Override ansible default ssh_user

slibnarg asked:

99% of the time that I use ansible, I use the ansible_ssh_user specified in my hosts file. The other 1% of the time this user doesn’t exist, and I need to use the default user to create it. How can I run a playbook in such a way that it overrides the ansible_ssh_user in the hosts file?

I tried the following:

ansible-playbook my-playbook.yaml --user default --ask-pass

But this still produced the following error:

fatal: [target]: UNREACHABLE! => {"changed": false, "msg": "Invalid/incorrect password: Permission denied, please try again.", "unreachable": true}

It only worked after I commented out the ansible_ssh_user in my hosts file, but it would be pretty inconvenient to comment/uncomment this line every time.

My answer:


You can pass extra variables on the ansible-playbook command line to redefine the Ansible user. For example:

ansible-playbook .... --extra-vars "ansible_ssh_user=nobody"

The man page says:

       -e, --extra-vars
          set  additional  variables  as  key=value  or YAML/JSON, if filename
          prepend with @

So you can pass key/value pairs, YAML, JSON, or a file containing variables to use. But the single key-value pair is probably enough for your case.


This is a good time to review your provisioning process. I make sure the ansible user is created with the proper ssh authorized_keys in all my kickstarts, for instance.


View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.