Long shot... did you ever figure out what the issue was? On Monday, February 25, 2019 at 10:56:25 AM UTC-5 pnotes wrote:
> According to the docs > <https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-configure-a-jump-host-to-access-servers-that-i-have-no-direct-access-to> > setting* ProxyCommand* in *ansible_ssh_command_args* will enable access > to private servers via a jump server. > > I am attempting to do this but keeping the error *Control socket > "/Users/pnotes/.ansible/cp/cfed83541a" does not exist.* > > My current setup is thus: > > ansible/test/inventory.ini > [all] > bastion-0 > private-server0 > > > > [bastions] > bastion-0 ansible_host=104.xxx.xx.xxx > > [private_servers] > private-server0 ansible_host=68.xxx.xxx.xxx > > ansible/test/host_vars/private-server0.yaml > --- > ansible_ssh_common_args: '-o ProxyCommand="ssh -o > StrictHostKeyChecking=no -W %h:%p -q root@bastion-ip-address"' > > the output of running playbook command with -vvvv: > task path: /Users/pnotes/Desktop/bastion-setup/ansible/common.yaml:2 > <68.xxx.xxx.xxx> ESTABLISH SSH CONNECTION FOR USER: root > <68.xxx.xxx.xxx> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o > ControlPersist=60s -o > 'IdentityFile="/Users/pnotes/.ssh/root_test_key_id_rsa"' -o > KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with- > mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o > User=root > -o ConnectTimeout=10 -o 'ProxyCommand=ssh -o StrictHostKeyChecking=no -W > %h:%p -q ro...@104.xxx.xx.xxx' -o > ControlPath=/Users/pnotes/.ansible/cp/cfed83541a > 68.xxx.xxx.xxx '/bin/sh -c '"'"'echo ~root && sleep 0'"'"'' > <68.xxx.xxx.xxx> (255, b'', b'OpenSSH_7.9p1, LibreSSL 2.7.3\r\ndebug1: > Reading configuration data /Users/pnotes/.ssh/config\r\ndebug1: Reading > configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line > 48: Applying options for *\r\ndebug2: resolve_canonicalize: hostname > 68.xxx.xxx.xxx is address\r\ndebug1: auto-mux: Trying existing > master\r\ndebug1: Control socket "/Users/pnotes/.ansible/cp/cfed83541a" > does not exist\r\ndebug1: Executing proxy command: exec ssh -o > StrictHostKeyChecking=no -W 68.xxx.xxx.xxx:22 -q > ro...@104.xxx.xx.xxx\r\ndebug3: timeout: 10000 ms remain after > connect\r\ndebug1: identity file /Users/pnotes/.ssh/root_test_key_id_rsa > type 0\r\ndebug1: identity file > /Users/pnotes/.ssh/root_test_key_id_rsa-cert type -1\r\ndebug1: Local > version string SSH-2.0-OpenSSH_7.9\r\nssh_exchange_identification: > Connection closed by remote host\r\n') > fatal: [test-docker-0]: UNREACHABLE! => { > "changed": false, > "msg": "Failed to connect to the host via ssh: OpenSSH_7.9p1, > LibreSSL 2.7.3\r\ndebug1: Reading configuration data > /Users/pnotes/.ssh/config\r\ndebug1: Reading configuration data > /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 48: Applying > options for *\r\ndebug2: resolve_canonicalize: hostname 68.xxx.xxx.xxx is > address\r\ndebug1: auto-mux: Trying existing master\r\ndebug1: Control > socket \"/Users/pnotes/.ansible/cp/cfed83541a\" does not exist\r\ndebug1: > Executing proxy command: exec ssh -o StrictHostKeyChecking=no -W > 68.xxx.xxx.xxx:22 -q ro...@104.xxx.xx.xxx\r\ndebug3: timeout: 10000 ms > remain after connect\r\ndebug1: identity file > /Users/pnotes/.ssh/root_test_key_id_rsa type 0\r\ndebug1: identity file > /Users/pnotes/.ssh/root_test_key_id_rsa-cert type -1\r\ndebug1: Local > version string SSH-2.0-OpenSSH_7.9\r\nssh_exchange_identification: > Connection closed by remote host\r\n", > "unreachable": true > } > > > I don't understand why this isn't working and would greatly appreciate an > explanation. Thank you. > > *Note: * > When I edit my personal ssh config file (~/.ssh/config) with the details > of the jump server and the private server, I am able to connect without a > problem. BUT I would rather not have to edit my personal ssh config file > for ansible controlled hosts (these are setup/torn-down numerous times for > testing, staging environments). > > -- You received this message because you are subscribed to the Google Groups "Ansible Development" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-devel/84e89f06-d3f4-48be-94b0-548c936afc7fn%40googlegroups.com.
