If you have just upgraded to Ubuntu 22.04, and you suddenly experience either errors when trying to ssh into hosts, or when running ansible or again when running the ansible provisioner building a packer image, this is probably going to be useful for you.
In my case I was trying to build an AWS EC2 image via packer and the ansible provisioner, and I had this error:
amazon-ebs.aws: Failed to connect to the host via ssh: Unable to negotiate with 127.0.0.1 port
amazon-ebs.aws: 40015: no matching host key type found. Their offer: ssh-rsa
If your problem is that you simply can't connect via SSH to a host from your Ubuntu 22.04 host, then look it up, there are a lot of people in the same boat.
The proposed solution is to add this snippet to either your /etc/ssh/ssh_config
or ~/.ssh/config
:
PubkeyAcceptedKeyTypes +ssh-rsa
or just for some specific hosts:
Host host.example.com
PubkeyAcceptedKeyTypes +ssh-rsa
In the case of ansible connecting to a host, or packer launching ansible connecting to a host, this needs an additional step or two.
For ansible:
ansible --ssh-extra-args="-o PubkeyAcceptedKeyTypes=+ssh-rsa"
For packer with ansible provisioning:
build {
sources = ["sources.amazon-ebs.aws"]
provisioner "ansible" {
ansible_env_vars = [
...
"ANSIBLE_SSH_ARGS='-o PubkeyAcceptedKeyTypes=+ssh-rsa -o HostkeyAlgorithms=+ssh-rsa'"
]
playbook_file = "..."
galaxy_file = "..."
...
extra_arguments = "${concat(local.default_ansible_extra_args, var.ansible_extra_args)}"
}
}
Background info on the cause of this issue: https://ikarus.sg/rsa-is-not-dead/
Hope I don't need to come back to this for a while :-)
Top comments (1)
First of all, thank you for the tips! Would be even greater with syntax highlighting ;)
For anyone having this issue with packer (as of v1.9.4), the solution highlighted at the bottom of this article raises:
The solution I found is to use the
extra_arguments
:Note that the ansible provisioner provides a
extra_ssh_arguments
, but it fails with the same "extra at end of line" error.For more information, see github.com/hashicorp/packer-plugin....