2

我正在尝试使用跳转/堡垒主机连接到私有子网中的其他主机。我收到以下错误:

{
    "msg": "Failed to connect to the host via ssh: OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 58: Applying options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug1: Control socket \"/tmp/awx_50_8n6bocmz/cp/1f25cf0a60\" does not exist\r\ndebug1: Executing proxy command: exec ssh -W 10.0.15.63:8888 -q user@123.123.989.4\r\ndebug3: timeout: 10000 ms remain after connect\r\ndebug1: permanently_set_uid: 0/0\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /root/.ssh/id_rsa type -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /root/.ssh/id_rsa-cert type -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /root/.ssh/id_dsa type -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /root/.ssh/id_dsa-cert type -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /root/.ssh/id_ecdsa type -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /root/.ssh/id_ecdsa-cert type -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /root/.ssh/id_ed25519 type -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: identity file /root/.ssh/id_ed25519-cert type -1\r\ndebug1: Enabling compatibility mode for protocol 2.0\r\ndebug1: Local version string SSH-2.0-OpenSSH_7.4\r\ndebug1: permanently_drop_suid: 0\r\nConnection timed out during banner exchange",
    "unreachable": true,
    "changed": false
}

我正在尝试通过堡垒连接到主机。我正在使用 AWX/Ansible Tower。

CentOS 7 AWX 6.1.0 Ansible 2.8

这是我当前的配置:

ansible_connection: ssh
ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q user@123.123.989.4"'
ansible_ssh_port: 8888
ansible_user: user
host_key_checking: false
pipelining: true

跳转主机 ssh 密钥也已添加到 awx 并用于作业模板,但是我仍然无法创建 ssh 隧道以通过跳转主机访问私有子网中的主机。

这可能是我想念的一些简单的东西,但我就是看不到它!提前感谢您的帮助!

4

1 回答 1

0

尝试创建一个隧道。

打开外壳并运行:

ssh -f -N -D 1085 -o TCPKeepAlive=yes -o ServerAliveInterval=60 user@123.123.989.4:8888

更改yaml文件后如下:

ansible_ssh_common_args: -o ProxyCommand="/bin/nc -x 127.0.0.1:1085 %h %p"

并重新尝试运行 ansible-playbook

于 2021-09-07T15:41:14.337 回答