ssh - AWX 到跳转主机:横幅交换期间连接超时
问题描述
我正在尝试使用跳转/堡垒主机连接到私有子网中的其他主机。我收到以下错误:
{
"msg": "Failed to connect to the host via ssh: OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 58: Applying options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug1: Control socket \"/tmp/awx_50_8n6bocmz/cp/1f25cf0a60\" does not exist\r\ndebug1: Executing proxy command: exec ssh -W 10.0.15.63:8888 -q user@123.123.989.4\r\ndebug3: timeout: 10000 ms remain after connect\r\ndebug1: permanently_set_uid: 0/0\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /root/.ssh/id_rsa type -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /root/.ssh/id_rsa-cert type -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /root/.ssh/id_dsa type -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /root/.ssh/id_dsa-cert type -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /root/.ssh/id_ecdsa type -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /root/.ssh/id_ecdsa-cert type -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /root/.ssh/id_ed25519 type -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /root/.ssh/id_ed25519-cert type -1\r\ndebug1: Enabling compatibility mode for protocol 2.0\r\ndebug1: Local version string SSH-2.0-OpenSSH_7.4\r\ndebug1: permanently_drop_suid: 0\r\nConnection timed out during banner exchange",
"unreachable": true,
"changed": false
}
我正在尝试通过堡垒连接到主机。我正在使用 AWX/Ansible Tower。
CentOS 7 AWX 6.1.0 Ansible 2.8
这是我当前的配置:
ansible_connection: ssh
ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q user@123.123.989.4"'
ansible_ssh_port: 8888
ansible_user: user
host_key_checking: false
pipelining: true
跳转主机 ssh 密钥也已添加到 awx 并用于作业模板,但是我仍然无法创建 ssh 隧道以通过跳转主机访问私有子网中的主机。
这可能是我想念的一些简单的东西,但我就是看不到它!提前感谢您的帮助!
解决方案
尝试创建一个隧道。
打开外壳并运行:
ssh -f -N -D 1085 -o TCPKeepAlive=yes -o ServerAliveInterval=60 user@123.123.989.4:8888
更改yaml文件后如下:
ansible_ssh_common_args: -o ProxyCommand="/bin/nc -x 127.0.0.1:1085 %h %p"
并重新尝试运行 ansible-playbook
推荐阅读
- java - 由于依赖于 postgres 容器,spring boot 容器没有运行
- python - 在没有内置函数的情况下确定列表是升序、降序还是两者都不是
- python - 如何使用 plt.figure 和 add_subplot 放大 seaborn boxplot?
- javascript - Axios POST 解析为未定义
- dataframe - 根据条件在另一个数据框中添加一个数据框作为新列
- excel - 如何删除电子表格中的重复行
- tsql - Powershell:我需要帮助来修改冗长的 SQL 脚本文件
- excel - 如何根据 Excel 中会计日历的日期值向上移动 1 行?
- kubernetes - kubernetes api 服务器显示在 prometheus (kube-state-metrics) --"forbidden: User \"system:anonymous\" cannot get path \"/metrics\"",
- laravel - 在laravel中将Excel导入数据库?