Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Each target works using individual passhport access but randomly fails while using ansible #559

Closed
exploitation-nehsdigital opened this issue Mar 14, 2021 · 6 comments
Closed

Each target works using individual passhport access but randomly fails while using ansible #559

exploitation-nehsdigital opened this issue Mar 14, 2021 · 6 comments
Assignees
@elg
Labels
New New issue who need to be evaluated

Comments

@exploitation-nehsdigital
Copy link

While trying to "ansible ping" every target, I get random erros and did not see anything relevant in sshd debug logs.
The same targets works perfectly while using passhport menu.
I can run my test several times and I never get the same amount of failed targets nor related targets.
Already tried to set sshd maxsession to higher value and did check ulimit.

Thank you,

UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: kex_exchange_identification: Connection closed by remote host",
"unreachable": true

SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o 'ProxyCommand=ssh -t -W %h:%p -q -p xxxx passhport@xxxxxxxxxx' -o ControlPath=/home/xx/.ansible/cp/0176122d91 ipaddress '/bin/sh -c '"'"'echo ~root && sleep 0'"'"''

(255, '', 'kex_exchange_identification: Connection closed by remote host\r\n')
@exploitation-nehsdigital exploitation-nehsdigital added the New New issue who need to be evaluated label Mar 14, 2021
@Raphux
Copy link
Contributor

Raphux commented Mar 14, 2021
edited
Loading

Mmmm i'll try that on my side with your pro-tip you sent on another thread. Stay tuned…
Just to know, how big is your inventory ? Does it occur sometimes at the first host ?

@exploitation-nehsdigital
Copy link
Author

around 90 targets, sometimes happen on the 5/6 first targets sometimes not.
We have another passhport instance on which it seems we do not have this kind of issue (I'll check)

Thanks

@elg
Copy link
Contributor

elg commented Mar 14, 2021
edited
Loading

Hi,
Is your passhport behind an apache mod_wsgi?

@phlb phlb mentioned this issue Mar 16, 2021
Merged
@exploitation-nehsdigital
Copy link
Author

Hi,

No it's not. This is basically the default passhport setup wrote through an ansible playbook

@Raphux
Copy link
Contributor

Raphux commented Mar 16, 2021
edited
Loading

Haven't had the time to reproduce yet, but @elg is right, it might come from the embedded server in flask which is very limited.

You should definitely try this : https://docs.passhport.org/en/latest/installation-and-configuration/apache-wsgi-for-production.html

@elg
Copy link
Contributor

elg commented May 11, 2021

Hello there,
Thanks to @phlb a new solution is available using environment variables. Everything is ready with #560 and #561 you can find documentation on #561 for using it.
We need to create a specific documentation on "how to use ansible through PaSSHport" since it's now very easy.

@elg elg closed this as completed May 11, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@elg elg

Labels
New New issue who need to be evaluated
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@elg @Raphux @exploitation-nehsdigital