No matching key found

As you might have experienced… using a recent system to connect to a legacy one could be complicated as some insecure protocols have been disabled, with a message like: Unable to negotiate with 192.168.2.82 port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss Create an entry like this in your .ssh/config file, so that insecure methods can be used to connect to a specific host: Host 192.168.2.82 HostKeyAlgorithms=+ssh-rsa KexAlgorithms=+diffie-hellman-group1-sha1 PubkeyAcceptedKeyTypes=+ssh-rsa User root or alternatively on the command line:...

August 25, 2023 · 1 min · Pablo Iranzo Gómez

Upgrade Debian from buster to bullseye

I had two Raspberry Pi systems running Raspbian and they were failing to find updates for newer packages. As Debian stable was upgraded too, moving from buster to bullseye the packages failed to get the newer ones. Warning Beware as this procedure might upgrade the system but might no render a bootable Raspberry Pi A way to fix it is, to first, change references, if any, to the old codename version by running:...

July 22, 2023 · 1 min · Pablo Iranzo Gómez

Automating SSH keys loading for Ansible usage

For using Ansible it’s required to have a working set of ssh-keys already deployed. If you get a set of systems that have not been provisioned by you and are missing the SSH keys, having it fixed might take a while if doing it manually. Good news is that you can use a script in expect to cover this part: #!/usr/bin/expect -f # set Variables set password [lrange $argv 0 0] set ipaddr [lrange $argv 1 1] # now connect to remote system spawn ssh-copy-id root@$ipaddr match_max 100000 # Check for initial connection (add key of host) set timeout 5 expect "yes/no" { send -- "yes\r" } # Check for password prmpt set timeout 120 # Look for passwod prompt expect "password:" { send -- "$password\r" } # send blank line (\r) to come back send -- "\n" expect eof This script, when used like:...

March 2, 2023 · 2 min · Pablo Iranzo Gómez

Ansible - dynamically include Jinja templates and tasks

For my ansible playbooks, I wanted to be able to add several new templates to be copied to target system, and additionally be able to perform some commands for them without having to specify each individual file/template to copy. My approach: Define for the hosts I want to find templates/playbooks define a var named extras for the relevant hosts: extras: - ntp - certificates The names defined (in above example ntp and certificates) are just name of folders laying inside tasks/templates/${folder} that are searched and included or excluded based on extras values....

September 24, 2022 · 2 min · Pablo Iranzo Gómez

Include ansible playbooks sorted

Use sorted list for included files vs random provided by with_fileglob. - name: Include tasks include_tasks: "{{item}}" loop: "{{ query('fileglob', 'tasks/*.yaml') | sort }}"

September 23, 2022 · 1 min · Pablo Iranzo Gómez
This blog is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.