<div dir="ltr">ok i've done that and that speed things up a bit.<div>unfortunately it speeds it towards the next fail. witht he debug on I can the errors lists below.</div><div>I've double checked that I can ssh into the servers via kay and I'm following the note I made when I had this working at home so and dan :-(</div><div><br></div><div>error below</div><div><br></div><div><br></div><div><div>fatal: [10.0.100.37] => SSH encountered an unknown error. The output was:</div><div>OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014</div><div>debug1: Reading configuration data /etc/ssh/ssh_config</div><div>debug1: /etc/ssh/ssh_config line 19: Applying options for *</div><div>debug1: auto-mux: Trying existing master</div><div>debug1: Control socket "/home/administrator/.ansible/cp/ansible-ssh-10.0.100.37-22-administrator" does not exist</div><div>debug2: ssh_connect: needpriv 0</div><div>debug1: Connecting to 10.0.100.37 [10.0.100.37] port 22.</div><div>debug2: fd 3 setting O_NONBLOCK</div><div>debug1: fd 3 clearing O_NONBLOCK</div><div>debug1: Connection established.</div><div>debug3: timeout: 10000 ms remain after connect</div><div>debug1: permanently_set_uid: 0/0</div><div>debug1: identity file /root/.ssh/id_rsa type -1</div><div>debug1: identity file /root/.ssh/id_rsa-cert type -1</div><div>debug1: identity file /root/.ssh/id_dsa type -1</div><div>debug1: identity file /root/.ssh/id_dsa-cert type -1</div><div>debug1: identity file /root/.ssh/id_ecdsa type -1</div><div>debug1: identity file /root/.ssh/id_ecdsa-cert type -1</div><div>debug1: identity file /root/.ssh/id_ed25519 type -1</div><div>debug1: identity file /root/.ssh/id_ed25519-cert type -1</div><div>debug1: Enabling compatibility mode for protocol 2.0</div><div>debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2</div><div>debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2</div><div>debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 pat OpenSSH_6.6.1* compat 0x04000000</div><div>debug2: fd 3 setting O_NONBLOCK</div><div>debug3: load_hostkeys: loading entries for host "10.0.100.37" from file "/root/.ssh/known_hosts"</div><div>debug3: load_hostkeys: found key type ECDSA in file /root/.ssh/known_hosts:16</div><div>debug3: load_hostkeys: loaded 1 keys</div><div>debug3: order_hostkeyalgs: prefer hostkeyalgs: <a href="mailto:ecdsa-sha2-nistp256-cert-v01@openssh.com">ecdsa-sha2-nistp256-cert-v01@openssh.com</a>,<a href="mailto:ecdsa-sha2-nistp384-cert-v01@openssh.com">ecdsa-sha2-nistp384-cert-v01@openssh.com</a>,<a href="mailto:ecdsa-sha2-nistp521-cert-v01@openssh.com">ecdsa-sha2-nistp521-cert-v01@openssh.com</a>,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521</div><div>debug1: SSH2_MSG_KEXINIT sent</div><div>debug1: SSH2_MSG_KEXINIT received</div><div>debug2: kex_parse_kexinit: <a href="mailto:curve25519-sha256@libssh.org">curve25519-sha256@libssh.org</a>,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1</div><div>debug2: kex_parse_kexinit: <a href="mailto:ecdsa-sha2-nistp256-cert-v01@openssh.com">ecdsa-sha2-nistp256-cert-v01@openssh.com</a>,<a href="mailto:ecdsa-sha2-nistp384-cert-v01@openssh.com">ecdsa-sha2-nistp384-cert-v01@openssh.com</a>,<a href="mailto:ecdsa-sha2-nistp521-cert-v01@openssh.com">ecdsa-sha2-nistp521-cert-v01@openssh.com</a>,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,<a href="mailto:ssh-ed25519-cert-v01@openssh.com">ssh-ed25519-cert-v01@openssh.com</a>,<a href="mailto:ssh-rsa-cert-v01@openssh.com">ssh-rsa-cert-v01@openssh.com</a>,<a