux_session_confirm: sending success reply\r\ndebug2: callback done\r\ndebug2: channel 2: open confirm rwindow 8192 rmax 8192\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug3: receive packet: type 99\r\ndebug2: channel_input_status_confirm: type 99 id 2\r\ndebug2: exec request accepted on channel 2\r\ndebug3: receive packet: type 1\r\nReceived disconnect from 76.81.200.163 port 30010:2: Bad string Length\r\nDisconnected from 76.81.200.163 port 30010\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Control master terminated unexpectedly\r\n')
fatal: [E10]: UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g  1 Mar 2016\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: Applying options for *\r\ndebug3: kex names ok: [diffie-hellman-group1-sha1]\r\ndebug1: auto-mux: Trying existing master\r\ndebug1: Control socket \"/home/aws/.ansible/cp/fe4276fa4d\" does not exist\r\ndebug2: resolving \"76.81.200.163\" port 30010\r\ndebug2: ssh_connect_direct: needpriv 0\r\ndebug1: Connecting to 76.81.200.163 [76.81.200.163] port 30010.\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug1: fd 3 clearing O_NONBLOCK\r\ndebug1: Connection established.\r\ndebug3: timeout: 9931 ms remain after connect\r\ndebug1: permanently_set_uid: 0/0\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /root/.ssh/id_dsa type -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /root/.ssh/id_dsa-cert type -1\r\ndebug1: Enabling compatibility mode for protocol 2.0\r\ndebug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8\r\ndebug1: Remote protocol version 2.0, remote software version RomSShell_5.40\r\ndebug1: no match: RomSShell_5.40\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug1: Authenticating to 76.81.200.163:30010 as 'MyUserName'\r\ndebug3: put_host_port: [76.81.200.163]:30010\r\ndebug3: hostkeys_foreach: reading file \"/root/.ssh/known_hosts\"\r\ndebug3: record_hostkey: found key type RSA in file /root/.ssh/known_hosts:16\r\ndebug3: load_hostkeys: loaded 1 keys from [76.81.200.163]:30010\r\ndebug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa\r\ndebug3: send packet: type 20\r\ndebug1: SSH2_MSG_KEXINIT sent\r\ndebug3: receive packet: type 20\r\ndebug1: SSH2_MSG_KEXINIT received\r\ndebug2: local client KEXINIT proposal\r\ndebug2: KEX algorithms: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c\r\ndebug2: host key algorithms: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519\r\ndebug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc\r\ndebug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc\r\ndebug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: compression ctos: zlib@openssh.com,zlib,none\r\ndebug2: compression stoc: zlib@openssh.com,zlib,none\r\ndebug2: languages ctos: \r\ndebug2: languages stoc: \r\ndebug2: first_kex_follows 0 \r\ndebug2: reserved 0 \r\ndebug2: peer server KEXINIT proposal\r\ndebug2: KEX algorithms: diffie-hellman-group14-sha1,diffie-hellman-group1-sha1\r\ndebug2: host key algorithms: ssh-rsa\r\ndebug2: ciphers ctos: aes256-cbc,aes192-cbc,aes128-cbc,aes256-ctr,aes192-ctr,aes128-ctr,3des-cbc\r\ndebug2: ciphers stoc: aes256-cbc,aes192-cbc,aes128-cbc,aes256-ctr,aes192-ctr,aes128-ctr,3des-cbc\r\ndebug2: MACs ctos: hmac-sha1\r\ndebug2: MACs stoc: hmac-sha1\r\ndebug2: compression ctos: none\r\ndebug2: compression stoc: none\r\ndebug2: languages ctos: \r\ndebug2: languages stoc: \r\ndebug2: first_kex_follows 0 \r\ndebug2: reserved 0 \r\ndebug1: kex: algorithm: diffie-hellman-group14-sha1\r\ndebug1: kex: host key algorithm: ssh-rsa\r\ndebug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha1 compression: none\r\ndebug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha1 compression: none\r\ndebug1: sending SSH2_MSG_KEXDH_INIT\r\ndebug2: bits set: 991/2048\r\ndebug3: send packet: type 30\r\ndebug1: expecting SSH2_MSG_KEXDH_REPLY\r\ndebug3: receive packet: type 31\r\ndebug1: Server host key: ssh-rsa SHA256:MPoSxa389tZ42pQuBeYhXnkud6aQRtnmpDcaT9SR7WQ\r\ndebug3: put_host_port: [76.81.200.163]:30010\r\ndebug3: put_host_port: [76.81.200.163]:30010\r\ndebug3: hostkeys_foreach: reading file \"/root/.ssh/known_hosts\"\r\ndebug3: record_hostkey: found key type RSA in file /root/.ssh/known_hosts:16\r\ndebug3: load_hostkeys: loaded 1 keys from [76.81.200.163]:30010\r\ndebug3: hostkeys_foreach: reading file \"/root/.ssh/known_hosts\"\r\ndebug3: record_hostkey: found key type RSA in file /root/.ssh/known_hosts:16\r\ndebug3: load_hostkeys: loaded 1 keys from [76.81.200.163]:30010\r\ndebug1: Host '[76.81.200.163]:30010' is known and matches the RSA host key.\r\ndebug1: Found key in /root/.ssh/known_hosts:16\r\ndebug2: bits set: 1036/2048\r\ndebug3: send packet: type 21\r\ndebug2: set_newkeys: mode 1\r\ndebug1: rekey after 4294967296 blocks\r\ndebug1: SSH2_MSG_NEWKEYS sent\r\ndebug1: expecting SSH2_MSG_NEWKEYS\r\ndebug3: receive packet: type 21\r\ndebug1: SSH2_MSG_NEWKEYS received\r\ndebug2: set_newkeys: mode 0\r\ndebug1: rekey after 4294967296 blocks\r\ndebug2: key: /root/.ssh/id_dsa ((nil))\r\ndebug3: send packet: type 5\r\ndebug3: receive packet: type 6\r\ndebug2: service_accept: ssh-userauth\r\ndebug1: SSH2_MSG_SERVICE_ACCEPT received\r\ndebug3: send packet: type 50\r\ndebug3: receive packet: type 51\r\ndebug1: Authentications that can continue: publickey,password,keyboard-interactive\r\ndebug3: start over, passed a different list publickey,password,keyboard-interactive\r\ndebug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password\r\ndebug3: authmethod_lookup publickey\r\ndebug3: remaining preferred: keyboard-interactive,password\r\ndebug3: authmethod_is_enabled publickey\r\ndebug1: Next authentication method: publickey\r\ndebug1: Trying private key: /root/.ssh/id_dsa\r\ndebug3: no such identity: /root/.ssh/id_dsa: No such file or directory\r\ndebug2: we did not send a packet, disable method\r\ndebug3: authmethod_lookup keyboard-interactive\r\ndebug3: remaining preferred: password\r\ndebug3: authmethod_is_enabled keyboard-interactive\r\ndebug1: Next authentication method: keyboard-interactive\r\ndebug2: userauth_kbdint\r\ndebug3: send packet: type 50\r\ndebug2: we sent a keyboard-interactive packet, wait for reply\r\ndebug3: receive packet: type 60\r\ndebug2: input_userauth_info_req\r\ndebug2: input_userauth_info_req: num_prompts 1\r\ndebug3: send packet: type 61\r\ndebug3: receive packet: type 52\r\ndebug1: Authentication succeeded (keyboard-interactive).\r\nAuthenticated to 76.81.200.163 ([76.81.200.163]:30010).\r\ndebug1: setting up multiplex master socket\r\ndebug3: muxserver_listen: temporary control path /home/aws/.ansible/cp/fe4276fa4d.TXOAtXG8SQgQI5BF\r\ndebug2: fd 4 setting O_NONBLOCK\r\ndebug3: fd 4 is O_NONBLOCK\r\ndebug3: fd 4 is O_NONBLOCK\r\ndebug1: channel 0: new [/home/aws/.ansible/cp/fe4276fa4d]\r\ndebug3: muxserver_listen: mux listener channel 0 fd 4\r\ndebug2: fd 3 setting TCP_NODELAY\r\ndebug3: ssh_packet_set_tos: set IP_TOS 0x08\r\ndebug1: control_persist_detach: backgrounding master process\r\ndebug2: control_persist_detach: background process is 17612\r\ndebug2: fd 4 setting O_NONBLOCK\r\ndebug1: forking to background\r\ndebug1: Entering interactive session.