Outline ssh key per host utilizing ansible_ssh_private_key_file
I arrange SSH keys on a Linux or Unix as per my mission wants and cloud internet hosting suppliers. I additionally new to Ansible IT automation and DevOps software. My administration node has keys for Linode, AWS/EC2 and Google cloud. How do I arrange and inform Ansible to make use of completely different ssh keys? How do I configure SSH credentials per cloud internet hosting service supplier?
Ansible is a free and open supply IT software program that automates software program provisioning, configuration administration, and utility deployment. One can use Ansible to create cloud hosts in EC2, patch servers, add customers, configure routers/firewall and extra. Ansible makes use of SSH which permits customers and ansbile too; to log in to distant servers and carry out administration duties. This web page exhibits tips on how to already setup SSH keys to log in into distant server utilizing Ansible IT automation software.
Ansible outline ssh key per host utilizing ansible_ssh_private_key_file
You must use ansible_ssh_private_key_file in stock file. The syntax is fairly easy:
host ansible_ssh_private_key_file=/path/to/your/.ssh/file.pub
192.168.2.200 ansible_ssh_private_key_file=/path/to/your/.ssh/id_rsa.pub
104.20.187.5 ansible_ssh_private_key_file=/path/to/your/.ssh/aws.pem
ansible_ssh_private_key_file instance
Allow us to open a file named hosts in ~/initiatives/ansible/hosts utilizing a textual content editor resembling vim command:
$ vim ~/initiatives/ansible/hosts
Pattern file:
[my_servers]
1.2.three.four ansible_ssh_private_key_file=/dwelling/vivek/.ssh/id_ed25519.pub
202.54.1.5 ansible_ssh_private_key_file=~/.ssh/Lightsail-us-west-2.pem
www1 ansible_ssh_private_key_file=~/.ssh/Linode-us.rsa.pub
vpn-box1 ansible_ssh_private_key_file=~/.ssh/Linode-us.rsa.pub
One other instance:
## Ansible with a number of SSH key pair as per server internet hosting ##
[linode]
www1-li ansible_ssh_private_key_file=/path/to/file
www2-li ansible_ssh_private_key_file=/path/to/file
[aws]
www1-aws ansible_ssh_private_key_file=/path/to/file
www2-aws ansible_ssh_private_key_file=/path/to/file
[google_cloud]
www1-gcp ansible_ssh_private_key_file=/path/to/file
www2-gcp ansible_ssh_private_key_file=/path/to/file
It’s potential to group it as follows:
[linode]
www1-li
www2-li
[aws]
www1-aws
www2-aws
[google_cloud]
www1-gcp
www2-gcp
[linode:vars]
ansible_ssh_user=vivek
ansible_ssh_private_key_file=/dwelling/vivek/.ssh/linode.id_ed25519.pub
[aws:vars]
ansible_ssh_user=ec-2
ansible_ssh_private_key_file=/dwelling/vivek/.ssh/aws-ec2-usa-east.pem
[google_cloud:vars]
ansible_ssh_user=someuser@gmail.com
ansible_ssh_private_key_file=/dwelling/vivek/.ssh/google_compute_engine.pem
[freebsd]
aws_freebsd_1
aws_freebsd_2
aws_freebsd_3
[freebsd:vars]
ansible_python_interpreter=/usr/native/bin/python
ansible_ssh_user=vivek
ansible_ssh_private_key_file=/dwelling/vivek/.ssh/freebsd-aws-lightsail.pem
The best way to dry run and take a look at your stock or playbooks
You may ask Ansible to not make any modifications; as an alternative, attempt to predict some variations in these information:
$ ansible-playbook -i hosts my-book.yml –check
$ ansible freebsd -i hosts –list-hosts
$ ansible aws -i hosts –list-hosts
$ ansible google_cloud -i hosts –list-hosts
An inventory of all ansible SSH connection config choicesansible_port=2020 : The ssh port quantity, if not 22ansible_user=vivek : The default ssh person title to make use of.ansible_ssh_private_key_file=/path/to/ssh.pem : Non-public key file utilized by ssh. Helpful if utilizing a number of keys and also you don’t wish to use SSH agent.ansible_python_interpreter=/usr/native/bin/python : The goal host python path
Conclusion
You realized tips on how to use completely different or a number of SSH personal keys for the servers you handle utilizing Ansible software. For more information see “Record of Behavioral Stock Parameters” right here.