ansible批量分发ssh公钥实现免密

1、在hosts里面定义好用户名和密码

[[email protected] ansible]# grep -v "^#" /etc/ansible/hosts | grep -v "^$"
[rancher]
n1 ansible_ssh_user="root" ansible_ssh_pass="123456"
n2 ansible_ssh_user="root" ansible_ssh_pass="123456"
[nginx]
n3 ansible_ssh_user="root" ansible_ssh_pass="123456"
[rancheragent]
n4 ansible_ssh_user="root" ansible_ssh_pass="123456"
n5 ansible_ssh_user="root" ansible_ssh_pass="123456"
[gitlab]
n6 ansible_ssh_user="root" ansible_ssh_pass="123456"
[jenkins]
n7 ansible_ssh_user="root" ansible_ssh_pass="123456"
[harbormysql]
n8 ansible_ssh_user="root" ansible_ssh_pass="123456"
[[email protected] ansible]#

2、写playbook

[[email protected] ansible]# cat ssh3.
cat: ssh3.: No such file or directory
[[email protected] ansible]# cat ssh3.
ssh3.retry ssh3.yml 
[[email protected] ansible]# cat ssh3.yml 
---
- hosts: all
gather_facts: no

tasks:

- name: install ssh key
authorized_key: user=root
key="{{ lookup('file', '/root/.ssh/id_rsa.pub') }}" 
state=present
[[email protected] ansible]#

3、生成密钥

[[email protected] ansible]# ssh-keygen 
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:Ir1UbXrjinufSLitv5rmwYpZwKMc4rwUYbIybbbSQmU [email protected]
The key's randomart image is:
+---[RSA 2048]----+
| |
| . |
|.o E . o |
|o++ . . o |
|=+B . + S o |
|B*o+ + + o . |
|+=o . = . . |
|.o.+ ..B.o . |
| .o .oO**oo |
+----[SHA256]-----+
[[email protected] ansible]#

4、发公钥

[[email protected] ansible]# ansible-playbook ssh3.yml

PLAY [all] *********************************************************************************************************************************************************************************************************************************************************************************************************************************

TASK [install ssh key] *********************************************************************************************************************************************************************************************************************************************************************************************************************
changed: [n4]
changed: [n1]
changed: [n3]
changed: [n6]
changed: [n5]
changed: [n2]
changed: [n7]
changed: [n8]

PLAY RECAP *********************************************************************************************************************************************************************************************************************************************************************************************************************************
n1 : ok=1 changed=1 unreachable=0 failed=0 
n2 : ok=1 changed=1 unreachable=0 failed=0 
n3 : ok=1 changed=1 unreachable=0 failed=0 
n4 : ok=1 changed=1 unreachable=0 failed=0 
n5 : ok=1 changed=1 unreachable=0 failed=0 
n6 : ok=1 changed=1 unreachable=0 failed=0 
n7 : ok=1 changed=1 unreachable=0 failed=0 
n8 : ok=1 changed=1 unreachable=0 failed=0
此条目发表在ansible分类目录,贴了标签。将固定链接加入收藏夹。

发表评论

您的电子邮箱地址不会被公开。 必填项已用*标注