Blog

03/06/2019

How to login with root password when using Ansible tool



I need to run a Linux command over 20 servers using a root user and password in Ansible too. How do I pass a user and password in Ansible over ssh based session? How can I set a default Ansible username/password for ssh connection?

There are two ways to solve this problem.

Method #1: Force username and password while using ssh

The syntax is:
export ANSIBLE_HOST_KEY_CHECKING=false
ansible --user {user} --ask-pass -i {inventory} {hostname} -a "command" -c paramiko
ansible --user root --ask-pass -i ~/myhosts www1 -a "uptime" -c paramiko
ansible --user root --ask-pass -i ~/myhosts cluster -a "/bin/date" -c paramiko

First create an inventory file using cat command:
$ cat inventory
[cluster]
ln.cbz01
ln.cbz01
ln.cbz01
ln.cbz01

For example, run date command on all hosts in cluster with root user and prompt for root user password, run:
$ export ANSIBLE_HOST_KEY_CHECKING=false
$ ansible --user root --ask-pass -i inventory cluster
-a "/bin/date" -c paramiko

Sample outputs:

Fig.01: Setting up default Ansible username/password for ssh connection

Where,

  • export ANSIBLE_HOST_KEY_CHECKING=false : Host key checking enabled by default and it can be disabled with this option. Otherwise you may get an error that read as ‘The authenticity of host ‘ln.cbz01’ can’t be established.
  • --user root :Connect as root user for ssh.
  • --ask-pass : Ask for connection password for ssh.
  • -i inventory : Set inventory file name.
  • cluster : Set host names or variable
  • -a "/bin/date" : Run /bin/date command all given hosts
  • -c paramiko : Use paramiko module for ssh connection.

Please note that SSH keys are recommended but password authentication can be used as explained earlier. See method #2 below for more info on how to setup ssh keys for login.

A note about setting up the connection type and user on a per host basis in inventory file

The syntax is:
$ cat inventory
[cluster]
ln.cbz01 ansible_connection=ssh ansible_user=vivek
ln.cbz01 ansible_connection=ssh ansible_user=root
ln.cbz01 ansible_connection=ssh ansible_user=root
############### WARNING #################
## never do the following i.e. never store
## the root account ssh password to use in
## a text file
##########################################
ln.cbz01 ansible_connection=ssh ansible_user=root ansible_ssh_pass=foo

Method #2: Set and use ssh keys (recommended)

Create ssh keys if not created, run:
## [ Set password for your keys ] ##
$ ssh-keygen -t rsa
## [ Copy pub key to all remote boxes ] ##
$ ssh-copy-id -i $HOME/.ssh/id_rsa.pub root@ln.cbz01
$ ssh-copy-id -i $HOME/.ssh/id_rsa.pub root@ln.cbz02
$ ssh-copy-id -i $HOME/.ssh/id_rsa.pub root@ln.cbz03
$ ssh-copy-id -i $HOME/.ssh/id_rsa.pub root@ln.cbz04
## [ Test it ] ##
$ ssh root@ln.cbz01
## [ Set up SSH agent to avoid retyping passwords ] ##
$ ssh-agent bash
$ ssh-add ~/.ssh/id_rsa
## [ Run ansible ] ##
$ ansible all -m ping
$ ansible -i inventory cluster -a "/bin/date"

(adsbygoogle = window.adsbygoogle || []).push({});

Posted by: SXI ADMIN

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

14/08/2019

How to KVM, QEMU start or stop virtual machine from command line (CLI)

KVM or Kernel Based Virtual Machine is a popular virtualization technology. It allows you to run virtual guest machines over a host machine. To start...
14/08/2019

How to Docker backup Saving and restoring your volumes

Running a Docker volume backup First, we spin up a temporary container, and we mount the backup folder and the target Docker volume to this container....
12/08/2019

How to Start and Enable Firewalld on CentOS 7

In this article, we discuss how to start and enable firewalld. It is highly recommended that you have a firewall protecting your server.Pre-Flight CheckThese...