Timeout (12s) waiting for privilege escalation prompt

The error “Timeout (12s) waiting for privilege escalation prompt” occurs when Ansible tries to escalate privileges via sudo on the target host but the sudo prompt never appears or the password is not provided in time.

What It Means

Ansible connects to the remote host as a regular user, then runs sudo to execute commands with root privileges. If sudo requires a password and --ask-become-pass was not supplied, or if the sudo configuration is missing or misconfigured, Ansible waits 12 seconds for the prompt and then times out.

Why It Happens

• The remote user requires a password for sudo but ansible_become_password is not set.
• The sudo package is not installed on the remote host.
• The remote user is not in the sudo or wheel group.
• The sudoers file does not include a NOPASSWD directive for the remote user.
• SSH session is stuck due to a slow or unresponsive TTY.

How to Fix It

1. Configure passwordless sudo on the target host

echo "youruser ALL=(ALL) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/youruser
sudo chmod 440 /etc/sudoers.d/youruser

2. Provide the sudo password in the playbook

- hosts: all
  become: yes
  become_user: root
  vars:
    ansible_become_password: "{{ sudo_password }}"

Or pass it on the command line:

ansible-playbook playbook.yml --ask-become-pass

3. Adjust become method and flags

In ansible.cfg:

[privilege_escalation]
become = true
become_method = sudo
become_user = root
become_flags = -H

4. Verify sudo works on the remote host

ssh user@remote-host "sudo -n whoami"

This should return root if passwordless sudo is configured correctly.

FAQ