salt-ssh.rst 4.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189
  1. ============
  2. ``salt-ssh``
  3. ============
  4. Synopsis
  5. ========
  6. .. code-block:: bash
  7. salt-ssh '*' [ options ] sys.doc
  8. salt-ssh -E '.*' [ options ] sys.doc cmd
  9. Description
  10. ===========
  11. Salt SSH allows for salt routines to be executed using only SSH for transport
  12. Options
  13. =======
  14. .. program:: salt-ssh
  15. .. include:: _includes/common-options.rst
  16. .. option:: --hard-crash
  17. Raise any original exception rather than exiting gracefully. Default: False.
  18. .. option:: -r, --raw, --raw-shell
  19. Execute a raw shell command.
  20. .. option:: --roster
  21. Define which roster system to use, this defines if a database backend,
  22. scanner, or custom roster system is used. Default is the flat file roster.
  23. .. option:: --roster-file
  24. Define an alternative location for the default roster file location. The
  25. default roster file is called ``roster`` and is found in the same directory
  26. as the master config file.
  27. .. versionadded:: 2014.1.0
  28. .. option:: --refresh, --refresh-cache
  29. Force a refresh of the master side data cache of the target's data. This
  30. is needed if a target's grains have been changed and the auto refresh
  31. timeframe has not been reached.
  32. .. option:: --max-procs
  33. Set the number of concurrent minions to communicate with. This value
  34. defines how many processes are opened up at a time to manage connections,
  35. the more running process the faster communication should be, default
  36. is 25.
  37. .. option:: --extra-filerefs=EXTRA_FILEREFS
  38. Pass in extra files to include in the state tarball.
  39. .. option:: --min-extra-modules=MIN_EXTRA_MODS
  40. One or comma-separated list of extra Python modulesto be included
  41. into Minimal Salt.
  42. .. option:: --thin-extra-modules=THIN_EXTRA_MODS
  43. One or comma-separated list of extra Python modulesto be included
  44. into Thin Salt.
  45. .. option:: -v, --verbose
  46. Turn on command verbosity, display jid.
  47. .. option:: -s, --static
  48. Return the data from minions as a group after they all return.
  49. .. option:: -w, --wipe
  50. Remove the deployment of the salt files when done executing.
  51. .. option:: -W, --rand-thin-dir
  52. Select a random temp dir to deploy on the remote system. The dir
  53. will be cleaned after the execution.
  54. .. option:: -t, --regen-thin, --thin
  55. Trigger a thin tarball regeneration. This is needed if custom
  56. grains/modules/states have been added or updated.
  57. .. option:: --python2-bin=PYTHON2_BIN
  58. Path to a python2 binary which has salt installed.
  59. .. option:: --python3-bin=PYTHON3_BIN
  60. Path to a python3 binary which has salt installed.
  61. .. option:: --jid=JID
  62. Pass a JID to be used instead of generating one.
  63. Authentication Options
  64. ----------------------
  65. .. option:: --priv=SSH_PRIV
  66. Specify the SSH private key file to be used for authentication.
  67. .. option:: --priv-passwd=SSH_PRIV_PASSWD
  68. Specify the SSH private key file's passphrase if need be.
  69. .. option:: -i, --ignore-host-keys
  70. By default ssh host keys are honored and connections will ask for
  71. approval. Use this option to disable StrictHostKeyChecking.
  72. .. option:: --no-host-keys
  73. Fully ignores ssh host keys which by default are honored and connections
  74. would ask for approval. Useful if the host key of a remote server has
  75. changed and would still error with --ignore-host-keys.
  76. .. option:: --user=SSH_USER
  77. Set the default user to attempt to use when authenticating.
  78. .. option:: --passwd
  79. Set the default password to attempt to use when authenticating.
  80. .. option:: --askpass
  81. Interactively ask for the SSH password with no echo - avoids password
  82. in process args and stored in history.
  83. .. option:: --key-deploy
  84. Set this flag to attempt to deploy the authorized ssh key with all
  85. minions. This combined with --passwd can make initial deployment of keys
  86. very fast and easy.
  87. .. option:: --identities-only
  88. Use the only authentication identity files configured in the ssh_config
  89. files. See IdentitiesOnly flag in man ssh_config.
  90. .. option:: --sudo
  91. Run command via sudo.
  92. Scan Roster Options
  93. -------------------
  94. .. option:: --scan-ports=SSH_SCAN_PORTS
  95. Comma-separated list of ports to scan in the scan roster.
  96. .. option:: --scan-timeout=SSH_SCAN_TIMEOUT
  97. Scanning socket timeout for the scan roster.
  98. .. include:: _includes/logging-options.rst
  99. .. |logfile| replace:: /var/log/salt/ssh
  100. .. |loglevel| replace:: ``warning``
  101. .. include:: _includes/target-selection-ssh.rst
  102. .. include:: _includes/output-options.rst
  103. .. note::
  104. If using ``--out=json``, you will probably want ``--static`` as well.
  105. Without the static option, you will get a separate JSON string per minion
  106. which makes JSON output invalid as a whole.
  107. This is due to using an iterative outputter. So if you want to feed it
  108. to a JSON parser, use ``--static`` as well.
  109. See also
  110. ========
  111. :manpage:`salt(7)`
  112. :manpage:`salt-master(1)`
  113. :manpage:`salt-minion(1)`