'--ssh-extra-args="-o IdentitiesOnly=yes"' should be included by default

[j4m3s]

Even when you specify a private key, ssh will still try to iterate through the keys in a user's .ssh directory unless the IdentitiesOnly flag is set to yes. As a result, ssh as called by ansible will make several failed connection attempts before it finally hits the key specified as --private-key or in the ENV variable.

While that's fine when sshd is set up to accept multiple attempts, once you have set MaxAuthTries to 1 (in sshd.conf), ansiblepush fails because ansible doesn't get a second bite at the cherry.

This setting is already used for net-ssh for the kitchen login command, so that still works (it's config param :keys_only => true), but of course that isn't used for the ansible run, leading to inconsistent behaviour where kitchen login works but kitchen converge (using ansiblepush) doesn't.

As a workaround I am using raw_arguments: '--ssh-extra-args="-o IdentitiesOnly=yes"' in my .kitchen.yml file.

The proper fix would probably be to include --ssh-extra-args="-o IdentitiesOnly=yes" when you're building the options string (somewhere around line 118 of ansible_push.rb)

[ahelal]

Hey that does make sense. Would be cool if you can make PR. if you cant I can try to do that when I have time.

[j4m3s]

I'll do a PR now I know you're OK with it :)
On 5 Jun 2016 15:47, "Adham Helal" notifications@github.com wrote:

Hey that does make sense. Would be cool if you can make PR. if you cant I
can try to do that when I have time.

—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
#19 (comment),
or mute the thread
https://github.com/notifications/unsubscribe/AB6AkxyBi4qsmAhxlVDgC-WbvP3vNPGuks5qIuF8gaJpZM4IuW27
.