DEV Community

Cosimo Streppone
Cosimo Streppone

Posted on • Updated on

Failed to connect to the host via SSH on Ubuntu 22.04

If you have just upgraded to Ubuntu 22.04, and you suddenly experience either errors when trying to ssh into hosts, or when running ansible or again when running the ansible provisioner building a packer image, this is probably going to be useful for you.

In my case I was trying to build an AWS EC2 image via packer and the ansible provisioner, and I had this error:

amazon-ebs.aws: Failed to connect to the host via ssh: Unable to negotiate with 127.0.0.1 port
amazon-ebs.aws: 40015: no matching host key type found. Their offer: ssh-rsa
Enter fullscreen mode Exit fullscreen mode

If your problem is that you simply can't connect via SSH to a host from your Ubuntu 22.04 host, then look it up, there are a lot of people in the same boat.

The proposed solution is to add this snippet to either your /etc/ssh/ssh_config or ~/.ssh/config:

PubkeyAcceptedKeyTypes +ssh-rsa
Enter fullscreen mode Exit fullscreen mode

or just for some specific hosts:

Host host.example.com
    PubkeyAcceptedKeyTypes +ssh-rsa
Enter fullscreen mode Exit fullscreen mode

In the case of ansible connecting to a host, or packer launching ansible connecting to a host, this needs an additional step or two.

For ansible:

ansible --ssh-extra-args="-o PubkeyAcceptedKeyTypes=+ssh-rsa"
Enter fullscreen mode Exit fullscreen mode

For packer with ansible provisioning:

build {
  sources = ["sources.amazon-ebs.aws"]
  provisioner "ansible" {
    ansible_env_vars = [
      ...
      "ANSIBLE_SSH_ARGS='-o PubkeyAcceptedKeyTypes=+ssh-rsa -o HostkeyAlgorithms=+ssh-rsa'"
    ]
    playbook_file       = "..."
    galaxy_file         = "..."
    ...
    extra_arguments     = "${concat(local.default_ansible_extra_args, var.ansible_extra_args)}"
  }
}
Enter fullscreen mode Exit fullscreen mode

Background info on the cause of this issue: https://ikarus.sg/rsa-is-not-dead/

Hope I don't need to come back to this for a while :-)

Top comments (1)

Collapse
 
derlin profile image
Lucy Linder • Edited

First of all, thank you for the tips! Would be even greater with syntax highlighting ;)

For anyone having this issue with packer (as of v1.9.4), the solution highlighted at the bottom of this article raises:

fatal: [default]: UNREACHABLE! => {
  "changed": false, 
   "msg": "Data could not be sent to remote host \"127.0.0.1\". 
          Make sure this host can be reached over ssh: command-line line 0: 
         keyword pubkeyacceptedkeytypes extra arguments at end of line\r\n",
   "unreachable": true
}
Enter fullscreen mode Exit fullscreen mode

The solution I found is to use the extra_arguments:

  provisioner "ansible" {
    // ...
    extra_arguments = [
      "--ssh-extra-args", "-o HostKeyAlgorithms=+ssh-rsa",
    ]
  }
Enter fullscreen mode Exit fullscreen mode

Note that the ansible provisioner provides a extra_ssh_arguments, but it fails with the same "extra at end of line" error.

For more information, see github.com/hashicorp/packer-plugin....