If you want use Ansible with 100 or 1000 host, is not good idea start to connect using the -k option via password authentication. It is not a common practice as you can cause significant overhead in terms of manual intervention.
Ansible is best implemented using a common user across all Ansible controlled systems with ssh-keygen and ssh-copy-id command can facilitate creating a pre-shared key for user authentication.
- Create an ansible user: su -u ansible
- Change the password: sudo passwd ansible
- Crate the keygen: ssh-keygen please use password empty, you don’t need it
- Copy the keygen in the remote location: ssh-copy-id firstname.lastname@example.org
- Try to access to email@example.com should be accessible without password
Also the /etc/sudoers may be changed to allow sudo command without password for the automated configuration using: ansible ALL=(ALL:ALL) NOPASSWD: ALL
After you should elevate your privilege using: sudo -i and without password to be root on the system.
To test you can use : ansible all -m ping
- Previous Post