Ansible Passing sudo and ssh password without prompting - anishnath/ansible GitHub Wiki
Reference 8gwifi.org
Ansible Privilege Escalation Options
Ansible Passing SSH Connection password
Connection options -k, --ask-pass ask for connection password
[ansible@controller ~]$ ansible -m ping all -k
SSH password:
172.16.9.4 | SUCCESS => {
"changed": false,
"ping": "pong"
}
Privilege Escalation Options:
-K, --ask-become-pass
[ansible@controller ~]$ ansible -m ping all -k -K
SSH password:
SUDO password[defaults to SSH password]:
172.16.9.4 | SUCCESS => {
"changed": false,
"ping": "pong"
}
Once the sshagent is setup for on the next ansible run connection password and priviledge escalaltion option is not required
[ansible@controller ~]$ ansible -m ping all
172.16.9.4 | SUCCESS => {
"changed": false,
"ping": "pong"
}
Using ansilbe-playbook to automate the both SSH and SUDO Password
Define the Ansible variable (Unsafe mode) in the group_vars/all.yml
- ansible_ssh_pass
- ansible_become_pass
[ansible@controller ~ ]$ cat group_vars/all.yml
ansible_ssh_pass: ansibleansible
ansible_become_pass: ansibleansible
Define the ping tasks for the ansible playbook
[ansible@controller opt]$ cat ping.yml
---
- hosts: all
gather_facts: false
become: true
tasks:
- ping:
Run the Playbook
[ansible@controller ~ ]$ ansible-playbook ping.yml
PLAY [all] *********************************************************************
TASK [ping] ********************************************************************
ok: [172.16.9.4]
PLAY RECAP *********************************************************************
172.16.9.4 : ok=1 changed=0 unreachable=0 failed=0
**Note Utilize Ansible Vault for the Encrypting Passwords **