Got it
Huawei Enterprise Support Community
Community Forums Access Network
MDU Cannot Login with Ans...

MDU Cannot Login with Ansible SSH

Created: Oct 30, 2019 12:02:31Latest reply: Oct 31, 2019 08:49:56 1328 6 0 0 0
  HiCoins as reward: 1 (problem unresolved)
View the author 1#

Hi friend.

I have the following configuration, please help me see if there is any problem.


  • From the bash 


espl@ansible:~$ ssh root@10.11.104.2
Unable to negotiate with 10.11.104.2 port 22: no matching cipher found. Their  offer: aes128-cbc,blowfish-cbc,3des-cbc,des-cbc

Resolution:

Add the following lines into ~/.ssh/config


Host *
  SendEnv LANG LC_*
  Ciphers +aes128-cbc
  KexAlgorithms +diffie-hellman-group1-sha1


  • From ansible 


root@ansible:/etc/ansible# ansible gpon -m command -a 'echo hello'
mdu | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: Unable to negotiate with  10.11.104.2 port 22: no matching cipher found. Their offer:  aes128-cbc,blowfish-cbc,3des-cbc,des-cbc\r\n",
    "unreachable": true
}


  • mdu info


mdu>display version
{ <cr>|backplane<K>|frameid/slotid<S><Length 1-15> }:
  Command:
          display version
  VERSION : MA5626V800R312C00
  PATCH   : SPC200 SPH210 HP2110
  PRODUCT : MA5626


Anyone can help? 

Much appreciated!

Other Series

Like (0) Dislike (0) Favorite(0) Share Report
Previous: Huawei OLT / envio de notificaciones a un server remoto.
Next: How to Configure the DHCP Option 60
Featured Answers

Recommended answer

(0) (0)
GongXiaochuan
Created Oct 30, 2019 12:10:44

hi, need add the SSH config, refer to below link

https://support.huawei.com/hedex/hdx.do?docid=EDOC1000020227&id=GUID6221702E-4EB4-48CA-A791-4157966073DE&text=ssh%252520user%252520authentication-type&lang=en
View more
  • x
  • convention:
All Answers
(0) (0)
2#
GongXiaochuan
GongXiaochuan Created Oct 30, 2019 12:10:44

hi, need add the SSH config, refer to below link

https://support.huawei.com/hedex/hdx.do?docid=EDOC1000020227&id=GUID6221702E-4EB4-48CA-A791-4157966073DE&text=ssh%252520user%252520authentication-type&lang=en
View more
  • x
  • convention:
(0) (0)
3#
JohnLee
JohnLee Created Oct 31, 2019 02:39:30

I did tried the steps but still can't login with ansible command, although can login with shell ssh and telnet


espl@ansible:~$ ansible mdu -m ping -vvv

ansible 2.5.1

  config file = /etc/ansible/ansible.cfg

  configured module search path = [u'/home/espl/.ansible/plugins/modules',  u'/usr/share/ansible/plugins/modules']

  ansible python module location = /usr/lib/python2.7/dist-packages/ansible

  executable location = /usr/bin/ansible

  python version = 2.7.15+ (default, Oct  7 2019, 17:39:04) [GCC 7.4.0]

Using /etc/ansible/ansible.cfg as config file

Parsed /etc/ansible/hosts inventory source with ini plugin

META: ran handlers

Using module file  /usr/lib/python2.7/dist-packages/ansible/modules/system/ping.py

<10.11.104.2> ESTABLISH SSH CONNECTION FOR USER: None

<10.11.104.2> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o  StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o  PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o  PasswordAuthentication=no -o ConnectTimeout=10 -o  ControlPath=/home/espl/.ansible/cp/aae9981b13 10.11.104.2 '/bin/sh -c '"'"'echo  ~ && sleep 0'"'"''

<10.11.104.2> (255, '', 'espl@10.11.104.2: Permission denied  (publickey,password).\r\n')

10.11.104.2 | UNREACHABLE! => {

    "changed": false,

    "msg": "Failed to connect to the host via ssh: espl@10.11.104.2: Permission  denied (publickey,password).\r\n",

    "unreachable": true

}

espl@ansible:~$ ansible gpon -m ping -vvv

ansible 2.5.1

  config file = /etc/ansible/ansible.cfg

  configured module search path = [u'/home/espl/.ansible/plugins/modules',  u'/usr/share/ansible/plugins/modules']

  ansible python module location = /usr/lib/python2.7/dist-packages/ansible

  executable location = /usr/bin/ansible

  python version = 2.7.15+ (default, Oct  7 2019, 17:39:04) [GCC 7.4.0]

Using /etc/ansible/ansible.cfg as config file

Parsed /etc/ansible/hosts inventory source with ini plugin

META: ran handlers

Using module file  /usr/lib/python2.7/dist-packages/ansible/modules/system/ping.py

<10.11.104.2> ESTABLISH SSH CONNECTION FOR USER: root

<10.11.104.2> SSH: EXEC sshpass -d12 ssh -C -o ControlMaster=auto -o  ControlPersist=60s -o StrictHostKeyChecking=no -o User=root -o ConnectTimeout=10  -o ControlPath=/home/espl/.ansible/cp/2ed0b98104 10.11.104.2 '/bin/sh -c  '"'"'echo ~ && sleep 0'"'"''


View more
  • x
  • convention:
(0) (0)
4#
JohnLee
JohnLee Created Oct 31, 2019 03:27:06

@@GongXiaochuan
Thanks for your prompt response. I did tried the steps to setup the auth-type as password for root and all for user huawei.
Still get the error message. Much appreciated for your efforts.
View more
  • x
  • convention:
(0) (0)
5#
liqiang185
liqiang185 Admin Created Oct 31, 2019 06:59:12

Posted by JohnLee at 2019-10-31 03:27@@GongXiaochuan Thanks for your prompt response. I did tried the steps to setup the auth-type as pas ...

I recommend that you create the SSH user name and password using the solution provided by GongXiaochuan. 


Then do it the first time you show it:

11


And if you use third-party software for debugging configuration, we can't verify its correctness.

View more
  • x
  • convention:
(0) (0)
6#
JohnLee
JohnLee Created Oct 31, 2019 08:20:38

What I've done:
1, modify the /etc/ssh/ssh_config as
Ciphers aes128-cbc,3des-cbc
2, Use another user huawei to test
2.1 ssh huawei@Mdu OK
2.2 ansible mdu -m ping -vvv, will hang forever unless ctrl-c to interupt
root@ansible:~# ansible mdu -m ping -vvv
ansible 2.5.1
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/dist-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.15+ (default, Oct 7 2019, 17:39:04) [GCC 7.4.0]
Using /etc/ansible/ansible.cfg as config file
Parsed /etc/ansible/hosts inventory source with ini plugin
META: ran handlers
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/system/ping.py
<10.11.104.2> ESTABLISH SSH CONNECTION FOR USER: huawei
<10.11.104.2> SSH: EXEC sshpass -d12 ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o User=huawei -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/9850d987fb 10.11.104.2 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''

*My host file:
[mdu]
ma5626 ansible_ssh_host=10.11.104.2 ansible_ssh_user=huawei ansible_ssh_pass=ESPL888espl

View more
  • x
  • convention:
(0) (0)
7#
liqiang185
liqiang185 Admin Created Oct 31, 2019 08:49:56

You are using third-party software and we are unable to verify its correctness. Please contact the technical support staff of the third-party software for assistance.

22


View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.