Ansible: SSH Error: unix_listener: too long for Unix domain socket

Question

This is a known issue and I found a solution but it's not working for me.

First I had:

fatal: [openshift-node-compute-e50xx] => SSH Error: ControlPath too long
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.

So I created a ~/.ansible.cfg. The content of it:

[ssh_connection]    
control_path=%(directory)s/%%h‐%%r

But after rerunning my ansible I stil have an error about 'too long'.

fatal: [openshift-master-32axx] => SSH Error: unix_listener: "/Users/myuser/.ansible/cp/ec2-xx-xx-xx-xx.eu-central-1.compute.amazonaws.com-centos.AAZFTHkT5xXXXXXX" too long for Unix domain socket
    while connecting to 52.xx.xx.xx:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.

Why is it still too long?

Answer 1

The limit is 104 or 108 characters. (I found different statements on the web)

You XXXed out some sensitive information in the error message so it's not clear how long your path actually is.

I guess %(directory)s is replaced with the .ansible directory in your users folder. Removing that and using directly your user folder would save you 12 characters:

control_path=~/%%h‐%%r

^{Sure, that will spam your home directory with control sockets.}

Depending on the actual length of your username, you could see if you can just create another directory or find a shorter path anywhere. For example, I use ~/.ssh/tmp/%%h_%%r

Only 3 chars less but it's enough.

Finally if none of that helps, you still could fall back using /tmp for storing the sockets. But be aware that anyone with access to /tmp on that machine might be able to use your sockets then.

Answer 2

Customizing the control_path solves the problem for me. Here is how to do it without spamming the home directory.

The control_path defaults to (documentation):

control_path=%(directory)s/ansible-ssh-%%h-%%p-%%r

Edit ansible config.

vim ~/.ansible.cfg

Here are sample file contents with new control_path value:

[defaults]
inventory=/etc/ansible/hosts

[ssh_connection]
control_path=%(directory)s/%%h-%%r
control_path_dir=~/.ansible/cp

Answer 3

Just to add more, as the error shows this problem generally happens when the control path is too long for Unix domain socket, hence, to specific to ansible.

You can easily fix this by updating your config file to use the %C format instead of %r@%h:%p as follow:

$ mkdir ~/.ssh/control 
$ vim ~/.ssh/config 
Host *
  ControlPath ~/.ssh/control/%C
  ControlMaster auto

More Detail: man ssh_config defines the %C format as 'a hash of the concatenation: %l%h%p%r'. And refer here.