Ansible 之 配置远程主机访问
16lz
2021-01-22
例子:
1、配置主机10.3.153.10(Ansible服务器)2、Ansible服务器创建公私钥3、分别把Ansible服务器的公钥传输到10.3.152.78的root用户4、分别把Ansible服务器的公钥传输到10.3.151.238的mingkang用户,便于测试安全需要
一、创建公私钥
[root@localhost .ssh]# ssh-keygen -t dsa Generating public/private dsa key pair.Enter file in which to save the key (/root/.ssh/id_dsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_dsa.Your public key has been saved in /root/.ssh/id_dsa.pub.The key fingerprint is:SHA256:yl3cOTtJR7rUpTzSpAtDFT+mkHqp1yE0CgJ/zUJ04ac root@localhost.localdomainThe key's randomart image is:+---[DSA 1024]----+| . .o o. o. || o . = o . || o + + B * .|| o o O = % + || E O % B || . o + B X . || o o . B || . . || |+----[SHA256]-----+[root@localhost .ssh]# ls -altotal 8drwx------ 2 root root 38 Jan 18 08:09 .dr-xr-x---. 5 root root 175 Jan 18 08:08 ..-rw------- 1 root root 668 Jan 18 08:09 id_dsa #私钥-rw-r--r-- 1 root root 616 Jan 18 08:09 id_dsa.pub #公钥
二、把私钥传输到10.3.152.78的root用户
[root@localhost .ssh]# ssh-copy-id -i id_dsa.pub root@10.3.152.78/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "id_dsa.pub"The authenticity of host '10.3.152.78 (10.3.152.78)' can't be established.RSA key fingerprint is SHA256:8powu3Z2r8olnf0EIqSkBOsFx5aVosP8Os8HkwLordc.RSA key fingerprint is MD5:fb:47:7b:22:39:ed:b7:80:e9:24:0a:0f:c8:8e:70:f3.Are you sure you want to continue connecting (yes/no)? yes/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keysroot@10.3.152.78's password: Number of key(s) added: 1Now try logging into the machine, with: "ssh 'root@10.3.152.78'"and check to make sure that only the key(s) you wanted were added.备注:此时可以使用ssh root@10.3.152.78直接登陆到该服务器的root用户
三、把私钥传输到10.3.151.238的mingkang用户
#10.3.151.238的服务器上必须有mingkang用户[root@localhost ansible]# ssh-copy-id -i /root/.ssh/id_dsa.pub mingkang@10.3.151.238/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_dsa.pub"The authenticity of host '10.3.151.238 (10.3.151.238)' can't be established.RSA key fingerprint is SHA256:F8YvVdDTa7vzTJuGpWvipAmcp/6RtHyEXSqDzBi3MvA.RSA key fingerprint is MD5:55:5c:2f:0d:67:6d:b0:64:3e:7a:81:dd:54:9d:07:40.Are you sure you want to continue connecting (yes/no)? yes/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keysmingkang@10.3.151.238's password: Number of key(s) added: 1Now try logging into the machine, with: "ssh 'mingkang@10.3.151.238'"and check to make sure that only the key(s) you wanted were added.
四、在/etc/ansible/hosts下添加相对应的主机
#在最后面添加如下内容[opssite]10.3.152.78[yum]10.3.151.238
五、简单测试ansible命令使用
1、此处的root是指对端(10.3.152.78)的root用户,即可远程免密码登陆对端服务器用户
2、使用mingkang用户,远程登陆对端服务器10.3.151.238
3、测试mingkang用户测试sudo的用法
4、简单模拟文件传输
你的鼓励让我更有动力
赞赏
0人进行了赞赏支持
更多相关文章
- 使用Flask在服务器实现一个API接口。
- 30分钟用Node.js构建一个API服务器[每日前端夜话0x70]
- windows10家庭版更改登录用户名
- 5:Zabbix5.0 监控服务器网口流量
- 如何使用 SSH 远程控制一台 Windows 服务器
- 最佳实践【二】从 0 开始,用 flask+mongodb 打造分布式服务器监控
- 【一】从0开始,用flask+mongo打造分布式服务器监控平台
- 内外网文件单向传输服务器搭建 samba+rsync+inotify
- RabbitMQ服务器部署