Reputation: 2127
knife bootstrap command without prompting password
I am trying to write a bash script which contains the command for bootstrapping a Ubuntu client node using knife command. When I execute the script, the knife command was asking the sudo password of client node and once i type the password, it works as expected. But I am looking for an automated way without prompting password. Here is the command I used for bootstrapping.
knife bootstrap <IP_ADDRESS> -x <USER_NAME> -P <PASSWORD> --sudo
After checking, knife bootstrap document, I have tried giving the ssh-password also like below, but with same result.
knife bootstrap <IP_ADDRESS> --ssh-user <USER_NAME> --ssh-password <PASSWORD> --sudo
What may be wrong with this command. I am expecting the knife command to automatically login to the client and bootstrap, but its asking like,
<IP_ADDRESS> knife sudo password:
Enter your password:
Any ideas??
Upvotes: 5
Views: 14403
Answers (7)
Reputation: 1405
It needs to be used in this way (worked for me)
knife bootstrap $ipaddr --ssh-user $userid --ssh-password $pswd --node-name $hostname --sudo --use-sudo-password -P $pswd
--use-sudo-password It is required to supply password for this option too, in the same way you supply for --ssh-password
Upvotes: 0
Reputation: 78
Looking through the doc this may be the parameter you need:
--use-sudo-password
Although the documentation seems to imply that the password that that will be used is the same for the ssh operation, I don't know if that will be sufficient in your case.
Reference: https://docs.chef.io/knife_bootstrap.html#knife-bootstrap-options
Upvotes: 6
Reputation: 4510
If you want to avoid using passwords , you could set up the ssh keys of your workstation on the chef-node and run the
knife bootstrap yourclient.domain.com -x <USER_NAME> -i ~/.ssh/id_rsa -N client1 --sudo
Upvotes: 4
Reputation: 2127
This is how I made this work.
echo <SSH_PASSWORD> | knife bootstrap <IP_ADDRESS> -x <USER_NAME> -P <PASSWORD> --sudo
Upvotes: 3
Reputation: 32705
There are two kinds of authentication happening:
- The SSH connection (may be via a key or via a password)
- The
sudoauthentication (usually, a password is required).
When you are first bootstrapping a machine, I don't think you can avoid needing the sudo password.
I've seen Ruby code that can pass a sudo password over the SSH connection (so the user doesn't have to type it in the middle of the command), but I don't think that knife has that built in.
Upvotes: 0
Reputation: 77961
Check out the NOPASSWD option in the /etc/sudoers file. This configures sudo to suppress the password check.
Upvotes: 0
Reputation: 23502
I see a typo in your command
it should be --ssh-password
what you have is --sh-password
Upvotes: 0
Related Questions
- Unable to Knife Bootstrap Ubuntu Ec2 instance
- Knife bootstrap error - Successful authentication but not authorized for this action
- knife ssh -P without password on command line
- Chef node configuration issue with knife bootstrap- can't authenticate with server
- Knife command failing to authenticate
- Use knife solo with a non-root user with sudo access, without a password
- How to give password for ssh commands in chef-recipe
- how to set password for user at run time in chef
- Chef : Password-less sudo to chef client as part of an ANT script
- knife bootstrap ip-10-185-211-254.ec2.internal -x ubuntu -i JP_Key.pem —sudo -r “role[webserver]”