RSA/SHA-1 was deprecated since the OpenSSH release 8.8.
This causes builds with latest version of packer to fail with the
below error:
Error:
Data could not be sent to remote host "127.0.0.1". Make sure this
host can be reached over ssh: command-line: line 0: Bad
configuration option: pubkeyacceptedalgorithms.
Add workaroud and pass required HostKeyAlgorithms through ssh extra
argumements. Testing with cloud builds and since we are using multiple
flavors the only options required are "IdentitiesOnly=yes"
and "HostKeyAlgorithms=+ssh-rsa".
Issue: RELENG-4764
Ref: https://github.com/hashicorp/packer-plugin-ansible/issues/69
Change-Id: I80ff152d5153d739d6586c217fbc392e8be80f2a
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
--- /dev/null
+---
+issues:
+ - |
+ RSA/SHA-1 was deprecated in the latest OpenSSH release 8.8
+ causing builds fail with the following error:
+
+ Data could not be sent to remote host "127.0.0.1". Make sure this host
+ can be reached over ssh: command-line: line 0: Bad configuration
+ option: pubkeyacceptedalgorithms
+fixes:
+ - |
+ Add workaroud and pass required HostKeyAlgorithms through ssh extra
+ argumements.
]
command = "./common-packer/ansible-playbook.sh"
extra_arguments = [
- "--scp-extra-args", "'-O'",
- "--ssh-extra-args", "-o IdentitiesOnly=yes -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedAlgorithms=+ssh-rsa"
+ "--ssh-extra-args", "-o IdentitiesOnly=yes -o HostKeyAlgorithms=+ssh-rsa"
]
playbook_file = "provision/local-builder.yaml"
skip_version_check = true
}
provisioner "ansible" {
- ansible_env_vars = ["ANSIBLE_NOCOWS=1", "ANSIBLE_PIPELINING=True", "ANSIBLE_ROLES_PATH=${var.ansible_roles_path}", "ANSIBLE_CALLBACK_WHITELIST=profile_tasks", "ANSIBLE_STDOUT_CALLBACK=debug"]
+ ansible_env_vars = [
+ "ANSIBLE_NOCOWS=1",
+ "ANSIBLE_PIPELINING=False",
+ "ANSIBLE_HOST_KEY_CHECKING=False",
+ "ANSIBLE_ROLES_PATH=${var.ansible_roles_path}",
+ "ANSIBLE_CALLBACK_WHITELIST=profile_tasks",
+ "ANSIBLE_STDOUT_CALLBACK=debug"
+ ]
command = "./common-packer/ansible-playbook.sh"
- extra_arguments = ["--scp-extra-args", "'-O'", "--ssh-extra-args", "-o IdentitiesOnly=yes -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedAlgorithms=+ssh-rsa"]
+ extra_arguments = [
+ "--ssh-extra-args", "-o IdentitiesOnly=yes -o HostKeyAlgorithms=+ssh-rsa"
+ ]
playbook_file = "provision/local-builder.yaml"
skip_version_check = true
}
}
provisioner "ansible" {
- ansible_env_vars = ["ANSIBLE_DEBUG=False", "ANSIBLE_NOCOWS=1", "ANSIBLE_PIPELINING=True", "ANSIBLE_ROLES_PATH=${var.ansible_roles_path}", "ANSIBLE_CALLBACK_WHITELIST=profile_tasks", "ANSIBLE_STDOUT_CALLBACK=debug"]
+ ansible_env_vars = [
+ "ANSIBLE_NOCOWS=1",
+ "ANSIBLE_PIPELINING=False",
+ "ANSIBLE_HOST_KEY_CHECKING=False",
+ "ANSIBLE_ROLES_PATH=${var.ansible_roles_path}",
+ "ANSIBLE_CALLBACK_WHITELIST=profile_tasks",
+ "ANSIBLE_STDOUT_CALLBACK=debug"
+ ]
command = "./common-packer/ansible-playbook.sh"
- extra_arguments = ["--extra-vars", "os_branch=stable/yoga rdo_branch=yoga", "--scp-extra-args", "'-O'", "--ssh-extra-args", "-o IdentitiesOnly=yes -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedAlgorithms=+ssh-rsa"]
+ extra_arguments = [
+ "--extra-vars", "os_branch=stable/yoga rdo_branch=yoga",
+ "--ssh-extra-args", "-o IdentitiesOnly=yes -o HostKeyAlgorithms=+ssh-rsa"
+ ]
playbook_file = "provision/devstack-pre-pip-centos.yaml"
skip_version_check = true
}
}
provisioner "ansible" {
- ansible_env_vars = ["ANSIBLE_NOCOWS=1", "ANSIBLE_PIPELINING=True", "ANSIBLE_ROLES_PATH=${var.ansible_roles_path}", "ANSIBLE_CALLBACK_WHITELIST=profile_tasks", "ANSIBLE_STDOUT_CALLBACK=debug"]