href="mailto:ssh-dss-cert-v01@openssh.com">ssh-dss-cert-v01@openssh.com</a>,<a href="mailto:ssh-rsa-cert-v00@openssh.com">ssh-rsa-cert-v00@openssh.com</a>,<a href="mailto:ssh-dss-cert-v00@openssh.com">ssh-dss-cert-v00@openssh.com</a>,ssh-ed25519,ssh-rsa,ssh-dss</div><div>debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,<a href="mailto:aes128-gcm@openssh.com">aes128-gcm@openssh.com</a>,<a href="mailto:aes256-gcm@openssh.com">aes256-gcm@openssh.com</a>,<a href="mailto:chacha20-poly1305@openssh.com">chacha20-poly1305@openssh.com</a>,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,<a href="mailto:rijndael-cbc@lysator.liu.se">rijndael-cbc@lysator.liu.se</a></div><div>debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,<a href="mailto:aes128-gcm@openssh.com">aes128-gcm@openssh.com</a>,<a href="mailto:aes256-gcm@openssh.com">aes256-gcm@openssh.com</a>,<a href="mailto:chacha20-poly1305@openssh.com">chacha20-poly1305@openssh.com</a>,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,<a href="mailto:rijndael-cbc@lysator.liu.se">rijndael-cbc@lysator.liu.se</a></div><div>debug2: kex_parse_kexinit: <a href="mailto:hmac-md5-etm@openssh.com">hmac-md5-etm@openssh.com</a>,<a href="mailto:hmac-sha1-etm@openssh.com">hmac-sha1-etm@openssh.com</a>,<a href="mailto:umac-64-etm@openssh.com">umac-64-etm@openssh.com</a>,<a href="mailto:umac-128-etm@openssh.com">umac-128-etm@openssh.com</a>,<a href="mailto:hmac-sha2-256-etm@openssh.com">hmac-sha2-256-etm@openssh.com</a>,<a href="mailto:hmac-sha2-512-etm@openssh.com">hmac-sha2-512-etm@openssh.com</a>,<a href="mailto:hmac-ripemd160-etm@openssh.com">hmac-ripemd160-etm@openssh.com</a>,<a href="mailto:hmac-sha1-96-etm@openssh.com">hmac-sha1-96-etm@openssh.com</a>,<a href="mailto:hmac-md5-96-etm@openssh.com">hmac-md5-96-etm@openssh.com</a>,hmac-md5,hmac-sha1,<a href="mailto:umac-64@openssh.com">umac-64@openssh.com</a>,<a href="mailto:umac-128@openssh.com">umac-128@openssh.com</a>,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,<a href="mailto:hmac-ripemd160@openssh.com">hmac-ripemd160@openssh.com</a>,hmac-sha1-96,hmac-md5-96</div><div>debug2: kex_parse_kexinit: <a href="mailto:hmac-md5-etm@openssh.com">hmac-md5-etm@openssh.com</a>,<a href="mailto:hmac-sha1-etm@openssh.com">hmac-sha1-etm@openssh.com</a>,<a href="mailto:umac-64-etm@openssh.com">umac-64-etm@openssh.com</a>,<a href="mailto:umac-128-etm@openssh.com">umac-128-etm@openssh.com</a>,<a href="mailto:hmac-sha2-256-etm@openssh.com">hmac-sha2-256-etm@openssh.com</a>,<a href="mailto:hmac-sha2-512-etm@openssh.com">hmac-sha2-512-etm@openssh.com</a>,<a href="mailto:hmac-ripemd160-etm@openssh.com">hmac-ripemd160-etm@openssh.com</a>,<a href="mailto:hmac-sha1-96-etm@openssh.com">hmac-sha1-96-etm@openssh.com</a>,<a href="mailto:hmac-md5-96-etm@openssh.com">hmac-md5-96-etm@openssh.com</a>,hmac-md5,hmac-sha1,<a href="mailto:umac-64@openssh.com">umac-64@openssh.com</a>,<a href="mailto:umac-128@openssh.com">umac-128@openssh.com</a>,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,<a href="mailto:hmac-ripemd160@openssh.com">hmac-ripemd160@openssh.com</a>,hmac-sha1-96,hmac-md5-96</div><div>debug2: kex_parse_kexinit: <a href="mailto:zlib@openssh.com">zlib@openssh.com</a>,zlib,none</div><div>debug2: kex_parse_kexinit: <a href="mailto:zlib@openssh.com">zlib@openssh.com</a>,zlib,none</div><div>debug2: kex_parse_kexinit:</div><div>debug2: kex_parse_kexinit:</div><div>debug2: kex_parse_kexinit: first_kex_follows 0</div><div>debug2: kex_parse_kexinit: reserved 0</div><div>debug2: kex_parse_kexinit: <a