Linux Tutorials

Outline ssh key per host utilizing ansible_ssh_private_key_file

SEOClerks

I arrange SSH keys on a Linux or Unix as per my mission wants and cloud internet hosting suppliers. I additionally new to Ansible IT automation and DevOps software. My administration node has keys for Linode, AWS/EC2 and Google cloud. How do I arrange and inform Ansible to make use of completely different ssh keys? How do I configure SSH credentials per cloud internet hosting service supplier?

Ansible is a free and open supply IT software program that automates software program provisioning, configuration administration, and utility deployment. One can use Ansible to create cloud hosts in EC2, patch servers, add customers, configure routers/firewall and extra. Ansible makes use of SSH which permits customers and ansbile too; to log in to distant servers and carry out administration duties. This web page exhibits tips on how to already setup SSH keys to log in into distant server utilizing Ansible IT automation software.

Ansible outline ssh key per host utilizing ansible_ssh_private_key_file

You must use ansible_ssh_private_key_file in stock file. The syntax is fairly easy:

host ansible_ssh_private_key_file=/path/to/your/.ssh/file.pub
192.168.2.200 ansible_ssh_private_key_file=/path/to/your/.ssh/id_rsa.pub
104.20.187.5 ansible_ssh_private_key_file=/path/to/your/.ssh/aws.pem

ansible_ssh_private_key_file instance

Allow us to open a file named hosts in ~/initiatives/ansible/hosts utilizing a textual content editor resembling vim command:
$ vim ~/initiatives/ansible/hosts
Pattern file:

[my_servers]
1.2.three.four ansible_ssh_private_key_file=/dwelling/vivek/.ssh/id_ed25519.pub
202.54.1.5 ansible_ssh_private_key_file=~/.ssh/Lightsail-us-west-2.pem
www1 ansible_ssh_private_key_file=~/.ssh/Linode-us.rsa.pub
vpn-box1 ansible_ssh_private_key_file=~/.ssh/Linode-us.rsa.pub

One other instance:

## Ansible with a number of SSH key pair as per server internet hosting ##
[linode]
www1-li ansible_ssh_private_key_file=/path/to/file
www2-li ansible_ssh_private_key_file=/path/to/file
 
[aws]
www1-aws ansible_ssh_private_key_file=/path/to/file
www2-aws ansible_ssh_private_key_file=/path/to/file
 
[google_cloud]
www1-gcp ansible_ssh_private_key_file=/path/to/file
www2-gcp ansible_ssh_private_key_file=/path/to/file

It’s potential to group it as follows:

[linode]
www1-li
www2-li
 
[aws]
www1-aws
www2-aws
 
[google_cloud]
www1-gcp
www2-gcp
 
[linode:vars]
ansible_ssh_user=vivek
ansible_ssh_private_key_file=/dwelling/vivek/.ssh/linode.id_ed25519.pub
 
[aws:vars]
ansible_ssh_user=ec-2
ansible_ssh_private_key_file=/dwelling/vivek/.ssh/aws-ec2-usa-east.pem
 
[google_cloud:vars]
ansible_ssh_user=someuser@gmail.com
ansible_ssh_private_key_file=/dwelling/vivek/.ssh/google_compute_engine.pem
 
[freebsd]
aws_freebsd_1
aws_freebsd_2
aws_freebsd_3
 
[freebsd:vars]
ansible_python_interpreter=/usr/native/bin/python
ansible_ssh_user=vivek
ansible_ssh_private_key_file=/dwelling/vivek/.ssh/freebsd-aws-lightsail.pem

The best way to dry run and take a look at your stock or playbooks

You may ask Ansible to not make any modifications; as an alternative, attempt to predict some variations in these information:
$ ansible-playbook -i hosts my-book.yml –check
$ ansible freebsd -i hosts –list-hosts
$ ansible aws -i hosts –list-hosts
$ ansible google_cloud -i hosts –list-hosts
Ansible ansible_ssh_private_key_file example

An inventory of all ansible SSH connection config choicesansible_port=2020 : The ssh port quantity, if not 22ansible_user=vivek : The default ssh person title to make use of.ansible_ssh_private_key_file=/path/to/ssh.pem : Non-public key file utilized by ssh. Helpful if utilizing a number of keys and also you don’t wish to use SSH agent.ansible_python_interpreter=/usr/native/bin/python : The goal host python path

Conclusion

You realized tips on how to use completely different or a number of SSH personal keys for the servers you handle utilizing Ansible software. For more information see “Record of Behavioral Stock Parameters” right here.

Posted by: Vivek Gite

The writer is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a coach for the Linux working system/Unix shell scripting. Get the newest tutorials on SysAdmin, Linux/Unix and open supply subjects by way of RSS/XML feed or weekly e mail publication.

Source link

Related Articles

Leave a Reply

Back to top button