Ansible linuxclients -m ping (problem with target machine LinuxMint)

Bit-10101

Member
Joined
Nov 30, 2021
Messages
52
Reaction score
8
Credits
442
I´ve installed everything by the book to start with Ansible, but when I´m trying to test ansible connection
with command:
ansible linuxclients -m ping
The target machine LinuxMint machine is unreachable
Labb
Rocky 8.5 - Controller
LinuxMint 20.3 - Target
RedHat 8 -Target

Host-file on Rocky:
[linuxclients] LinuxMint 123.458.78.910 RedHat 123.458.78.911

ansible linuxclients -m ping
Error message (Target Machine Redhat is giving error message on DNS name, maybe because none of the machines are domain joined?):
RedHat | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname redhat: Name or service not known", "unreachable": true } LinuxMint | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname linuxmint: Name or service not known", "unreachable": true } 123.458.78.910 | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: [email protected]: Permission denied (publickey,password).", "unreachable": true } Enter passphrase for key '/root/.ssh/id_rsa': 123.458.78.911| SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": false, "ping": "pong" }


I really appreciate your answer
:)
 
Last edited:


Ansible is trying to resolve those system through dns, which you don't seem to be using. So you have to add those systems in your ansible hosts file to your Ansible system's hosts file. So add these to your /etc/hosts file.
Code:
123.458.78.910 LinuxMint
123.458.78.911 RedHdat
Then try again.
 
Ansible is trying to resolve those system through dns, which you don't seem to be using. So you have to add those systems in your ansible hosts file to your Ansible system's hosts file. So add these to your /etc/hosts file.
Code:
123.458.78.910 LinuxMint
123.458.78.911 RedHdat
Then try again.
Ok, I deleted machine names and only kept ip-adresses:
Host-file:
[linuxclients] 123.458.78.910 123.458.78.911
I´m afraid it only got worse:
ansible linuxclients -m ping 123.458.78.910 | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: [email protected]: Permission denied (publickey,password).", "unreachable": true } 123.458.78.911 | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: [email protected]: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true }

Update 14:55:
If I run the command as root user instead of Rocky user, then the RedHat target machine answer. Im also
got the passphrase for key question:
ansible linuxclients -m ping Enter passphrase for key '/root/.ssh/id_rsa': 123.458.78.911 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": false, "ping": "pong" }
But LinuxMint machine - still the same problem:
123.458.78.910 | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: [email protected]: Permission denied (publickey,password).", "unreachable": true }
 
Last edited:
Does the user "Rocky" exist on the remote system?
 
Now user rocky is on all the target machines:
Rocky - hosts:
[linuxclients] 123.458.78.910 123.458.78.911

Rebooted every machine
ansible linuxclients -m ping LinuxMint | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname sv-linuxmint: Name or service not known", "unreachable": true } sv-RedHat | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname redhat: Name or service not known", "unreachable": true } 123.458.78.910 | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: [email protected]: Permission denied (publickey,password).", "unreachable": true } 123.458.78.911 | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: [email protected]: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true }

As everyone can see, the DNS name still exists, even if the hosts-file does not include DNS-name
Also, Enter passphrase for key is not present when I´m execute the commandansible linuxclients -m ping as rocky user instead as root user
 
Those names don't exist in the dns your using since it's not able to resolve them so it must be getting those name from somewhere else in your configuration or system setup. I did a quick setup to duplicate your situation.

Ansible setup on Ansible control system
Code:
[ansible@lx-rocky ~]$ grep ^11 /etc/hosts
11.22.13.10 lx-debian
11.22.13.11 lx-ubuntu
11.22.13.13 lx-mint
[ansible@lx-rocky ~]$ cat ansible-hosts
[linuxclients]
lx-debian
lx-ubuntu
lx-mint
Ansible test from the Ansible control system.
Code:
[ansible@lx-rocky ~]$ ansible -i ansible-hosts linuxclients -m ping

lx-debian | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}

lx-mint | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}

lx-ubuntu | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}
Lastly, as for authentication when using Ansible it's usually a smart idea to setup ssh-key authentication so you don't have to keep typing in a password for every host.
 
