There has been much wailing and gnashing of teeth regarding the default SSH/GPG agent in Ubuntu (the GNOME 3 “Passwords & Keys” app). It has several shortcomings and lacks some of the functionality that the standard tools have.

There seem to be many blog posts/serverfault questions/bug reports about this floating about. So, I thought I’d post the solution that worked for me. To be clear, this is on Ubuntu 17.10. Reference here

First, disable the GNOME keyring app from starting up in the first place, ~/.config/autostart/gnome-keyring-ssh.desktop should look like this:

[Desktop Entry]
Type=Application
Name=SSH Key Agent
Comment=GNOME Keyring: SSH Agent
Exec=/usr/bin/gnome-keyring-daemon --start --components=ssh
OnlyShowIn=GNOME;Unity;MATE;
X-GNOME-Autostart-Phase=PreDisplayServer
X-GNOME-AutoRestart=false
X-GNOME-Autostart-Notify=true
X-GNOME-Bugzilla-Bugzilla=GNOME

I was a bit besotted with being able to develop ansible code using an on-premise Vsphere cluster as a substrate. As I was developing a single-machine ELK stack for testing, I needed something a bit more beefy than virtualbox on my poor overworked laptop, and of course vagrant provides a quick and easy way to spin up a machine from scratch and apply your ansible code to it.

So much for my $DAYJOB, but for my freelance projects and other stuff, I’d quite like the ability to do the same thing on a public cloud provider. DigitalOcean, despite a few problems, is probably the cheapest/easiest API-driven public cloud at the moment., so I found the DigitalOcean Vagrant Provider.

This provider takes a Vagrantfile similar to that of the Vsphere one, however it needs to contain a secret which you probably don’t want to include in your next git commit, so I wrote the following which will execute a...

Use jinja2 filters to grab the 192.168.x.x address from a machine with multiple NICs:

{{ ansible_all_ipv4_addresses | ipaddr('192.168.0.0/16') | first }}

Of course, this assumes that you don’t have 2 NICs on the same subnet in the one system. If you want to deal with that, I’m sure there’s a way to do it, but unfortunately it’s not right here right now :)

OK, 4 years down the line, here’s my next pearl of wisdom. I’m not going to make statements about keeping this blog updated, because, as you can see, they generally fail :)

I’m working with vagrant boxes running on a VMware vsphere cluster (perhaps some details of that in a later blog post)..

I’d like to run “ansible -m setup” against it so that I can see what facts I can grab for a role.

First I tried this:

$ ansible -i .vagrant/provisioners/ansible/inventory/vagrant_ansible_inventory default -m ping

..but it failed with this message:

 default | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: Received disconnect from 10.1.1.1 port 22:2: Too many authentication failures\r\nAuthentication failed.\r\n",
    "unreachable": true
}

So, I attempted to debug by looking at what vagrant was doing when running vagrant ssh

$ export