Adventures in Authentication with SSH
I recently ran into an interesting issue at work and I wanted to do a write up for someone else.
What you’ll need for your theorectical environment:
- AWX Server (or possibly just ansible)
- A Linux host
- A protected nodejs project in a git repo
- A nodejs project pulling a dependency from said repo via ssh
Effectively what I was doing was running an ansible playbook that executed npm install
the nodejs had two node modules which needed to be pulled from a git repo. What I thought would happpen was that the command would use the ssh key previously on the device. Instead, the playbook reused the ssh key that it had originally used to access the host. I was only able to determine this after I changed the ssh key being used in awx to one I had previously authorized for that repo.
After some research, turns out that when I was using the shell module turns out that it was using /bin/sh
rather than /bin/bash
. The jury is out on whether I was using the interpreter argument or not. To learn more, here’s a blog post on the differences between the shell and command modules.
Hopefully this serves a nice heads up or shortcut to a difficult session of troubleshooting preferably before this happens