Last edited:
I´ve force Ansible to ask for the user password, run the ansible command with the –ask-pass argument, as follows:
ansible linuxclients -u rocky --ask-pass -m ping and it´worked, but still the DNS error remains the same::
ansible linuxclients -u rocky --ask-pass -m ping } RedHat | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname redhat: Name or service not known", "unreachable": true } LinuxMint | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname linuxmint: Name or service not known", "unreachable": true } [WARNING]: Platform linux on host 123.456.78.110 is using the discovered Python interpreter at /usr/bin/python3.8, but future installation of another Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible- core/2.12/reference_appendices/interpreter_discovery.html for more information. 123.456.78.110 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python3.8" }, "changed": false, "ping": "pong" } 123.456.78.111 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": false, "ping": "pong" } [Rocky@rocky ~]$

But it gets tricky if you have to force a password every time to make it work.
 
It's no different except that you have to enter a password.
Code:
[ansible@lx-rocky ~]$ ansible -i ansible-hosts linuxclients -u ansible --ask-pass -m ping
SSH password:

lx-mint | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}

lx-debian | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}
lx-ubuntu | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}
As mentioned before on the Ansible control node add your Ansible hosts to /etc/hosts:
Code:
123.458.78.910 linuxmint LinuxMint
123.458.78.911 redhat RedHdat
 
It's no different except that you have to enter a password.
Code:
[ansible@lx-rocky ~]$ ansible -i ansible-hosts linuxclients -u ansible --ask-pass -m ping
SSH password:

lx-mint | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}

lx-debian | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}
lx-ubuntu | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}
As mentioned before on the Ansible control node add your Ansible hosts to /etc/hosts:
Code:
123.458.78.910 linuxmint LinuxMint
123.458.78.911 redhat RedHdat
I´ve wonder if this is the problem:
It looks like I dont have a public key on my LinuxMint machine.
I´remember that I did the copy the ssh key from Rocky to LinuxMint
one more time (2 times) and also typed a passphrase, which I would not been done
So, now i dont really know what to do - please see below:
root@LinuxMint:/# cd home root@LinuxMint:/home# ls -l ~/.ssh total 4 -rw-r--r-- 1 root root 222 Feb 24 12:31 known_hosts root@LinuxMint:/home# cat ~/.ssh/authorized_keys cat: /root/.ssh/authorized_keys: No such file or directory
As everyone can see I´m only having this known_hosts
No
id_rsa
id_rsa.pub
Only known_hosts and this file is empty

On Rocky machine I can see this:
[root@rocky .ssh]# ls -la total 4 drwx------. 2 ansible ansible 25 Feb 24 16:53 . drwx------. 5 ansible ansible 141 Feb 25 14:25 .. -rw-r--r--. 1 ansible ansible 176 Feb 24 16:53 known_hosts [root@sv-rocky .ssh]# cd .ssh bash: cd: .ssh: No such file or directory [root@sv-rocky .ssh]# sudo nano known_hosts [root@sv-rocky .ssh]# cat ~/.ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQA...etc
 
Last edited:
The link I mentioned in my earlier post explains how to do that, but here you go since
Option 1:
1. On your Rock/Ansible system run: ssh-keygen
2. Copy that pubkey to your redhat linuxmint system:
- ssh-copy-id rocky@redhat
- ssh-copy-id rocky@linuxmint
3. Then you should be able to login with the rock user without on both system:
- ssh rocky@redhat
- ssh rocky@linuxmint

Option 2:
You can also manually copy it over on both client system.
1. Generate keypair: ssh-keygen
2. Copy the key from the following output which is on your rocky system: cat ~./.ssh/id_rsa.pub
2. Login to your client system:
- ssh rocky@redhat
- ssh rocky@linuxmint
3. Create the ssh directory on the client system: mkdir ~/.ssh && chmod 700 ~/.ssh
4. In ~/.ssh create a file with the name authorized_keys and past in your rocky publick key
5. Change the permissions of that file: chmod 600 ~/.ssh/authorized_keys
 
