How to login with root password when using Ansible tool

I

need to run a Linux command over 20 servers using a root user and password in Ansible too. How do I pass a user and password in Ansible over ssh based session? How can I set a default Ansible username/password for ssh connection?

 

There are two ways to solve this problem.

Method #1: Force username and password while using ssh

The syntax is:

export ANSIBLE_HOST_KEY_CHECKING=false

ansible –user {user} –ask-pass -i {inventory} {hostname} -a  command  -c paramiko

ansible –user root –ask-pass -i ~/myhosts www1 -a  uptime  -c paramiko

ansible –user root –ask-pass -i ~/myhosts cluster -a  /bin/date  -c paramiko

 

First create an inventory file using cat command:

$ cat inventory

[cluster]

ln.cbz01

ln.cbz01

ln.cbz01

ln.cbz01

 

For example, run date command on all hosts in cluster with root user and prompt for root user password, run:

$ export ANSIBLE_HOST_KEY_CHECKING=false

$ ansible –user root –ask-pass -i inventory cluster\

-a  /bin/date  -c paramiko

 

Sample outputs:

Fig.01: Setting up default Ansible username/password for ssh connection

 

Where,

export ANSIBLE_HOST_KEY_CHECKING=false : Host key checking enabled by default and it can be disabled with this option. Otherwise you may get an error that read as ‘The authenticity of host ‘ln.cbz01’ can’t be established.‘

–user root :Connect as root user for ssh.

–ask-pass : Ask for connection password for ssh.

-i inventory : Set inventory file name.

cluster : Set host names or variable

-a  /bin/date  : Run /bin/date command all given hosts

-c paramiko : Use paramiko module for ssh connection.

Please note that SSH keys are recommended but password authentication can be used as explained earlier. See method #2 below for more info on how to setup ssh keys for login.

A note about setting up the connection type and user on a per host basis in inventory file

The syntax is:

$ cat inventory

[cluster]

ln.cbz01 ansible_connection=ssh ansible_user=vivek

ln.cbz01 ansible_connection=ssh ansible_user=root

ln.cbz01 ansible_connection=ssh ansible_user=root

######### WARNING #################

never do the following i.e. never store

the root account ssh password to use in

a text file

####################################

ln.cbz01 ansible_connection=ssh ansible_user=root ansible_ssh_pass=foo

Method #2: Set and use ssh keys (recommended)

Create ssh keys if not created, run:

[ Set password for your keys ] ##

$ ssh-keygen -t rsa

[ Copy pub key to all remote boxes ] ##

$ ssh-copy-id -i $HOME/.ssh/id_rsa.pub root@ln.cbz01

$ ssh-copy-id -i $HOME/.ssh/id_rsa.pub root@ln.cbz02

$ ssh-copy-id -i $HOME/.ssh/id_rsa.pub root@ln.cbz03

$ ssh-copy-id -i $HOME/.ssh/id_rsa.pub root@ln.cbz04

[ Test it ] ##

$ ssh root@ln.cbz01

[ Set up SSH agent to avoid retyping passwords ] ##

$ ssh-agent bash

$ ssh-add ~/.ssh/id_rsa

[ Run ansible ] ##

$ ansible all -m ping

$ ansible -i inventory cluster -a  /bin/date

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *