The SSH connectivity check provides details regarding the
configured user
, the IP address of the hosts for which SSH connectivity
works or fails. Run the check before deploying PingIntelligence components.
To check the SSH connectivity from the management machine to other host machines:
During SSH connectivity check between management host machine and PingIntelligence hosts, you might encounter errors because of user permission issues or connectivity issues between machines. The following are some of the common error messages:
-
User configured for SSH: ec2-user Checking connectivity between ansible management host and other hosts... 172.16.40.187 | UNREACHABLE! => { "changed": false, "msg": "Authentication failure.", "unreachable": true } Sun Jul 12 19:22:41 MDT 2020: SSH connection error: connectivity to all hosts is not successful for ec2-user
You have configured the user to use a password to authenticate with the hosts machines; however, the configured password in the hosts file is wrong.
-
User configured for SSH: ec2-user Checking connectivity between ansible management host and other hosts... 172.16.40.187 | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,password).\r\n", "unreachable": true } Sun Jul 12 19:26:16 MDT 2020: SSH connection error: connectivity to all hosts is not successful for ec2-user
ansible_ssh_pass
for authentication with password is uncommented in thehosts
file. However, the password field has been left empty. Leaving the value empty is equivalent to passwordless authentication. -
User configured for SSH: ec2-user Checking sudo connectivity between ansible management host and other hosts... 172.16.40.187 | FAILED! => { "changed": false, "module_stderr": "Connection to 172.16.40.187 closed.\r\n", "module_stdout": "sudo: a password is required\r\n", "msg": "MODULE FAILURE", "rc": 1 } Sun Jul 12 19:30:26 MDT 2020: SSH connection error: sudo connectivity to all hosts is not successful for ec2-user
install_with_sudo
is set totrue
, and there is an error connecting toPingIntelligence host machines.Some probable reasons for error in connectivity are:
- The user is not in the sudoers file, or the user is
not in any group that has
sudo
privileges. - The user does not have
NOPASSWD: ALL
privileges in the sudoers file.
- The user is not in the sudoers file, or the user is
not in any group that has
-
User configured for SSH: ec2-user Checking sudo connectivity between ansible management host and other hosts... 172.16.40.81 | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: ssh: connect to host 172.16.40.81 port 22: Connection timed out\r\n", "unreachable": true } Sun Jul 12 21:41:08 MDT 2020: SSH connection error: sudo connectivity to all hosts is not successful for ec2-user
The IP address configured in the hosts file is not available.
-
[localhost]: FAILED! => {"changed": false, "msg": "Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!"} to retry, use: --limit @/home/ec2-user/411/pingidentity/pi-api-deployment/ansible/setup.retry
selinux
dependency: If you encounter the following error, you must install theselinux
package on the host machine on which you see this error. Check the machine mentioned beforeFAILED!
in the output to identify the machine whereselinux
needs to be installed.