7/21/2015

Ansible freebsd ssh connection hung

Recently I faced with problem which caused almost a week to find right solution

So the problem was that I wasn't able to connect to my freebsd host from ansible server.

so symptoms were like that

sshpass -d6 ssh -C -v -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/michael/.ansible/cp/ansible-ssh-%h-%p-%r" -o StrictHostKeyChecking=no -o GSSAPIAuthentication=no -o PubkeyAuthentication=no -o User=root -o ConnectTimeout=10 192.168.xxx.xxx /bin/csh -c 'LANG=en_US.UTF-8 LC_CTYPE=en_US.UTF-8 /usr/local/bin/python'
[............]

Warning: Permanently added '192.168.2.110' (ECDSA) to the list of known hosts.debug1: SSH2_MSG_NEWKEYS sentdebug1: expecting SSH2_MSG_NEWKEYSdebug1: SSH2_MSG_NEWKEYS receiveddebug1: Roaming not allowed by serverdebug1: SSH2_MSG_SERVICE_REQUEST sentdebug1: SSH2_MSG_SERVICE_ACCEPT receiveddebug1: Authentications that can continue: publickey,keyboard-interactivedebug1: Next authentication method: keyboard-interactive

ansible new-hosts -l freebsd.local -m shell -a 'uptime'  -vvv
<192.168.2.110> ESTABLISH CONNECTION FOR USER: root
<192.168.2.110> REMOTE_MODULE command uptime #USE_SHELL
<192.168.2.110> EXEC sshpass -d6 ssh -C -v -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/michael/.ansible/cp/ansible-ssh-%h-%p-%r" -o StrictHostKeyChecking=no -o GSSAPIAuthentication=no -o PubkeyAuthentication=no -o User=root -o ConnectTimeout=10 192.168.xxx.xxx /bin/sh -c 'LANG=en_US.UTF-8 LC_CTYPE=en_US.UTF-8 /usr/local/bin/python'

and in that state connection could be couple of hours without any output on ansible server or freebsd logs.

The reason of the problem was FreeBSD PAM module 

I had to change line 12 (in my case ) in /etc/pam.d/sshd

was :

auth            required        pam_unix.so             no_warn try_first_pass

become:

auth            required        pam_unix.so             no_warn try_first_pass authtok_prompt=Password:

no sshd restart required

after that changes I was able to get info from my freebsd hosts

 ansible new-hosts -l freebsd.local -m  ping  
freebsd.local | success >> {
    "changed": false, 
    "ping": "pong"
}
ansible new-hosts -l freebsd.local -m shell -a 'uptime'  
freebsd.local | success | rc=0 >>
 2:30PM  up 4 days, 45 mins, 2 users, load averages: 0.11, 0.09, 0.07