\r\ndebug1: pledge: id\r\ndebug2: set_control_persist_exit_time: schedule exit in 60 seconds\r\ndebug1: multiplexing control connection\r\ndebug2: fd 5 setting O_NONBLOCK\r\ndebug3: fd 5 is O_NONBLOCK\r\ndebug1: channel 1: new [mux-control]\r\ndebug3: channel_post_mux_listener: new mux channel 1 fd 5\r\ndebug3: mux_master_read_cb: channel 1: hello sent\r\ndebug2: set_control_persist_exit_time: cancel scheduled exit\r\ndebug3: mux_master_read_cb: channel 1 packet type 0x00000001 len 4\r\ndebug2: process_mux_master_hello: channel 1 slave version 4\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_master_read_cb: channel 1 packet type 0x10000004 len 4\r\ndebug2: process_mux_alive_check: channel 1: alive check\r\ndebug3: mux_client_request_alive: done pid = 17614\r\ndebug3: mux_client_request_session: session request sent\r\ndebug3: mux_master_read_cb: channel 1 packet type 0x10000002 len 381\r\ndebug2: process_mux_new_session: channel 1: request tty 0, X 0, agent 0, subsys 0, term \"xterm\", cmd \"/bin/sh -c '( umask 77 && mkdir -p \"` echo \\001Protocol error, doesn'\"'\"'t start with scp!/.ansible/tmp/ansible-tmp-1565800866.89-171947226254301 `\" && echo ansible-tmp-1565800866.89-171947226254301=\"` echo \\001Protocol error, doesn'\"'\"'t start with scp!/.ansible/tmp/ansible-tmp-1565800866.89-171947226254301 `\" ) && sleep 0'\", env 1\r\ndebug3: process_mux_new_session: got fds stdin 6, stdout 7, stderr 8\r\ndebug2: fd 7 setting O_NONBLOCK\r\ndebug2: fd 8 setting O_NONBLOCK\r\ndebug1: channel 2: new [client-session]\r\ndebug2: process_mux_new_session: channel_new: 2 linked to control channel 1\r\ndebug2: channel 2: send open\r\ndebug3: send packet: type 90\r\ndebug3: receive packet: type 91\r\ndebug2: callback start\r\ndebug2: client_session2_setup: id 2\r\ndebug1: Sending environment.\r\ndebug1: Sending env LANG = en_US.UTF-8\r\ndebug2: channel 2: request env confirm 0\r\ndebug3: send packet: type 98\r\ndebug1: Sending command: /bin/sh -c '( umask 77 && mkdir -p \"` echo \\001Protocol error, doesn'\"'\"'t start with scp!/.ansible/tmp/ansible-tmp-1565800866.89-171947226254301 `\" && echo ansible-tmp-1565800866.89-171947226254301=\"` echo \\001Protocol error, doesn'\"'\"'t start with scp!/.ansible/tmp/ansible-tmp-1565800866.89-171947226254301 `\" ) && sleep 0'\r\ndebug2: channel 2: request exec confirm 1\r\ndebug3: send packet: type 98\r\ndebug3: mux_session_confirm: sending success reply\r\ndebug2: callback done\r\ndebug2: channel 2: open confirm rwindow 8192 rmax 8192\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug3: receive packet: type 99\r\ndebug2: channel_input_status_confirm: type 99 id 2\r\ndebug2: exec request accepted on channel 2\r\ndebug3: receive packet: type 1\r\nReceived disconnect from 76.81.200.163 port 30010:2: Bad string Length\r\nDisconnected from 76.81.200.163 port 30010\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Control master terminated unexpectedly",
    "unreachable": true
}

为用户MyUserName建立SSH连接
SSH:ansible.cfg设置SSH_参数:(-C)(-o)(ControlMaster=auto)(-o)(ControlPersist=60s)
SSH:ANSIBLE\u HOST\u KEY\u CHECKING/HOST\u KEY\u CHECKING已禁用:(-o)(StrictHostKeyChecking=no)
SSH:ANSIBLE_远程_端口/远程_端口/ANSIBLE_端口集:(-o)(端口=30014)
SSH:ANSIBLE\u REMOTE\u USER/REMOTE\u USER/ANSIBLE\u USER/USER/-u set:(-o)(USER=“MyUserName”)