+ ansible_env_vars = [
+ "ANSIBLE_NOCOWS=1",
+ "ANSIBLE_PIPELINING=False",
+ "ANSIBLE_HOST_KEY_CHECKING=False",
+ "ANSIBLE_ROLES_PATH=${var.ansible_roles_path}",
+ "ANSIBLE_CALLBACK_WHITELIST=profile_tasks",
+ "ANSIBLE_STDOUT_CALLBACK=debug"
+ ]
command = "./common-packer/ansible-playbook.sh"
- extra_arguments = ["--scp-extra-args", "'-O'", "--ssh-extra-args", "-o IdentitiesOnly=yes -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedAlgorithms=+ssh-rsa"]
+ extra_arguments = [
+ "--extra-vars", "os_branch=stable/yoga rdo_branch=yoga",
+ "--ssh-extra-args", "-o IdentitiesOnly=yes -o HostKeyAlgorithms=+ssh-rsa"
+ ]
playbook_file = "provision/devstack-centos.yaml"
skip_version_check = true
}
}
provisioner "ansible" {
- ansible_env_vars = ["ANSIBLE_NOCOWS=1", "ANSIBLE_PIPELINING=False", "ANSIBLE_HOST_KEY_CHECKING=False", "ANSIBLE_ROLES_PATH=${var.ansible_roles_path}", "ANSIBLE_CALLBACK_WHITELIST=profile_tasks", "ANSIBLE_STDOUT_CALLBACK=debug"]
+ ansible_env_vars = [
+ "ANSIBLE_NOCOWS=1",
+ "ANSIBLE_PIPELINING=False",
+ "ANSIBLE_HOST_KEY_CHECKING=False",
+ "ANSIBLE_ROLES_PATH=${var.ansible_roles_path}",
+ "ANSIBLE_CALLBACK_WHITELIST=profile_tasks",
+ "ANSIBLE_STDOUT_CALLBACK=debug"
+ ]
command = "./common-packer/ansible-playbook.sh"
- extra_arguments = ["--scp-extra-args", "'-O'", "--ssh-extra-args", "-o IdentitiesOnly=yes -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedAlgorithms=+ssh-rsa"]
+ extra_arguments = [
+ "--ssh-extra-args", "-o IdentitiesOnly=yes -o HostKeyAlgorithms=+ssh-rsa"
+ ]
playbook_file = "provision/local-docker.yaml"
skip_version_check = true
user = "${var.ssh_user}"
provisioner "ansible" {
ansible_env_vars = [
- "ANSIBLE_NOCOWS=1",
- "ANSIBLE_PIPELINING=True",
- "ANSIBLE_ROLES_PATH=${var.ansible_roles_path}",
- "ANSIBLE_CALLBACK_WHITELIST=profile_tasks",
- "ANSIBLE_STDOUT_CALLBACK=debug"
+ "ANSIBLE_NOCOWS=1",
+ "ANSIBLE_PIPELINING=False",
+ "ANSIBLE_HOST_KEY_CHECKING=False",
+ "ANSIBLE_ROLES_PATH=${var.ansible_roles_path}",
+ "ANSIBLE_CALLBACK_WHITELIST=profile_tasks",
+ "ANSIBLE_STDOUT_CALLBACK=debug"
]
command = "./common-packer/ansible-playbook.sh"
extra_arguments = [
- "--scp-extra-args", "'-O'",
- "--ssh-extra-args", "-o IdentitiesOnly=yes -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedAlgorithms=+ssh-rsa"
+ "--ssh-extra-args", "-o IdentitiesOnly=yes -o HostKeyAlgorithms=+ssh-rsa"
]
playbook_file = "provision/local-docker.yaml"
skip_version_check = true
provisioner "ansible" {
ansible_env_vars = [
- "ANSIBLE_NOCOWS=1",
- "ANSIBLE_PIPELINING=True",
- "ANSIBLE_ROLES_PATH=${var.ansible_roles_path}",
- "ANSIBLE_CALLBACK_WHITELIST=profile_tasks",
- "ANSIBLE_STDOUT_CALLBACK=debug"
+ "ANSIBLE_NOCOWS=1",
+ "ANSIBLE_PIPELINING=False",
+ "ANSIBLE_HOST_KEY_CHECKING=False",
+ "ANSIBLE_ROLES_PATH=${var.ansible_roles_path}",
+ "ANSIBLE_CALLBACK_WHITELIST=profile_tasks",
+ "ANSIBLE_STDOUT_CALLBACK=debug"
]
command = "./common-packer/ansible-playbook.sh"
- extra_arguments = [
- "--extra-vars", "ansible_shell_type=powershell",
- "--extra-vars", "ansible_shell_executable=None",
- "--scp-extra-args", "'-O'",
- "--ssh-extra-args", "-o IdentitiesOnly=yes -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedAlgorithms=+ssh-rsa"
+ extra_arguments = [
+ "--extra-vars", "ansible_shell_type=powershell",
+ "--extra-vars", "ansible_shell_executable=None",
+ "--ssh-extra-args", "-o IdentitiesOnly=yes -o HostKeyAlgorithms=+ssh-rsa"
]
playbook_file = "provision/local-windows-builder.yaml"
skip_version_check = true
Code Review / releng / common-packer.git / commitdiff