Have you looked at http://alexbilbie.com/2014/07/using-ansible-with-a-bastion-host/
On Wed, Sep 16, 2015 at 9:34 PM, Agent Gh <[email protected]> wrote: > From our jump box, we sudo su - to root and then ssh into the other hosts > as root. (I understand the security risks, but I don't have control over > this setup) > > I'm wondering if I can setup ansible to that it connects to the jump box > as my user, then does a sudo su -, so that when it sshes over to the > targets, its actually connecting to them as root. > > > I know it's possible to use proxycommand to make use of a jump box, but > the sudo su -, I haven't figured out. > > The only variable I can control here is the box I'm originating from. > Details that I don't have control over: > > - I can't install ansible on the jump box. > - My user isn't on the target hosts, only root. > - Root password is not known, we use private keys, which are only on > the jump box. > - I cannot copy those keys to my box. > - I can't ssh to the jump box as root. > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/6ee5ec4c-c6a5-44aa-94ea-e79434d3278f%40googlegroups.com > <https://groups.google.com/d/msgid/ansible-project/6ee5ec4c-c6a5-44aa-94ea-e79434d3278f%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAAy3_-gniSgxwKKS_4NkrmXAn9%2BTb4XcrtRML2CALHJoru%3DPdA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
