The best way to approach this - is to install your key to ssh authorized_keys for root user onto remote server.

The synchronize command (up to at least Ansible 1.6.6) seems to ignore the normal SSH control socket opened by Ansible. Your task could expand to the following:

{
    "cmd": "rsync --delay-updates -FF --compress --archive
        --rsh 'ssh  -o StrictHostKeyChecking=no'
        --out-format='<<CHANGED>>%i %n%L'
        /home/me/src/ user@host:/dest/",
    "failed": true,
    "rc": 23
}

To get these details, run your playbook with the -v option. As a workaround for this, you can start ssh-agent and add cache your SSH key with ssh-add. Refer to their manual pages for details.

Extra caveats with the synchronize module:

• When run with sudo: yes, ansible will run with --rsh 'sudo ssh' which will break if the remote sudo configuration requires a password and/ or TTY. Solution: set sudo: no in your task definition.
• The user that logs into the remote machine is your SSH user (ansible_ssh_user), not the sudo user. I have not found a way to override this user (besides an untested method that overrides the user with -o User option via one of the other options (dest_port="22 -o User=your_user"?) in combination with set_remote_user=yes).

This is taken from my tasks file:

- name: sync app files
  sudo: no
  synchronize: src={{app_srcdir}}/ dest={{appdir}}/
               recursive=yes
               rsync_opts=--exclude=.hg
# and of course Ubuntu 12.04 does not support --usermap..
#,--chown={{deployuser}}:www-data
# the above goes bad because ansible_ssh_user=user has no privileges
#  local_action: command rsync -av --chown=:www-data
#                 {{app_srcdir}}
#                 {{deployuser}}@{{inventory_hostname}}:{{appdir}}/
#  when: app_srcdir is defined
# The above still goes bad because {{inventory_hostname}} is not ssh host...

I think by default synchronize is explicitly setting a username on the rsync command - you can prevent this and allow rsync to work from your ssh config file.

http://docs.ansible.com/synchronize_module.html

set_remote_user put user@ for the remote paths. If you have a custom ssh config to define the remote user for a host that does not match the inventory user, you should set this parameter to "no".

I have a remote user configured in my ssh config and needed to add set_remote_user=no to get synchronize to work, otherwise it tried to use the wrong username and neither ssh key nor password would work.

Disabling tty_tickets in /etc/sudoers on the remote machine fixes this problem (at the cost of slightly reduced security). E.g.,

#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults        env_reset,!tty_tickets
# ...

I tried using the copy module but it takes way too much time. So to make the synchronize module works, I will do the following. It is not perfect but at least it works.

1. change the ownership and permissions of the destination remote folder to the user I am using

2. use synchronize without sudo

3. set back the ownership and permissions of the destination remote to what I wanted before