[ansible-project] Check if passwordless ssh works after checking telnet from localhost

Mon, 27 Jul 2020 20:58:09 -0700 

I wish to list down all the hosts where it first checks for working telnet 
on port 22. If telnet succeeds; it should check for passwordless ssh and 
list down all hosts where telnet works but passwordless ssh fails.

The below playbook helps with the first part of checking all hosts where 
telnet works. 

 - name: Play 2- check telnet nodes

  hosts: localhost
  user: axmwapp
  vars:
    ansible_ssh_extra_args: -o StrictHostKeyChecking=no
    ansible_ssh_private_key_file: /app/axmw_id_rsa
  tasks:


   - name: Check all port numbers are accessible from current host
     include_tasks: /app/checkssh/innertelnet.yml
     with_items: "{{ groups['all_hosts'] }}"

cat /app/checkssh/innertelnet.yml

---
       - wait_for:
           host: "{{ item }}"
           port: 22
           state: started
           delay: 0
           timeout: 2
         ignore_errors: yes
         register: netstatoutput
         delegate_to: localhost

       - set_fact:
           telnetcheck: "{% if netstatoutput.failed == 'False' %} 'OPEN' {% 
else %} 'BLOCKED' {% endif %}"
         when: "{{ netstatoutput.failed }}"

       - debug:
           msg: "Telnet works on {{ item }}"
         when: not netstatoutput.failed

>From the above successful telnet IPs, I wish to check & report hosts where 
>passwordless ssh fails. But, I'm not sure how-to ?

I tried the below but it becomes interactive and prompts for a password rather 
than checking all seccessful telnet hosts for passwordless ssh. 

       - name: Check ssh connectivity
         raw: "ssh -i {{ ansible_ssh_private_key_file }} root@{{ item }} echo 
success"
         register: sshcheck
         delegate_to: localhost
         when: not netstatoutput.failed

       - set_fact:
           sshcheck: "Telnet Works but SSH Fails"
         when: not netstatoutput.failed and sshcheck.rc != 0

       - debug:
           msg: "INNERSSH: {{ sshcheck }}"

         when: not netstatoutput.failed and sshcheck.rc != 0 

Can you please guide?


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/f5be0db5-134d-4bab-b9c0-c56b2feb2387o%40googlegroups.com.

Reply via email to