The link I mentioned in my earlier post explains how to do that, but here you go since
Option 1:
1. On your Rock/Ansible system run: ssh-keygen
2. Copy that pubkey to your redhat linuxmint system:
- ssh-copy-id rocky@redhat
- ssh-copy-id rocky@linuxmint
3. Then you should be able to login with the rock user without on both system:
- ssh rocky@redhat
- ssh rocky@linuxmint

Option 2:
You can also manually copy it over on both client system.
1. Generate keypair: ssh-keygen
2. Copy the key from the following output which is on your rocky system: cat ~./.ssh/id_rsa.pub
2. Login to your client system:
- ssh rocky@redhat
- ssh rocky@linuxmint
3. Create the ssh directory on the client system: mkdir ~/.ssh && chmod 700 ~/.ssh
4. In ~/.ssh create a file with the name authorized_keys and past in your rocky publick key
5. Change the permissions of that file: chmod 600 ~/.ssh/authorized_keys
I dont have any problem to run ssh rocky@targetIpaddress. The problem is when I´m execute:
ansible linuxclients -m ping
I´ve already copy SSH license file right from the start. Copy once again to target LinuxMint and Redhat maybe doing something corrupt? But I realize at the same time I is writing this answer - then I also have to see the public license file somewhere?
And the problem is that the only files that exist is this empty "known_hosts"
But anyway, I do the same thing all over again, but with option 2
:)
 
Well than your Ansible host is use the wrong dns server or else Ansible wouldn't come up with this message: "Could not resolve hostname".

Both options should work see below.
Code:
[ansible@lx-rocky ~]$ ls ~/.ssh/id_rsa.pub
/home/ansible/.ssh/id_rsa.pub
[ansible@lx-rocky ~]$ ssh-copy-id lx-debian
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/ansible/.ssh/id_rsa.pub"

ansible@lx-debian's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'lx-debian'"
and check to make sure that only the key(s) you wanted were added.

[ansible@lx-rocky ~]$ ssh lx-debian
Linux lx-debian 5.10.0-11-amd64 #1 SMP Debian 5.10.92-1 (2022-01-18) x86_64

ansible@lx-debian:~$ hostname
lx-debian
ansible@lx-debian:~$ whoami
ansible
I'm not going to explain it all again, you should have more than enough information in this topic to figure out the rest yourself. You didn't even bother to read the link to the page about sshkey authentication I shared when I first shared it. Otherwise I wouldn't have needed to write out the same information in steps for you which was shared on that page.
 
I´ve chosed do go with option1:
From Rocky To LInuxMint:

[root@rocky /]# ssh-copy-id [email protected] /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys [email protected]'s password: Permission denied, please try again. [email protected]'s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '[email protected]'" and check to make sure that only the key(s) you wanted were added. @[email protected]'s password: Permission denied, please try again. LinuxMint: [root@rocky /]# ssh [email protected] Enter passphrase for key '/root/.ssh/id_rsa': root@LinuxMint:~#
From Rocky To RedHat:
[/U] [root@Rocky /]# ssh-copy-id [email protected] /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed Enter passphrase for key '/root/.ssh/id_rsa': /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys Enter passphrase for key '/root/.ssh/id_rsa': Try to login [root@rocky /]# ssh [email protected] Enter passphrase for key '/root/.ssh/id_rsa': [root@Redhat ~]# [U]

It looks like I cant get rid of the passphrase?

Try to only type enter when but it insists I must have a passphrase.
I´ve not yet tested the ansible command:
ansible linuxclients -m ping
 
You´ve right I did not see this link in your post, now I see that there is actually a link - the blue color.
I apologize for not seeing that it was a link.
 
If it's asking for the passphrase of your sshkey pair, you will either have to setup an ssh-agent to get around that or to generate a keypair without passphrase.
 

Members online


Latest posts

Top