Streisand: Problem wiht custom ssh port on existing server

Created on 16 Nov 2018  路  16Comments  路  Source: StreisandEffect/streisand

I' m trying to follow this https://github.com/jlund/streisand/issues/96#issuecomment-65343979.
When I used ansible-playbook playbooks/streisand.yml I got this error:
fatal: [localhost]: FAILED! => {"changed": false, "msg": "AnsibleUndefinedVariable: 'streisand_ssh_private_key' is undefined"}
How can I specify that field? Do I need to do something?

aressh kinquestion

Most helpful comment

@Scorpion2185 Sorry to hear that. I'd have to guess that support for this has been broken somewhere along the line. If someone makes a PR with fixes I would try to review it.

Until then I'd recommend using a supported provider like DigitalOcean, AWS, etc that will let Streisand provision a server for you with SSHD configured on the default port. The advanced provisioning modes ("existing server", "localhost") are not supported and the expectation is you'll have to do most of your own debugging.

All 16 comments

@Scorpion2185 That comment is from close to 4 years ago and will not work. Streisand doesn't support being run directly with ansible-playbook without significant manual work. You need to use the streisand script in the root of the project directory, per the README

@cpu When I run ./streisand (with existing server option) how can I use a custom ssh port?
I see in the README:

The server must be accessible using the $HOME/.ssh/id_rsa SSH Key, and root is used as the connecting user by default. If your provider requires you to SSH with a different user than root (e.g. ubuntu) specify the ANSIBLE_SSH_USER environmental variable (e.g. ANSIBLE_SSH_USER=ubuntu) when you run ./streisand.

so:
./streisand --ANSIBLE_SSH_PORT=<custom_port>?

so:
./streisand --ANSIBLE_SSH_PORT=<custom_port>?

@Scorpion2185 for an env var you'd want to prefix the command, like so:
ANSIBLE_SSH_PORT=<custom port> ./streisand

@cpu That didn't work it tried to connect to the standard (22) port.
Additional info:
Can this maybe be of help?

[DEPRECATION WARNING]: 'include' for playbook includes. You should use 'import_playbook' instead. This feature will be removed in version 2.8. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.

Error:
fatal: [<existing_server_ip>]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: connect to host <existing_server_ip> port 22: Connection timed out\r\n", "unreachable": true}

@Scorpion2185 Sorry to hear that. I'd have to guess that support for this has been broken somewhere along the line. If someone makes a PR with fixes I would try to review it.

Until then I'd recommend using a supported provider like DigitalOcean, AWS, etc that will let Streisand provision a server for you with SSHD configured on the default port. The advanced provisioning modes ("existing server", "localhost") are not supported and the expectation is you'll have to do most of your own debugging.

@cpu is right. You may have better luck with a localhost install, but it sounds like you have some interesting firewalls already in place.

If you're going to try localhost, I suggest trying one of the supported providers first, to see what a success looks like.

@cpu Is this issue open so? Maybe someone knows something.
I am not familiar with ansible, playbook and streisand, What should I do?
@nopdotcom If i use localhost later i won' t be able to connect for the custom ssh port right?
When using localhost I run ./streisand on the server?

I should have read your earlier comment more closely:

I see in the README:

The server must be accessible using the $HOME/.ssh/id_rsa SSH Key, and root is used as the connecting user by default. If your provider requires you to SSH with a different user than root (e.g. ubuntu) specify the ANSIBLE_SSH_USER environmental variable (e.g. ANSIBLE_SSH_USER=ubuntu) when you run ./streisand.

That's describing ANSIBLE_SSH_USER for a non-standard username. Note the USER part. I don't think ANSIBLE_SSH_PORT is a thing and the README doesn't describe it because it isn't something Streisand was designed to support.

Is this issue open so? Maybe someone knows something.

With the above understanding that the README offers no mention of custom SSH port support I don't think its appropriate to leave this issue open. Custom SSH port support not working isn't a bug, its a request for a new feature and those are better handled on the discussion repo.

Hope that makes sense!

@cpu As for the user is there a way to change the port? Any suggestion?
Can you add this feature?
I already opened an issue there, I will update it.

@cpu As for the user is there a way to change the port? Any suggestion?

My suggestion is to use a supported provider. I don't have suggestions off the top of my head for how to use a custom SSH port.

Can you add this feature?

Sorry, I don't think its important to prioritize and I don't have any time to volunteer to the task. If you figure it out and submit a pull request I will try to review it.

@cpu Can someone explain me how works the ANSIBLE_SSH_USER environmental variable?
My idea is to introduce somehow the ANSIBLE_SSH_PORT environmental variable based on the user one.

I've lost track of why you have a port 2222; this (closed) PR isn't particularly interesting without it. Anyway, if you'd like to keep 2222 open on localhost installs, see https://github.com/StreisandEffect/streisand/blob/master/playbooks/roles/ufw/tasks/main.yml and absolutely no promises it might work.

@nopdotcom port 2222? port 22 is the default port for ssh.
Is not a firewall problem, the ISP of my server block all common ports. It stated that I can use port 22 but it is not true.
After some attempts I finally found some open ports.
That is why I NEED a custom port.
Canyou explain me how works the ANSIBLE_SSH_USER environmental variable?
My idea is to introduce somehow the ANSIBLE_SSH_PORT environmental variable based on the user one.

@cpu Is python2 required? Is possible to use the 3?

What does the README process do?

@nopdotcom do you know if can I use python3?

Can this help me? the README is the text file that explains how use streisand.

What does the README process do?

Any information is appreciated.

Was this page helpful?
0 / 5 - 0 ratings