Allow remote ansible provisioner to bypass ssh proxying and simply connect based on sshHostPort state

[andyfeller]

The ansible provisioner's SSH proxying is overly complicated and adds complexity making it's usage non-trivial and require a fair bit of research to fix. This approach was based upon @bhcleek assertion:

Add an Ansible provisioner that does not require installing Ansible on the machine being provisioned.

For those using ansible in production from control machines that SSH to remote hosts, there is no need to install ansible on the remote machines. Simply specify the user for the connection and either private key or password.

There should be an option to bypass the SSH proxying and have the ansible provisioner pull the sshHostPort state established by the communicator and use this for ansible communications.

[rickard-von-essen]

Packers architecture is plugin based and have three classes of plugins (relevant for this issue) builders, communicators, and provisioners. In short they do:

• Builders: abstract the state, creation, configuration of a VM.
• Communicators: abstract the connection towards the VM. Support upload, download, and command execution.
• Provisioners: Use a communicator to interact with the VM.

Most importantly for this is that communicators hides the details about the connection towards the VM.

That is why the ansible provisioner creates a proxy that connects the communicator and the ansible command. To remove the proxy we need to redesign (and rethink) the fundamental design of Packer.

Some more discussion on this topic #3331

[andyfeller]

I get that, so let me do this:

I'm going to submit a pull request to cite the situation @rickard-von-essen was good enough to solve for someone else that tripped me up, too. The output around rejecting auth-agent-req@openssh.com request is a red herring to the real issue of /usr/lib/sftp-server needing to be /usr/libexec/openssh/sftp-server in Redhat family.

Thanks @rickard-von-essen once again!