SSH ProxyCommand 无法与 ansible_ssh_common_args 配合使用

SSH ProxyCommand 无法与 ansible_ssh_common_args 配合使用

我正在使用跳转盒(服务器 A)访问服务器 B。

根据 ansible 文档这里,我有以下内容:

ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q [email protected]"'

假设服务器 B 是:10.0.2.54

我跑:

ansible-playbook staging.yml -i staging_hosts --private-key=~/.ssh/mykeys.pem -vvvv

结果是:

fatal: [10.0.2.54]: UNREACHABLE! => {"changed": false, "msg": "All    items completed", "results":
[{"item": ["openssl"], "msg": "ERROR! SSH encountered an unknown error.
The output was:\nOpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011\ndebug1:
Reading configuration data /etc/ssh_config\r\ndebug1: /etc/ssh_config  line 20: Applying options for *\r\ndebug2:
ssh_connect: needpriv 0\r\ndebug1:
Executing proxy command: exec ssh -W 10.0.2.54:22 -q ec2- [email protected]\r\ndebug3:
timeout: 10000 ms remain after connect\r\ndebug3: Incorrect RSA1   identifier\r\ndebug3:
Could not load \"/Users/me/.ssh/mykeys.pem\" as a RSA1 public key\r\ndebug1:
permanently_drop_suid: 501\r\ndebug1: identity file    /Users/me/.ssh/mykeys.pem type -1\r\ndebug1:
identity file /Users/me/.ssh/mykeys.pem-cert type -1\r\ndebug1:
Enabling compatibility mode for protocol 2.0\r\ndebug1:
Local version string SSH-2.0-  OpenSSH_6.2\r\nssh_exchange_identification:
Connection closed by remote host\r\n", "unreachable": true}]}

答案1

您是否需要为跳转服务器 A 定义 SSH 密钥?如果是这种情况,请尝试将 SSH args 行更改为:

ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q -i <path_to_jumphost_keyfile> [email protected]"'

相关内容