ansible 配置linux主机SSH无密码访问在主服务端:
[root@node110 .ssh]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
60:b2:86:b1:7a:a1:8b:e7:ee:d9:c7:c9:59:4c:8a:e8 root@node110
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| . . o |
| + + .. |
| +.o. +S |
| o.o. . o |
|o.. o + |
|.oEo * |
|o== .. |
+-----------------+
ssh root@192.168.2.120 #不需要密码直接登录到远程主机上
ssh root@192.168.2.121 #不需要密码直接登录到远程主机上
非22号端口:
ssh-copy-id -i ~/.ssh/id_rsa.pub "-p 20022 test@192.168.3.2"
通过以上配置后,不需要-k参数就可以直接访问业务服务器了:
参数-k是要指定客户端的密码才能运行
[root@node110 .ssh]# ansible 192.168.2.120 -m ping
192.168.2.120 | SUCCESS => {
"changed": false,
"ping": "pong"
}
手动配置:
(1)、SSH免密钥登录设置
## 生成公钥/私钥
# ssh-keygen -t rsa -P ''
## 写入信任文件(将/root/.ssh/id_rsa_storm1.pub分发到其他服务器,并在所有服务器上执行如下指令):
# cat /root/.ssh/id_rsa_storm1.pub >> /root/.ssh/authorized_keys
# chmod 600 /root/.ssh/authorized_keys
