Ansible fails to construct desired ssh command

2019-07-29 12:32发布

My organisation has a policy in place that allows "only" the below ssh command to work.

ssh -i /tmp/private.key -t user2@host2 bash --noprofile

I tried to modify the ansible inventory host file to construct the above ssh. See my ansible host file below:

host2 ansible_ssh_common_args="-t -o UserKnownHostsFile=/dev/null" ansible_shell_executable=sh ANSIBLE_HOST_KEY_CHECKING=false ansible_ssh_private_key_file=/tmp/private.key  USER_RUN=user2

I also tried the below but they too fail

ansible_shell_executable=/bin/bash
ansible_ssh_extra_arg=.....

My ansible version is:

ansible --version

ansible 2.7.1

  config file = /etc/ansible/ansible.cfg

  configured module search path = [u'/home/user1/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']

  ansible python module location = /usr/lib/python2.7/site-packages/ansible

  executable location = /bin/ansible

  python version = 2.7.5 (default, Sep 12 2018, 05:31:16) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]

In debug i see that the ssh constructed by ansible does not have

bash --noprfile

after user2@target2

Please help provide a solution.

标签： ssh ansible

1条回答

smile是对你的礼貌

2楼-- · 2019-07-29 13:08

To achieve this, you can set the remote shell for specific hosts via

Inventory

some_host  ansible_shell_executable="/bin/bash --noprofile"
other_host ansible_shell_executable="/bin/bash --noprofile"

or globally via

ansible.cfg

executable = /bin/bash --noprofile

More information can be found in the ansible documentation.

Please note, that ansible additionally does sftp transfers under the hood.

IMHO if you want to use ansible in your organisation, it would be reasonable to change the policy.

0人赞添加讨论(0) 举报

Ansible fails to construct desired ssh command

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间