'Ansible to run commands via SSH on remote hosts

I am having a problem connecting to some Checkpoint firewalls. They run a Linux, but I cannot install any Ansible.

- name: "Connecting to Checkpoint Firewalls"
  connection: ansible.netcommon.network_cli
  gather_facts: false
  hosts: checkpoint

  tasks:
    - name: Gather facts (asa)
      ansible.netcommon.cli_command:
        command:
          - clish
          - show hostname
          - show version all
          - show asset all
          - show interfaces all
          - show lom ip-address
          - show virtual-system all
      register: checkpoint_vars

    - name: Debug
      debug:
        vars: checkpoint_vars

In my inventory file I have set the network OS to IOS as I assumed that the ssh session would be the same. I have also set the SSH common args to sue a bastion host to get to the target devices.

[checkpoint:vars]
ansible_become=no
#ansible_become_method=enable
ansible_network_os=cisco.ios.ios
ansible_connection=network_cli
ansible_user=device_user
ansible_ssh_pass='whatthefuck'
ansible_ssh_common_args='-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o PreferredAuthentications=password -o PubkeyAuthentication=no -o KexAlgorithms=+diffie-hellman-group1-sha1 -o ProxyCommand="ssh -W %h:%p -q [email protected]"'

Now I get different error messages from the devices like

"msg": "unable to set terminal parameters"

or

"msg": "Error reading SSH protocol banner"

I assume that I should not use the network_cli to connect to a Linux system. But I have not found a way to use the Ansible builtin command to perform the action I need.

The problem is that I need to start a CLIsh shell first, then run multiple commands and capture the output.

UPDATE

So with help of the comments here I got it to work like this:

In the inventory file I use the SSH not Paramiko now:

ansible_connection=ssh

The Task looks like this:

 tasks:
    - name: Gather facts (Checkpoint GAIA)
      shell: |
         clish -c 'show hostname'
         sleep 2
         clish -c 'show version all'
         sleep 2
         clish -c 'show asset all'
      register: checkpoint_vars
ansible


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions