Support Ansible 12 (ansible-core 2.19) SSH_ASKPASS and password_mechanism

[moreati]

https://docs.ansible.com/ansible/devel/porting_guides/porting_guide_12.html#noteworthy-plugin-changes

https://github.com/ansible/ansible/pull/83936

[moreati]

refs #1258

[moreati]

Notes to self

• sshpass command, wraps ssh to inject password non-interactively. Last release 1.10 in 2023
• SSH_ASKPASS openssh environment variable, program that ssh will run to request a password if it has no terminal and DISPLAY is also set. Support
• SSH_ASKPASS_REQUIRE openssh >= 8.4 environment variable, {never|prefer|force} policy to decide when to use program in SSH_ASKPASS.
• ssh-askpass X11-based pass-phrase dialog
• ssh_connection.password_mechanism Ansible >= 12 SSH connection parameter, {ssh_askpass|sshpass|disable}

See

• https://sourceforge.net/projects/sshpass/
• https://manpages.debian.org/bookworm/openssh-client/ssh.1.en.html#ENVIRONMENT
• https://manpages.debian.org/bookworm/ssh-askpass/ssh-askpass.1.en.html
• https://docs.ansible.com/ansible/devel/collections/ansible/builtin/ssh_connection.html#parameter-password_mechanism

[moreati]

Ansible >= 12 (ansible-core >= 2.19) is able to act as an SSH_ASKPASS command, so it no longer requires sshpass to support connections using ansible_ssh_password.

[moreati]

CI is currently using sshpass 1.05 on localhost tests (macOS) https://github.com/mitogen-hq/mitogen/blob/08f0eca1c22cf45a1d8fb5159a907ea571a3a1b0/.ci/localhost_ansible_tests.py#L20-L28

it is pre-installed on Ubuntu test runners, e.g.

sshpass 1.09-1 -- https://github.com/actions/runner-images/blob/main/images/ubuntu/Ubuntu2204-Readme.md#installed-apt-packages