I've been doing a lot of research on why I couldn't get ssh forwarding to work with Ansible.
I think I've found a bug (in ssh) regarding how it performs authentication, the behavior varies depending on how you express the command line arguments. http://stackoverflow.com/questions/20952689/vagrant-ssh-agent-forwarding-how-is-it-working?noredirect=1#comment31511341_20952689 In a nutshell . if you execute SSH like so: ssh -o HostName=127.0.0.1 -o User=vagrant -o......... SSH Agent forwarding doesn't work, regardless of how you specify the remaining options. But if you execute it like so, it does: ssh [email protected] -o .......... It would be awesome if it executed the SSH command in that manner. On Saturday, January 4, 2014 7:01:55 PM UTC, Michael DeHaan wrote: > > The "ssh_alt" connection type as implemented by Jerome Wagner greatly > reduces the amount of operations performed over connections by not > transferring modules as files for many cases. It's pretty impressive. > > It can currently be tested on the development branch with "connection: > ssh_alt" in a play, or "-c ssh_alt". > > I would like this to become the default in Ansible devel, to be released > as the default in 1.5, in the next week or two. > > As such, if everyone using the SSH transport (aka anyone not running from > RHEL/CentOS/EPEL > and still using paramiko), as they normally use Ansible, this will be > greatly appreciated. > > I just recently merged in some tweaks to sudo password detection. > > If we can get it past encountering any problems, we'll remove the old > ssh.py and replace ssh_alt.py as ssh.py, and there will be no more > connection named "ssh_alt". > > Thank you! > > -- > Michael DeHaan <[email protected] <javascript:>> > CTO, AnsibleWorks, Inc. > http://www.ansibleworks.com/ > > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
