ansible-plugin icon indicating copy to clipboard operation
ansible-plugin copied to clipboard

Published 20 hours ago verified publisher icon rundeck-plugins

Unable to connect when using ansible_ssh_pass

Open craph opened this issue 5 years ago • 5 comments

Hello,

I am unable to view my nodes in the rundeck interface. I have create as mention in the documentation an inventory.ini file like this :

[test-group]
local-thing      ansible_connection=local      ansible_python_interpreter=/usr/bin/python3
my-first-server  ansible_host=1.2.3.4          ansible_user=root    ansible_ssh_pass=SUPER_SECRET

But I have the following error in the log of rundeck : FAILED! => {"msg": "to use the 'ssh' connection type with passwords, you must install the sshpass program"

but when I connect to the docker container I cannot install sshpass because I don't have the password for the sudo...

Can you help me ?

Best regards,

craph avatar Apr 02 '19 14:04 craph

The package sshpass is missing in the DockerFile. Could you add it please ?

Thank you very much.

craph avatar Apr 02 '19 15:04 craph

Done. Can you try with 3.0.1?

frozenice avatar Apr 02 '19 16:04 frozenice

It is strange how the plugin set the ansible command. If you select to use password and set an user, the command will use --ask-password and the ansible-playbook command hangs because rundeck do not answer to the prompt "SSH password:" generated by ansible. If you omit the password inside rundek interface, the plugin completely ignore ssh user and password set in the hosts.ini I think because it pass the extra var file that is in tmp Basically it is not possible to correctly setup a connection with user and password defined in the hosts.ini We need to pass in any case an hosts.ini why you do not simplify things and launch only the ansible-playbook and keep users to manage autentication via standard hosts.ini vars and ansible.cfg?

zopar avatar Oct 25 '19 21:10 zopar

Ok I confirm the issue: you pass extra vars in your command, this take precedence over ansible_ssh_user and password set in hosts.ini. For example if you set gather fact this include the extra vars and does not works, if you remove gather facts, it works because you do not set extra vars and ansible uses user and password from hosts.ini . If you set the password inside rundeck, the command use --ask-pass and this is incorrect because this prompt password and you do not want this because you are in "background" not in a terminal.

Possible fix: if an user select to use, user and password, do not use --ask-pass but insert the user and password inside your extra vars file, so user do not needs to specify it on hosts.ini But remember this limit the possibility to specify multiple user and password by ansible groups.

I think the better option is to disable this type of options from interface and simply use classical hosts.ini that is more flexible.

zopar avatar Oct 25 '19 22:10 zopar

Any news on this issue ?

craph avatar Feb 12 '20 12:02 craph