Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Amazon Ubuntu AMI: fail to handshake #155

Closed
msuzoagu opened this issue May 13, 2023 · 4 comments
Closed

Amazon Ubuntu AMI: fail to handshake #155

msuzoagu opened this issue May 13, 2023 · 4 comments
Labels
bug

Comments

@msuzoagu
Copy link

msuzoagu commented May 13, 2023
edited
Loading

Overview of the Issue

When attempting to build ami, provisioning step fails with error message failed to handshake even though ssh connection has been made.

Running the same playbook but adding ansible_env_vars = [ "ANSIBLE_STDOUT_CALLBACK=debug"] arg surfaces a failed to transfer file error during the play.

Reproduction Steps

PACKER_LOG=1 packer build simple packer template

Plugin and Packer version

  • Packer v1.8.7

  • Packer-Plugin-Amazon v1.2.5

Simplified Packer Buildfile

Simplified Buildfile

Operating system and Environment details

Local Machine: macOS Ventura

Remote:

aws_name = "ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-20230325"
ami_id = "ami-0a695f0d95cefc163"
ami_owners = ["099720109477"]
ssh_username = "ubuntu"

Log Fragments and crash.log files

  1. handshake error surfaced without ANSIBLE_STDOUT_CALLBACK=debug
  2. file transfer error surfaced with ANSIBLE_STDOUT_CALLBACK=debug
@msuzoagu msuzoagu added the bug label May 13, 2023
@msuzoagu msuzoagu changed the title SSH Handshake Error Fail: fail to handshake (with amazon ubuntu ami) May 13, 2023
@msuzoagu msuzoagu changed the title Fail: fail to handshake (with amazon ubuntu ami) Amazon Ubuntu AMI: fail to handshake May 13, 2023
@msuzoagu
Copy link
Author

msuzoagu commented May 15, 2023
edited
Loading

@nywilken Hello Wilken! Can you please take a look at this; would appreciate any feedback.

Following the suggestions this issue and in this issue, currently getting around the failed handshake error by passing in:

    ansible_env_vars = [
      "ANSIBLE_STDOUT_CALLBACK=debug",
      "ANSIBLE_HOST_KEY_CHECKING=False",
      "ANSIBLE_SSH_ARGS='-o ForwardAgent=yes -o ControlMaster=auto -o ControlPersist=60s'",
      "ANSIBLE_NOCOLOR=True"
    ]
    ansible_ssh_extra_args = [
      "-o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedKeyTypes=+ssh-rsa"
    ]
    extra_arguments = [
      "--scp-extra-args", "'-O'"
    ]

to the build but now running into another issue where none of the packages needed are being found (for example, one is able to apt install make but provisioning via packer-plugin-ansible will return "package make not found").

@msuzoagu
Copy link
Author

msuzoagu commented May 16, 2023
edited
Loading

Got around issues reported by:

  • switching plugins version to "1.0.1"
  • switching to ubuntu 20.4

This was referenced May 16, 2023
Closed
Closed
@lbajolet-hashicorp
Copy link
Contributor

Hi @msuzoagu,

Coming back to this, it looks like a similar issue as what's described in #69, where connection to the adapter/proxy for Ansible fails because of a SSH key mismatch.
I presume the Ansible/OpenSSH stack you're running banned RSA-SHA as authorised key type, hence the extra arguments you're passing to Ansible, but from what I can understand, this is not enough and the generated key cannot be used to authenticate anyway, hence the communication error.

Regarding my message on your other issue (on the Amazon plugin), since the target machine has a public IP, you can probably still fix it by adding use_proxy = false on the Ansible configuration block, that way you won't have the adapter setup with the unsupported keys.

I'll continue looking into this problem from the angle described in #69.

@lbajolet-hashicorp
Copy link
Contributor

Closing as duplicate of hashicorp/packer#12416

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@msuzoagu @lbajolet-hashicorp