01-04-2022 09:30 AM
Hi I am using ansible to send command "show run" to switches. But the access is refused. It looks like the username and password for the switch are not in correct place of its command. If the username is test1 and password is test2 for these switched, what what command should be? Anyone can provide some suggestions? Thank you!
sudo nano hosts
[lab-hosts]
192.168.1.[11:12]
sudo nano ansible.cfg
[defaults]
inventory = ./hosts
host_key checking = false
timeout = 5
mkdir group_vars
cd /group_vars
sudo nano devices.yml
ansible_network_os: ios
ansible lab-hosts -m raw -a "show run" -u ansible -k | grep 'hostname\| system mtu'
SSH password:
[DEPRECATION WARNING]: The TRANSFORM_INVALID_GROUP_CHARS settings is set to allow bad characters in group names by default,
this will change, but still be user configurable on deprecation. This feature will be removed in version 2.10. Deprecation
warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
[WARNING]: Invalid characters were found in group names but not replaced, use -vvvv to see details
192.168.1.11 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: ssh: connect to host 192.168.1.11 port 22: Connection refused",
"unreachable": true
}
192.168.1.12 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: ssh: connect to host 192.168.1.12 port 22: Connection refused",
"unreachable": true
}
01-04-2022 12:35 PM
Hello,
Nothing looks inherently wrong with the Ansible command you're executing or your inventory file. One thing I would suggest is attempting to manually SSH into both hosts from your Ansible control node (that is, the Linux machine you're executing Ansible automation from) to validate whether your issue is with Ansible, or SSH connectivity to your network devices in general.
Specifically, the "connection refused" error message means that the network devices are listening for traffic on the SSH port, but did not "like" the SSH traffic it received. For example, an ACL might be blocking access to the network device on the ingress interface, management interface, or VTY line. Alternatively, SSH public/private keys may not be generated on the network devices, or SSH may not be configured correctly on the switch.
Either way, the first step in troubleshooting this issue is removing Ansible from the picture to see if your issues is with Ansible, or with SSH connectivity to your hosts.
I hope this helps - thank you!
-Christopher
01-05-2022 04:30 PM
Thank you Christopher! I am going to ask very common question since I am new to Ansible and Ubuntu. The Unbuntu is installed at Windows PC. The ansible is installed at the Unbuntu. The two switches can be accessed via ssh by each other, so that ssh is configured correctly at the two switches. Can you show the command to confirm Ubuntu/Ansible can access the two switched via ssh? Thank you!
02-08-2023 11:07 PM
Hi interfacedy,Christorfer
is this already reasolve? how did you resolved it?
I can ssh the device but using ansible this is the result
ansible all -i inventory -m ping
10.92.38.31 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: ssh: connect to host 10.92.38.31 port 22: Connection timed out",
"unreachable": true
}
10.92.38.32 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: ssh: connect to host 10.92.38.32 port 22: Connection timed out",
"unreachable": true
}
192.168.211.1 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: ssh: connect to host 192.168.211.1 port 22: Connection timed out",
"unreachable": true
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide