Password Based SSH connectivity between two linux machines
- For this lab exercise i will be using Azure Account to create virtual machines
- We have create two ubuntu linux instances (node-1, node-2)
-
From a client execute
ssh username@ip-or-name and enter credentials
-
On node 1 and node 2 lets create a new user called as
myuser
sudo adduser myuser
- on your laptop if you dont have keys in
~/.ssh execute ssh-keygen
- i have generated
temp_ed25519
- Now i want to upload the public key for myuser on node1 and node2
ssh-copy-id -i ~/.ssh/temp_ed25519 myuser@<node-1-ip>
ssh-copy-id -i ~/.ssh/temp_ed25519 myuser@<node-2-ip>
- once th copy is success we can login into node 1 and node 2 without password
ssh -i ~/.ssh/temp_ed25519 myuser@<node-1-ip>
ssh -i ~/.ssh/temp_ed25519 myuser@<node-2-ip>
How Ansible uses ssh
- Ansible expect python on nodes, Ansible uses SSH + Python
- When you run ansible, it reads the ip addresses and credential info from inventory which indirectly specify SSH options
- Ansible internally runs a SSH command
- Generates a temporary python script (for your configuration) copies that to node
- Python on node executes this script
- output of that is returned via SSH
-
Then it cleans up the temporary python script and other files
-
As a user of ansible we create playbook or adhoc-command to make ansible work.
-
It is recommended to configure a user on all nodes with key based SSH to work in Ansible as industry standard. This user generally has sudo or privilege escallation.
Like this:
Like Loading...
