I wish to list down all the hosts where it first checks for working telnet on port 22. If telnet succeeds; it should check for passwordless ssh and list down all hosts where telnet works but passwordless ssh fails.
The below playbook helps with the first part of checking all hosts where telnet works.
- name: Play 2- check telnet nodes
hosts: localhost
user: axmwapp
vars:
ansible_ssh_extra_args: -o StrictHostKeyChecking=no
ansible_ssh_private_key_file: /app/axmw_id_rsa
tasks:
- name: Check all port numbers are accessible from current host
include_tasks: /app/checkssh/innertelnet.yml
with_items: "{{ groups['all_hosts'] }}"
cat /app/checkssh/innertelnet.yml
---
- wait_for:
host: "{{ item }}"
port: 22
state: started
delay: 0
timeout: 2
ignore_errors: yes
register: netstatoutput
delegate_to: localhost
- set_fact:
telnetcheck: "{% if netstatoutput.failed == 'False' %} 'OPEN' {% else %} 'BLOCKED' {% endif %}"
when: "{{ netstatoutput.failed }}"
- debug:
msg: "Telnet works on {{ item }}"
when: not netstatoutput.failed
From the above successful telnet IPs, I wish to check & report hosts where passwordless ssh fails. But, I'm not sure how-to ?
I tried the below but it becomes interactive and prompts for a password rather than checking all seccessful telnet hosts for passwordless ssh.
- name: Check ssh connectivity
raw: "ssh -i {{ ansible_ssh_private_key_file }} root@{{ item }} echo success"
register: sshcheck
delegate_to: localhost
when: not netstatoutput.failed
- set_fact:
sshcheck: "Telnet Works but SSH Fails"
when: not netstatoutput.failed and sshcheck.rc != 0
- debug:
msg: "INNERSSH: {{ sshcheck }}"
when: not netstatoutput.failed and sshcheck.rc != 0
Can you please guide?