Promlem with : ssh as regular user which has sudo priviledges, and execute tasks as sudo

Hi All,

I have a situation where, we need to disable the “root” user. and need to make configuration changes to linux servers using a regular(cafe3) user which has sudo privileges.
To achieve that, I am ssh in to server using “cafe3” using ansible, and mentioning the --sudo flag while executing it.

Ansible-Attempt-1:

~>ansible all --inventory-file=inv_my.yaml -m setup -u root --ask-pass –sudo-user=root --ask-sudo-pass --sudo
SSH password:
sudo password [defaults to SSH password]:
vcac148-085-217.eng.vmware.com | FAILED => Authentication failure.

Ansible-Attempt-2:
~>ansible all --inventory-file=inv_my.yaml -m setup -u root --ask-pass –sudo-user=cafe3 --ask-sudo-pass --sudo
SSH password:
sudo password [defaults to SSH password]:
vcac148-085-217.eng.vmware.com | FAILED => Authentication failure.

Manual attempt-3:
If I ssh in to server using user as cafe3, and try to run command like “sudo ls”. It works fine.
It does ask me for sudo password and I provided the same password as I did in attempt-1 and attempt-2 above.

Please help. Thanks in advance.

  • Dhruvin Shah

I believe you have some of your options a little backwards.

You specified that you cannot login as root, however ‘-u root’ specifies that you are attempting to connect via the root user.

You probably want:

ansible all --inventory-file=inv_my.yaml -m setup -u cafe3 --ask-pass --ask-sudo-pass --sudo

A few additional things:

  1. –sudo-user=cafe3 will tell ansible that you want to run the sudo commands as cafe3, you instead wants this to be ‘root’
  2. The default for --sudo-user is root so you can actually just leave that off

Thanks Matt. Appreciate your help and time.

So I tried the command which you posted, still no success.

ansible all --inventory-file=inv_my.yaml -m setup -u cafe3 --ask-pass --ask-sudo-pass --sudo -vv
SSH password:
sudo password [defaults to SSH password]:
<vcac148-085-217.eng.vmware.com> REMOTE_MODULE setup
vcac148-085-217.eng.vmware.com | FAILED => SSH encountered an unknown error during the connection. We recommend you re-run the command using -vvvv, which will enable SSH debugging output to help diagnose the issue

Please help me figure the problem with my usage or a workaround here.

Thanks,
Dhruvin Shah

As mentioned in the output, add -vvvv to your ansible command. It should help identify the issue.