Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Image should include 'sshpass' package by default #101

Closed
MalikKillian opened this issue Apr 3, 2022 · 0 comments · Fixed by #112
Closed

Image should include 'sshpass' package by default #101

MalikKillian opened this issue Apr 3, 2022 · 0 comments · Fixed by #112
Assignees
@cytopia
Labels
enhancement New feature or request

Comments

@MalikKillian
Copy link

Although it's probably ill-advised, connecting to a remote node with password authentication is still a valid use-case for Ansible. However, after much experimenting it seems clear that docker-ansible does not support password authentication out of the box.

These should be the minimum steps to reproduce:

  1. Create a new inventory file containing a single host that allows SSH password authentication.
[server01]
# Docker container running SSHD, root login is allowed
127.0.0.1 ansible_port=49153 ansible_ssh_user=root
  1. Run a simple ping test using ansible:latest-tools (should apply to any version really).
$ docker run --rm -it \
  -e USER=ansible \
  -v $(pwd):/data \
  cytopia/ansible:latest-tools ansible all --ask-pass -i temp-inventory -m ping
  1. Enter the remote user's password when prompted.
[INFO] Running container with user 'ansible'
[INFO] Adjusting local user with uid:1000 and gid:1000
[INFO] Adjusting ownership on directory: ~/.gnupg/
[INFO] Adjusting ownership on directory: ~/.ssh/
[INFO] ansible> ansible all --ask-pass -i temp-inventory -m ping
SSH password:

The result will be a failure with this message:

127.0.0.1 | FAILED! => {
    "msg": "to use the 'ssh' connection type with passwords or pkcs11_provider, you must install the sshpass program"
}

Running the following commands demonstrates that adding the sshpass package should be all that is needed to provide password authentication:

$ docker run --rm -it \
  -v (pwd):/data \
  --net=host \
  cytopia/ansible:latest-tools sh
[INFO] root> sh
/data # apk add sshpass
fetch https://dl-cdn.alpinelinux.org/alpine/v3.13/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.13/community/x86_64/APKINDEX.tar.gz
(1/1) Installing sshpass (1.06-r0)
Executing busybox-1.32.1-r7.trigger
OK: 111 MiB in 86 packages
/data # ANSIBLE_HOST_KEY_CHECKING=False ansible all --ask-pass -i temp-inventory -m ping
SSH password: 
[WARNING]: Platform linux on host 127.0.0.1 is using the discovered Python interpreter at /usr/bin/python3.9, but future installation of another Python interpreter could
change the meaning of that path. See https://docs.ansible.com/ansible-core/2.12/reference_appendices/interpreter_discovery.html for more information.
127.0.0.1 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3.9"
    },
    "changed": false,
    "ping": "pong"
}
@MalikKillian MalikKillian mentioned this issue May 10, 2022
Closed
cytopia added a commit that referenced this issue Nov 12, 2022
@cytopia
Fixes #101 Add sshpass binary to infra flavour
24b289f
@cytopia cytopia mentioned this issue Nov 12, 2022
Merged
@cytopia cytopia self-assigned this Nov 12, 2022
@cytopia cytopia added the enhancement New feature or request label Nov 12, 2022
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@cytopia cytopia

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Enhancement Build cytopia/docker-ansible
2 participants
@MalikKillian @cytopia