Hi, The following solution comes to mind - on the controller run a playbook that connects to the instances using the 'command' or 'shell' module (so delegate_to: localhost) and inspect the output of the ssh command. Based on the output of that playbook - create an inventory that stores ansible_ssh_user. If you rely on dynamic inventory - I suggest trying to figure out if you can Tag instances with information about the type of user to use and then hack the dynamic inventory script to turn those tags into 'ansible_ssh_user' variable.
kind regards Pshem On Fri, 12 Jul 2019 at 04:29, William Dossett <[email protected]> wrote: > Ok, when running this with -vvvv (managed to whittle down the output and > see what I think the problem is...) > > it connects and does not get a "server refused our key" type error... it > connects and then tells us to connect with another user and then closes the > session with no error message. > > Broken pipe\r\ndebug2: Received exit status from master 0\r\nShared > connection to 10.5.162.167 closed.\r\n", > "module_stdout": "Please login as the user \"ec2-user\" rather than > the user \"root\".\r\n\r\n", > "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", > "rc": 0 > > so we get a broken pipe.... unfortunately I have no idea how to handle > this. Anyone, any ideas? Tearing out what little hair I have left over > this :-( > > Bill > > > > On Thursday, July 11, 2019 at 10:15:45 AM UTC-6, William Dossett wrote: >> >> Hi, >> >> >> >> I tagged this onto the end of another question and didn’t get any >> answers… so am trying to figure it out myself, but the more I look at it >> the more I don’t understand. >> >> >> >> AWS Linux instances do not allow connecting via SSH as root by default… >> if you ssh as root, it tells you to connect as ec2-user and then just >> disconnects after a few seconds. >> >> >> >> So I am trying to create a playbook to connect to all AWS Linux >> instances, AWS, RHEL, Centos, Ubuntu. They have different users, so I am >> trying different users until it works and the run the rest of the playbook. >> (you can also have your own AMIs and instance that may only have root >> enabled) >> >> >> >> The problem is when I try to connect to this AWS Linux instance as root, >> it doesn’t fail. I get >> >> >> >> TASK [try users] >> ****************************************************************************************************************************** >> >> [WARNING]: Unhandled error in Python interpreter discovery for host >> 10.5.162.167: unexpected output from Python interpreter discovery >> >> >> >> [WARNING]: sftp transfer mechanism failed on [10.5.162.167]. Use >> ANSIBLE_DEBUG=1 to see detailed information >> >> >> >> [WARNING]: scp transfer mechanism failed on [10.5.162.167]. Use >> ANSIBLE_DEBUG=1 to see detailed information >> >> >> >> [WARNING]: Platform unknown on host 10.5.162.167 is using the discovered >> Python interpreter at /usr/bin/python, but future installation of >> >> another Python interpreter could change this. See >> https://docs.ansible.com/ansible/2.8/reference_appendices/interpreter_discovery.html >> for >> >> more information. >> >> >> >> ok: [10.5.162.167] >> >> >> >> So I am unable to fathom why it seems to be connected and finding a >> python interpreter at /usr/bin/python … how does it get that far and why >> doesn’t it just fail? >> >> >> >> It produces warnings, but ultimately an OK which means it will then try >> and run the rest of the playbook – I guess that would fail eventually, but >> that seems sloppy. If I connect as another user that doesn’t exist it >> fails with permission denied. >> >> >> >> Any advice would be greatly appreciated as I am about out of ideas right >> now. >> >> >> >> Thanks >> >> Bill >> >> >> >> >> > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/53e35651-63ba-4bf6-9a7f-c6267b5c851d%40googlegroups.com > <https://groups.google.com/d/msgid/ansible-project/53e35651-63ba-4bf6-9a7f-c6267b5c851d%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAEaZiRVeOdNoFNNfaE-SEeMrEUV%3DEYmtCKmh3nLemWvkksGDmA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
