Forum Discussion
Nimbostratusneed a way to get the DEFAULT cipher string via a yaml script
NacreousThere might be other ways to retrieve this, but I tried using cli transport (SSH) and it worked. This needs paramiko plugin installed for SSH.
---
- name: find cipher
hosts: bigip
connection: local
vars_files:
- secret
- f5
vars:
provider:
password: "{{ secret }}"
user: "{{ uid }}"
server: bigip
server_port: 22
transport: cli
tasks:
- name: find cipher
bigip_command:
commands:
- bash
- tmm --clientciphers DEFAULT
provider: "{{ provider }}"
Kevin_NailHey Sanjay,
Thanks for the reply, I tried your suggestions and it still fails but I get a different error this time:
TASK [check the default cipher] *************************************************************************************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: socket.timeout: The read operation timed out
Here is the new code:
- name: check the default cipher
bigip_command:
commands:
- bash
- tmm --clientciphers DEFAULT | grep -i {{ cipher_string }}
provider: "{{ provider }}"
delegate_to: localhost
register: cipher_out
ignore_errors: true
- debug:
msg: "{{ cipher_out }}"
- spalande
Please check if ssh port is allowed from the ansible server to bigip.