href="mailto:curve25519-sha256@libssh.org">curve25519-sha256@libssh.org</a>,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1</div><div>debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519</div><div>debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,<a href="mailto:aes128-gcm@openssh.com">aes128-gcm@openssh.com</a>,<a href="mailto:aes256-gcm@openssh.com">aes256-gcm@openssh.com</a>,<a href="mailto:chacha20-poly1305@openssh.com">chacha20-poly1305@openssh.com</a>,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,<a href="mailto:rijndael-cbc@lysator.liu.se">rijndael-cbc@lysator.liu.se</a></div><div>debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,<a href="mailto:aes128-gcm@openssh.com">aes128-gcm@openssh.com</a>,<a href="mailto:aes256-gcm@openssh.com">aes256-gcm@openssh.com</a>,<a href="mailto:chacha20-poly1305@openssh.com">chacha20-poly1305@openssh.com</a>,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,<a href="mailto:rijndael-cbc@lysator.liu.se">rijndael-cbc@lysator.liu.se</a></div><div>debug2: kex_parse_kexinit: <a href="mailto:hmac-md5-etm@openssh.com">hmac-md5-etm@openssh.com</a>,<a href="mailto:hmac-sha1-etm@openssh.com">hmac-sha1-etm@openssh.com</a>,<a href="mailto:umac-64-etm@openssh.com">umac-64-etm@openssh.com</a>,<a href="mailto:umac-128-etm@openssh.com">umac-128-etm@openssh.com</a>,<a href="mailto:hmac-sha2-256-etm@openssh.com">hmac-sha2-256-etm@openssh.com</a>,<a href="mailto:hmac-sha2-512-etm@openssh.com">hmac-sha2-512-etm@openssh.com</a>,<a href="mailto:hmac-ripemd160-etm@openssh.com">hmac-ripemd160-etm@openssh.com</a>,<a href="mailto:hmac-sha1-96-etm@openssh.com">hmac-sha1-96-etm@openssh.com</a>,<a href="mailto:hmac-md5-96-etm@openssh.com">hmac-md5-96-etm@openssh.com</a>,hmac-md5,hmac-sha1,<a href="mailto:umac-64@openssh.com">umac-64@openssh.com</a>,<a href="mailto:umac-128@openssh.com">umac-128@openssh.com</a>,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,<a href="mailto:hmac-ripemd160@openssh.com">hmac-ripemd160@openssh.com</a>,hmac-sha1-96,hmac-md5-96</div><div>debug2: kex_parse_kexinit: <a href="mailto:hmac-md5-etm@openssh.com">hmac-md5-etm@openssh.com</a>,<a href="mailto:hmac-sha1-etm@openssh.com">hmac-sha1-etm@openssh.com</a>,<a href="mailto:umac-64-etm@openssh.com">umac-64-etm@openssh.com</a>,<a href="mailto:umac-128-etm@openssh.com">umac-128-etm@openssh.com</a>,<a href="mailto:hmac-sha2-256-etm@openssh.com">hmac-sha2-256-etm@openssh.com</a>,<a href="mailto:hmac-sha2-512-etm@openssh.com">hmac-sha2-512-etm@openssh.com</a>,<a href="mailto:hmac-ripemd160-etm@openssh.com">hmac-ripemd160-etm@openssh.com</a>,<a href="mailto:hmac-sha1-96-etm@openssh.com">hmac-sha1-96-etm@openssh.com</a>,<a href="mailto:hmac-md5-96-etm@openssh.com">hmac-md5-96-etm@openssh.com</a>,hmac-md5,hmac-sha1,<a href="mailto:umac-64@openssh.com">umac-64@openssh.com</a>,<a href="mailto:umac-128@openssh.com">umac-128@openssh.com</a>,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,<a href="mailto:hmac-ripemd160@openssh.com">hmac-ripemd160@openssh.com</a>,hmac-sha1-96,hmac-md5-96</div><div>debug2: kex_parse_kexinit: none,<a href="mailto:zlib@openssh.com">zlib@openssh.com</a></div><div>debug2: kex_parse_kexinit: none,<a href="mailto:zlib@openssh.com">zlib@openssh.com</a></div><div>debug2: kex_parse_kexinit:</div><div>debug2: kex_parse_kexinit:</div><div>debug2: kex_parse_kexinit: first_kex_follows 0</div><div>debug2: kex_parse_kexinit: reserved 0</div><div>debug2: mac_setup: setup <a href="mailto:hmac-md5-etm@openssh.com">hmac-md5-etm@openssh.com</a></div><div>debug1: kex: server->client aes128-ctr <a href="mailto:hmac-md5-etm@openssh.com">hmac-md5-etm@openssh.com</a> <a href="mailto:zlib@openssh.com">zlib@openssh.com</a></div><div>debug2: mac_setup: setup <a href="mailto:hmac-md5-etm@openssh.com">hmac-md5-etm@openssh.com</a></div><div>debug1: kex: client->server aes128-ctr <a href="mailto:hmac-md5-etm@openssh.com">hmac-md5-etm@openssh.com</a> <a href="mailto:zlib@openssh.com">zlib@openssh.com</a></div><div>debug1: sending SSH2_MSG_KEX_ECDH_INIT</div><div>debug1: expecting SSH2_MSG_KEX_ECDH_REPLY</div><div>debug1: Server host key: ECDSA 10:cf:87:a2:ff:ff:ed:94:35:61:6b:04:64:c2:34:da</div><div>debug3: load_hostkeys: loading entries for host "10.0.100.37" from file "/root/.ssh/known_hosts"</div><div>debug3: load_hostkeys: found key type ECDSA in file /root/.ssh/known_hosts:16</div><div>debug3: load_hostkeys: loaded 1 keys</div><div>debug1: Host '10.0.100.37' is known and matches the ECDSA host key.</div><div>debug1: Found key in /root/.ssh/known_hosts:16</div><div>debug1: ssh_ecdsa_verify: signature correct</div><div>debug2: kex_derive_keys</div><div>debug2: set_newkeys: mode 1</div><div>debug1: SSH2_MSG_NEWKEYS sent</div><div>debug1: expecting SSH2_MSG_NEWKEYS</div><div>debug2: set_newkeys: mode 0</div><div>debug1: SSH2_MSG_NEWKEYS received</div><div>debug1: Roaming not allowed by server</div><div>debug1: SSH2_MSG_SERVICE_REQUEST sent</div><div>debug2: service_accept: ssh-userauth</div><div>debug1: SSH2_MSG_SERVICE_ACCEPT received</div><div>debug2: key: /root/.ssh/id_rsa ((nil)),</div><div>debug2: key: /root/.ssh/id_dsa ((nil)),</div><div>debug2: key: /root/.ssh/id_ecdsa ((nil)),</div><div>debug2: key: /root/.ssh/id_ed25519 ((nil)),</div><div>debug1: Authentications that can continue: publickey,password</div><div>debug3: start over, passed a different list publickey,password</div><div>debug3: preferred gssapi-with-mic,gssapi-keyex,hostbased,publickey</div><div>debug3: authmethod_lookup publickey</div><div>debug3: remaining preferred: ,gssapi-keyex,hostbased,publickey</div><div>debug3: authmethod_is_enabled publickey</div><div>debug1: Next authentication method: publickey</div><div>debug1: Trying private key: /root/.ssh/id_rsa</div><div>debug3: no such identity: /root/.ssh/id_rsa: No such file or directory</div><div>debug1: Trying private key: /root/.ssh/id_dsa</div><div>debug3: no such identity: /root/.ssh/id_dsa: No such file or directory</div><div>debug1: Trying private key: /root/.ssh/id_ecdsa</div><div>debug3: no such identity: /root/.ssh/id_ecdsa: No such file or directory</div><div>debug1: Trying private key: /root/.ssh/id_ed25519</div><div>debug3: no such identity: /root/.ssh/id_ed25519: No such file or directory</div><div>debug2: we did not send a packet, disable method</div><div>debug1: No more authentication methods to try.</div><div>Permission denied (publickey,password).</div></div><div><br></div><div><br></div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On 2 February 2015 at 19:53, Kevin Groves <span dir="ltr"><<a href="mailto:kgroves@cix.co.uk" target="_blank">kgroves@cix.co.uk</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>LOL I would suggest switching off that
host for system checks at run time. I've had it do something like
this myself and I think it comes down to the auto gather facts
failing due to some non-dependancy at the client end. You can turn
off the gather facts for all hosts (makes it run quicker - and
then only check hosts you want) or switch it off on a host basis.
