awx icon indicating copy to clipboard operation
awx copied to clipboard

Published 20 hours ago verified publisher icon ansible

Failed to connect to the host via ssh sign_and_send_pubkey: no mutual signature supported

Open leosimony opened this issue 1 year ago • 6 comments

Please confirm the following

  • [X] I agree to follow this project's code of conduct.
  • [X] I have checked the current issues for duplicates.
  • [X] I understand that AWX is open source software provided for free and that I might not receive a timely response.

Bug Summary

I have been using the same key pair for nearly 4 years now. The key pair worked fine all this time and something changed all of a sudden and I am getting the below error message for few servers I try to connect via ansible awx to perform tasks.

"Failed to connect to the host via ssh: Warning: Permanently added 'x.x.x.x' (ED25519) to the list of known hosts.\r\nsign_and_send_pubkey: no mutual signature supported\r\nmyuser@x.x.x.x: Permission denied (publickey).",

I am using the same key pair in one of my jumpbox to connect servers and tried creating a new machine credential in AWX by copying the openssh format private key from /home/user/.ssh/id_rsa but still it gave same result. From the jumpbox, the private key authentication is working fine but the same key pair is not working from Ansible AWX.

Info on target machines: Most of them are debian jessie machines and I was able to connect to those servers a couple weeks ago. I am able to authenticate with Ubuntu 18.04.4 which is very odd behavior all of a sudden.

AWX version

21.3.0

Select the relevant components

  • [X] UI
  • [ ] API
  • [ ] Docs
  • [ ] Collection
  • [ ] CLI
  • [ ] Other

Installation method

kubernetes

Modifications

no

Ansible version

Core 2.14.4

Operating system

Host Machine is Ubuntu

Web browser

Chrome

Steps to reproduce

Trying to do an adhoc ping or job template that performs any tasks on the target from the inventory

Expected results

It should perform the task as per the job template I defined

Actual results

"Failed to connect to the host via ssh: Warning: Permanently added 'x.x.x.x' (ED25519) to the list of known hosts.\r\nsign_and_send_pubkey: no mutual signature supported\r\[email protected]: Permission denied (publickey).",

Additional information

No response

leosimony avatar May 03 '23 13:05 leosimony

@leosimony can you confirm that these keys are working outside of the AWX context?

fosterseth avatar May 03 '23 17:05 fosterseth

Hello,

Thank you for your response. Yes, the keys are working outside of AWX, which is why I came this far to get help.

On Wed, 3 May, 2023, 10:38 pm Seth Foster, @.***> wrote:

@leosimony https://github.com/leosimony can you confirm that these keys are working outside of the AWX context?

— Reply to this email directly, view it on GitHub https://github.com/ansible/awx/issues/13943#issuecomment-1533405281, or unsubscribe https://github.com/notifications/unsubscribe-auth/ALKF2HIDINQK6MCQ7O4ZZE3XEKGIFANCNFSM6AAAAAAXUOK5TA . You are receiving this because you were mentioned.Message ID: @.***>

leosimony avatar May 04 '23 03:05 leosimony

@fosterseth Thank you for your response. Yes, the keys are working outside of AWX, which is why I came this far to get help.

leosimony avatar May 08 '23 07:05 leosimony

Hello,

I have stopped using AWX for a while and now I need this setup in our work environment.

Issue Description: Getting the below-given error message while trying to perform any operation via AWX.

"msg": "Failed to connect to the host via ssh: Warning: Permanently added '3.18.70.61' (ED25519) to the list of known hosts.\r\[email protected]: Permission denied (publickey).",

I have imported the same private key in AWX credentials as Machine type and it's been used for a long time now. The same key pair working fine from another Linux machine.

Assumptions:

  1. We upgraded from the AWX docker environment to the K3s environment a while back. Currently, we are using the "23.6.0" version.
  2. When we were using a dockerized environment we did not face this issue since the same key pair I have for nearly 5 years now.
  3. On the other hand, the same key pair is working fine for a few other servers. Based on my analysis, it looks like the Debian Distributions that are old (jessie. wheezy) SSH connections are working. At the same time, I tried a couple of servers with the latest distributions and it's working fine.
  4. Though I can see the difference in behaviour, I am uncertain which component is the reason here.

Can someone check on this and let me know if this is a known behaviour and if there is a workaround to it?

Please let me know if any more information is required.

Regards, Leo

leosimony avatar Feb 02 '24 10:02 leosimony

Is anyone facing a similar kind of issue?

leosimony avatar Feb 09 '24 15:02 leosimony

Yes we have the problem here (I'm ashamed to have these old servers..)

boagg avatar May 31 '24 08:05 boagg