Is there a way to specify a password for the SSH session in config file or CLI
6,297 views
Skip to first unread message
techraf
Oct 25, 2015, 12:45:23 AM10/25/15
to Ansible Project
Is it possible to specify a password for the SSH connection in Ansible (the initial connection not the one for sudo) in a non-interactive way (ie. in config file or a command)?
The configuration file in Ansible has the option `ask_pass` to prompt user to input the password (works ok), but I would like to hardcode the default Raspberry Pi's password (which is "raspberry" on the original image) for the purpose of unattended configuration of new Pis.
Jason Gilfoil
Oct 25, 2015, 2:48:37 AM10/25/15
to Ansible Project
You can just use the ansible_ssh_pass parameter:
- name: some task
shell: "echo 'hello world'"
ansible_ssh_pass: raspberry
techraf
Oct 25, 2015, 9:19:15 AM10/25/15
to Ansible Project
You mean a parameter in the playbook? Never thought it was possible, but I tried your suggestion and it did not work. I got the following (I am using 1.9.4 now):
The link you mentioned is however a description of the parameters for the inventory file. And it works, but I forgot to mention that I do not want to use the inventory file and provide the IP address of the destination machine as a command-line parameter (that's why I asked this question - if the "syntax with comma" would allow passing parameters, I could do it).
ERROR: ansible_ssh_pass is not a legal parameter in an Ansible task or handler
The link you mentioned is however a description of the parameters for the inventory file. And it works, but I forgot to mention that I do not want to use the inventory file and provide the IP address of the destination machine as a command-line parameter (that's why I asked this question - if the "syntax with comma" would allow passing parameters, I could do it).
Summary of my goal (initial configuration only, before I upload the ssh keys with Ansible):
- pass the destination IP address as a command-line parameter for `ansible-playbook` command
- hardcode user name "pi" (now in ansible.cfg)
- hardcode password 'raspberry" (in ansible.cfg, as a command-line parameter or elsewhere, but not in the inventory file which I do not intend to use)
Jason Gilfoil
Oct 25, 2015, 1:04:06 PM10/25/15
to Ansible Project
My mistake. I thought i'd used it previously in a playbook, but when i went back and looked it was commented out.
So If i'm understanding all your requirements properly. I think this should work(and i've tested it this time).
ansible-playbook -i 192.168.0.1, playbook.yml --extra-vars "ansible_ssh_pass=rapsberry"Message has been deleted
techraf
Oct 25, 2015, 6:52:12 PM10/25/15
to Ansible Project
Thank you. That's the solution.
But... I would like to ask if your example really did work for you?
I managed to do what I wanted, but in addition I also had to pass a variable to hosts in playbook:
ansible-playbook -i 192.168.0.1, playbook.yml --extra-vars "newpi=192.168.0.1 ansible_ssh_pass=raspberry"
and use:
- hosts: '{{ newpi }}'
in the playbook.yml
Is there a way that makes passing the newpi unnecessary?
Jason Gilfoil
Oct 25, 2015, 10:03:22 PM10/25/15
to Ansible Project
Hmm, well in my test playbook, i just had
- hosts: all
I'm guessing that's why I didn't need to pass the additional variable.
techraf
Oct 26, 2015, 7:12:50 AM10/26/15
to Ansible Project
Great! I was dragging my trial-and-error results. Now its (your version) in the simplest possible form, I guess.
Thank you again.
Reply all
Reply to author
Forward
0 new messages