一、首先你要知道用什么加密协商。
[WARNING]: Invalid characters were found in group names but not replaced, use -vvvv to see details
10.10.2.190 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Unable to negotiate with 10.10.2.190 port 22: no matching key exchange method found. Their offer: curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256",
"unreachable": true
}
这里会告诉你:
Their offer: curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256"
然后你可以通过ssh先进行测试:
ssh -l root -o KexAlgorithms=diffie-hellman-group-exchange-sha256 10.10.2.190
-o 后根指定的协商方式
二、修改Ansible特定的hosts协商方式
[klin]
10.10.2.190 ansible_ssh_user='root' ansible_ssh_pass='Admin123@pl' ansible_ssh_args='-o KexAlgorithms=diffie-hellman-group-exchange-sha256'
在hosts文件中加上 ansible_ssh_args='-o KexAlgorithms=diffie-hellman-group-exchange-sha256'
此时Ansible的ssh命令等价于上面的ssh命令。