When using ansible 2.0 with pam-ssh-agent-auth, I got this error:
sudo: a password is required
I eventually tracked down this, and the fix was to add the following to my ansible.cfg file:
Hopefully this saves somebody else the trouble…
There’s a wonderful package called pam-ssh-agent-auth which allows sudo authentication via the SSH agent. This means no more typing passwords for sudo. Instead, just connect with
ssh -A to forward your agent, and then use sudo without a password.
Installation is fairly simple, there are lots of walkthroughs around. First, grab this ppa, then add your SSH pub key to
sudo visudo and add
DefaultsÂ Â Â env_keep += "SSH_AUTH_SOCK", then edit
/etc/pam.d/sudo and add
auth sufficient pam_ssh_agent_auth.so file=/etc/security/authorized_keys after the other
I deployed it all with puppet, but I think that’s everything.