Now you are going to ask how :-)<br>
<br>
Take a look here:<br>
<br>
<a href="http://docs.ansible.com/playbooks_variables.html#turning-off-facts" target="_blank">http://docs.ansible.com/playbooks_variables.html#turning-off-facts</a><br>
<br>
<pre>- hosts: whatever
gather_facts: no
That will switch it all off and what I would then do is run any specific fact gathering on a host by host basis, although tbh if you know your systems then you shouldn't really need to do this.
Kev,
</pre><div><div class="h5">
<br>
<br>
<br>
On 02/02/15 10:52, Dan Attwood wrote:<br>
</div></div></div>
<blockquote type="cite"><div><div class="h5">
<div dir="ltr">After Kevins talk at the last klug I've been having
another play with ansible.
<div><br>
</div>
<div>I've got my list of hosts set up and I've exported my ssh
key from my ansible server to them.</div>
<div><br>
</div>
<div>I can do:</div>
<div><br>
</div>
<div><br>
</div>
<div>ansible all -m ping vvvv </div>
<div><br>
</div>
<div>and they all ping and check fine.</div>
<div><br>
</div>
<div><br>
</div>
<div>when I run my playbook though (That checks for and applies
updates) it runs through the gathering facts section and then
just sits on the last host;</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>
<div>
<div><10.0.100.99> ESTABLISH CONNECTION FOR USER:
administrator</div>
<div><10.0.100.99> REMOTE_MODULE setup</div>
<div><10.0.100.99> EXEC ssh -C -tt -vvv -o
ControlMaster=auto -o ControlPersist=60s -o
ControlPath="/home/administrator/.ansible/cp/ansible-ssh-%h-%p-%r"
-o Port=22 -o KbdInteractiveAuthentication=no -o
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
-o PasswordAuthentication=no -o User=administrator -o
ConnectTimeout=10 10.0.100.99 /bin/sh -c 'mkdir -p
$HOME/.ansible/tmp/ansible-tmp-1422870360.74-45757553727916
&& chmod a+rx
$HOME/.ansible/tmp/ansible-tmp-1422870360.74-45757553727916
&& echo
$HOME/.ansible/tmp/ansible-tmp-1422870360.74-45757553727916'</div>
<div><10.0.100.99> PUT /tmp/tmpaGcn6F TO
/home/administrator/.ansible/tmp/ansible-tmp-1422870360.74-45757553727916/setup</div>
<div><10.0.100.99> EXEC ssh -C -tt -vvv -o
ControlMaster=auto -o ControlPersist=60s -o
ControlPath="/home/administrator/.ansible/cp/ansible-ssh-%h-%p-%r"
-o Port=22 -o KbdInteractiveAuthentication=no -o
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
-o PasswordAuthentication=no -o User=administrator -o
ConnectTimeout=10 10.0.100.99 /bin/sh -c 'sudo -k
&& sudo -H -S -p "[sudo via ansible,
key=qwqneiukdxvgdklcqsbekawxtfyrcfaw] password: " -u root
/bin/sh -c '"'"'echo
SUDO-SUCCESS-qwqneiukdxvgdklcqsbekawxtfyrcfaw; LANG=C
LC_CTYPE=C /usr/bin/python
/home/administrator/.ansible/tmp/ansible-tmp-1422870360.74-45757553727916/setup;
rm -rf
/home/administrator/.ansible/tmp/ansible-tmp-1422870360.74-45757553727916/
>/dev/null 2>&1'"'"''</div>
<div>ok: [10.0.100.99]</div>
</div>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>and thats it - now moving on to apply the next sections.</div>
<div><br>
</div>
<div>And ideas anyone - by which I mean Kevin :-)</div>
<div><br>
</div>
<div><br>
</div>
</div>
<br>
<fieldset></fieldset>
<br>
</div></div><pre>_______________________________________________
Kent mailing list
<a href="mailto:Kent@mailman.lug.org.uk" target="_blank">Kent@mailman.lug.org.uk</a>
<a href="https://mailman.lug.org.uk/mailman/listinfo/kent" target="_blank">https://mailman.lug.org.uk/mailman/listinfo/kent</a></pre>
</blockquote>
<br>
</div>
<br>_______________________________________________<br>
Kent mailing list<br>
<a href="mailto:Kent@mailman.lug.org.uk">Kent@mailman.lug.org.uk</a><br>
<a href="https://mailman.lug.org.uk/mailman/listinfo/kent" target="_blank">https://mailman.lug.org.uk/mailman/listinfo/kent</a><br></blockquote></div><br></div>