Hello all,
one thing is not clear to me about ansible. On all my Linux VM the root ssh access, for security reasons, is blocked. So the ad-hoc, playbook access only works via a non-administrative user. But then, for example, to install something on the Linux VM, how do you change the user to root? I don’t want to work with ssh and public keys in my small environment and the root ssh access should remain closed.
Thanks for any feedback
reredok
Use “become”.
Explained in detail here
https://docs.ansible.com/ansible/latest/user_guide/become.html
Hello,
i tried everything possible with “become” in the playbook:
Either the password is wrong or a password is needed.
To rule out that I have a problem with root, I temporarily set PermitRootLogin Yes in /etc/ssh/sshd_config and then it works.
I have looked at the ansible documentation which I may not understand in full. Again for understanding:
There is an “ansible_user” who connects remotely via ssh and I give him the password in the “Inventory” with ansible_ssh_pass. In the “playbook” I set “become: yes”," become_user: root", “become_method: sudo”. This then changes the ssh user to root and runs my “apt:” command.
Do you have an example that works for you? Thanks a lot
This is more of a Unix question than an ansible question.
Your login ID should not be root.
Your sudo file ,on destination host, should have your login ID defined with appropriate permissions.
Use ssh keys for your login ID
Hope this helps.
The thing that works for me is:
$ ansible all -m command -a ’sudo uptime’ -o
I get no errors and I get a response from all my servers.
To verify permissions for the login user use `sudo -l `
this does NOT require root logins.