Ansible` ios_command `Error reading SSH protocol banner[Errno 104] Connection reset by peer

Question

I have this command which basically is just to get the data from the device.

- name: Get data
  tags: get_facts
  ios_command:
    commands:
      - show version
  register: ruijie_sh_interfaces
  vars:
    ansible_command_timeout: 90
    ansible_connection: network_cli
    ansible_network_os: ios

But it gives me this error when running this playbook at the AWX-tower.

    "msg": "Error reading SSH protocol banner[Errno 104] Connection reset by peer"

I know this device is not accessible with ssh user@ip which outputs:

Unable to negotiate with <IP> port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

BUT IS ACCESSIBLE USING ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 user@ip

I want to know how to implement the -oKexAlgorithms=+diffie-hellman-group1-sha1 using network_cli connection type in ansible.

Answer 1

Can you add the key ansible_ssh_common_args to the inventory of the device in AWX and check again?

- name: Get data
  tags: get_facts
  ios_command:
    commands:
      - show version
  register: ruijie_sh_interfaces
  vars:
    ansible_command_timeout: 90
    ansible_connection: network_cli
    ansible_network_os: ios
    ansible_ssh_common_args: '-o KexAlgorithms=+diffie-hellman-group1-sha1 -o HostKeyAlgorithms=+ssh-rsa -o Ciphers=+aes256-cbc'

ref. https://github.com/ansible/awx/issues/12578