SSH:ANSIBLE_超时/超时设置:(-o)(ConnectTimeout=10)
SSH:PlayContext集SSH\u公共参数:()
SSH:PlayContext集SSH\u额外参数:()
SSH:仅找到ControlPersist;添加的控制路径:(-o)(控制路径=/home/aws/.ansible/cp/7fcd09f0)
SSH:EXEC sshpass-d10 SSH-vvv-C-o ControlMaster=auto-o ControlPersist=60s-o StrictHostKeyChecking=no-o Port=30014-o'User=“MyUserName”'-o ConnectTimeout=10-o ControlPath=/home/aws/.ansible/cp/7fcfcfcfcd09f0 76.81.200.163'/bin/sh-C''echo~MyUserName&&sleep 0''
(255),,'OpenSSH_7.2p2 Ubuntu-4ubuntu2.8,OpenSSL 1.0.2g 2016年3月1日\r\nDBUG1:读取配置数据/etc/ssh/ssh_config\r\nDBUG1:/etc/ssh/ssh_config第19行:为*\r\nDBUG3:kex名称应用选项确定:[diffie-hellman-group1-sha1]\r\nDBUG1:自动mux:尝试现有主\r\nDBUG1:控制套接字”/home/aws/.ansible/cp/fe4276fa4d“不存在\r\n错误2:解析“76.81.200.163”端口30010\r\n错误2:ssh\u connect\u direct:needpriv 0\r\n错误1:连接到76.81.200.163[76.81.200.163]端口30010。\r\ndebug2:fd 3设置O\u非块\r\ndebug1:fd 3清除O\u非块\r\ndebug1:建立连接。\r\ndebug3:超时:连接后剩余9931毫秒\r\ndebug1:永久\r\n设置\u uid:0/0\r\ndebug1:密钥加载\r\ndebug1:无此类文件或目录\r\n标识文件/root/.ssh/id\ndebug1:dsa type-1:密钥加载\r\n公共:无此类文件或目录\r\ndebug1:标识文件/root/.ssh/id\u dsa-cert类型-1\r\ndebug1:启用协议2.0的兼容模式\r\ndebug1:本地版本字符串ssh-2.0-OpenSSH\u 7.2p2 Ubuntu-4ubuntu2.8\r\ndebug1:远程协议版本2.0,远程软件版本Romshell\u 5.40\r\ndebug1:不匹配:Romshell\u 5.40\r\ndebug2:fd 3设置O\r\n块\ndebug1:以“我的用户名”身份验证到76.81.200.163:30010\r\ndebug3:放置主机\u端口:[76.81.200.163]:30010\r\ndebug3:主机密钥\u foreach:读取文件“/root/.ssh/known\u hosts”\r\ndebug3:记录\u主机密钥:在文件/root/.ssh/known\u hosts:16\r\ndebug3:加载主机密钥:从[76.81.200.163]加载1个密钥:30010\r\n错误3:顺序\u hostkeyalgs:首选hostkeyalgs:ssh rsa证书-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh rsa\r\ndebug3:发送数据包:类型20\r\ndebug1:SSH2\u MSG\u KEXINIT发送\r\ndebug3:接收数据包:类型20\r\ndebug1:SSH2\u MSG\u KEXINIT接收\r\ndebug2:本地客户端KEXINIT建议\r\ndebug2:KEX算法:Curve2519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c\r\ndebug2:主机密钥算法:ssh rsa证书-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384证书-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519\r\n错误2:密码ctos:CHACHACHA20-poly1305@openssh.com,aes128中心,aes192中心,aes256中心,aes128-gcm@openssh.com,aes256-gcm@openssh.com、aes128 cbc、aes192 cbc、aes256 cbc、3des cbc\r\n错误2:密码stoc:chacha20-poly1305@openssh.com,aes128中心,aes192中心,aes256中心,aes128-gcm@openssh.com,aes256-gcm@openssh.com、aes128 cbc、aes192 cbc、aes256 cbc、3des cbc\r\n故障2:MACs CTO:umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\n数据库2:MACs stoc:umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\n错误2:压缩CTO:zlib@openssh.com,zlib、 无\r\n错误2:压缩stoc:zlib@openssh.com,zlib,none\r\ndebug2:语言CTO:\r\ndebug2:语言stoc:\r\ndebug2:第一个\r\ndebug2:后面跟着0\r\ndebug2:保留的0\r\ndebug2:对等服务器KEXINIT提案\r\ndebug2:kex算法:diffie-hellman-group14-sha1,diffie-hellman-group1-sha1\r\ndebug2:主机密钥算法:ssh rsa\r\ndebug2:ciphers CTO:aes256 cbc、aes192 cbc、aes128 cbc、aes256 ctr、aes192 ctr、aes128 ctr、3des cbc\r\ndebug2:密码stoc:aes256 cbc、aes192 cbc、aes256 ctr、aes192 ctr、aes128 ctr、3des cbc\r\ndebug2:MACs CTO:hmac-sha1\r\ndebug2:MACs stoc:hmac-sha1\r\ndebug2:compression CTO:none\r\r\ndebug2:compression stoc:none\r\r\ndebug2:none\r\ndebug2:语言:\r\n\第二名:洛杉矶

---
- hosts: test
  #gather_facts: no
  vars:
    ansible_network_os: icx
    ansible_connection: network_cli
    ansible_become: True
    ansible_become_method: enable
    ansible_command_timeout: 60

  tasks:
  - name: Check for Legacy AAA
    icx_config:
      lines:
        - radius-client coa host 52.39.117.1 key 2 $Zl5ucm5nUGlebi0=
        - radius-server host 52.41.63.155 auth-port 1812 acct-port 1813 default key 2 $Zl5ucm5nUGlebi0= dot1x mac-auth web-auth
    check_mode: True