When running commands remotely, ansible will attempt to use ssh authentication.
The first time you ssh to a new host, it will require to validate the fingerprint:
root@f12d33c83ada:~# ansible all -i 172.17.0.3, -m ping
The authenticity of host '172.17.0.3 (172.17.0.3)' can't be established.
ECDSA key fingerprint is SHA256:ON9GHyGDFBtEvMDi1D6ZTZ+xPBPNsZzBcGmORUIn06g.
Are you sure you want to continue connecting (yes/no/[fingerprint])? ^C [ERROR]: User interrupted executionThis can be disabled by setting the host_key_checking to false:
root@f12d33c83ada:~# fgrep host_key ~/.ansible.cfg
host_key_checking=FalseThe next step is to decide if you are going to manually input the password every time you run your playbook.
To do this, you'll need to use the --ask-pass flag, and have ssh-pass installed on your system:
root@f12d33c83ada:~# ansible all -i 172.17.0.3, -m ping --ask-pass
SSH password:
172.17.0.3 | FAILED! => {
"msg": "to use the 'ssh' connection type with passwords or pkcs11_provider, you must install the sshpass program"
}After installing with apt install sshpass:
root@f12d33c83ada:~# ansible all -i 172.17.0.3, -m ping --ask-pass
SSH password:
[WARNING]: No python interpreters found for host 172.17.0.3 (tried ['python3.10', 'python3.9', 'python3.8', 'python3.7', 'python3.6',
'python3.5', '/usr/bin/python3', '/usr/libexec/platform-python', 'python2.7', 'python2.6', '/usr/bin/python', 'python'])Finally, to run playbooks without providing any password at all, use ssh-keygen and ssh-copy-id <user>@<host> to use key based authentication.