Allow key authentication when using --ask-pass
(similar to Ansible v2)
This closes #14250. It should not have any ill-effects for existing use-cases as we would only allow additional authentication methods on top of password authentication. And since the user can authenticate in other ways already, it also has no security impact.
This commit is contained in:
parent
8e2c5337f5
commit
009164227e
|
@ -91,10 +91,7 @@ class Connection(object):
|
|||
self.common_args += ["-o", "IdentityFile=\"%s\"" % os.path.expanduser(self.private_key_file)]
|
||||
elif self.runner.private_key_file is not None:
|
||||
self.common_args += ["-o", "IdentityFile=\"%s\"" % os.path.expanduser(self.runner.private_key_file)]
|
||||
if self.password:
|
||||
self.common_args += ["-o", "GSSAPIAuthentication=no",
|
||||
"-o", "PubkeyAuthentication=no"]
|
||||
else:
|
||||
if not self.password:
|
||||
self.common_args += ["-o", "KbdInteractiveAuthentication=no",
|
||||
"-o", "PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey",
|
||||
"-o", "PasswordAuthentication=no"]
|
||||
|
|
Loading…
Reference in a new issue