SSH Connections With Ansible - How To Create & Share SSH Keys

preview_player
Показать описание
In this video, the second of the Ansible mini-series, I show how to connect to remote machines using existing SSH keys, and also how to create and share new keys.

GitHub Commands:
Ansible Documentation:

Support this channel to get access to perks:

00:00 - Introduction to Ansible & SSH
00:47 - Hosts File Overview
05:58 - Using Existing SSH Keys (Proxmox)
12:42 - Creating New SSH Keys
19:02 - Testing
22:43 - Outro
  1. Jim's Garage
  2. ansible
  3. ansible tutorial
  4. ansible tutorial for beginners
  5. what is ansible
  6. ansible playbook tutorial
Рекомендации по теме
SSH Connections With 0:23:51

SSH Connections With Ansible - How To Create & Share SSH Keys

Getting started with 0:28:51

Getting started with Ansible 02 - SSH Overview & Setup

Securing Ansible with 0:06:08

Securing Ansible with SSH Keys: A Comprehensive Guide - Part 4

How to fix 0:10:16

How to fix ansible failed to connect to the host via ssh ||WARNING REMOTE HOST IDENTIFICATION HAS

Part 2: Ansible 0:06:51

Part 2: Ansible Configuration Host and SSH

SSH Connection From 0:16:26

SSH Connection From Ansible Master Node To Client Nodes

Connect with Ansible 0:05:30

Connect with Ansible via an SSH Proxy

Establish Passwordless SSH 0:08:31

Establish Passwordless SSH Connection Between Ansible Server and Hosts

SSH : How 0:17:37

SSH : How generate and use a key ? #ANSIBLE 05

Simple automation for 0:26:00

Simple automation for all your Linux servers with Ansible

[Ansible - 02] 0:24:14

[Ansible - 02] Connect Ansible Master with nodes via SSH ( demonstration of 3 different ways)

Install Ansible and 0:37:30

Install Ansible and Connect to Remote Hosts with SSH

Configure SSH Password 0:05:48

Configure SSH Password less Login Authentication using SSH keygen on Linux

Ansible pour devops: 0:06:09

Ansible pour devops: Mise en place de clé ssh en 6 minutes

Setup SSH between 0:24:36

Setup SSH between two AWS EC2 instances using Ansible

How to SSH 0:05:30

How to SSH Without a Password (like a boss)

ANSIBLE - 4. 0:12:10

ANSIBLE - 4. SSH : CLEFS ET ASTUCES

How to Connect 0:20:06

How to Connect Ansible Master and Slave | First Ansible Configuration

Ansible troubleshooting - 0:05:37

Ansible troubleshooting - Failed to connect to the host via ssh host localhost port 22

Ansible Add Remote 0:12:55

Ansible Add Remote Hosts in Inventory | 3 Method to Authentication with Remote Hosts

Use Ansible to 0:18:34

Use Ansible to Manage Windows Servers (SSH | port 22) - Step by Step Guide

Manage Windows like 0:03:35

Manage Windows like Linux via SSH using Ansible

Ignore Ansible SSH 0:06:46

Ignore Ansible SSH Host Key Checking - Ansible configuration

IT Automation with 0:05:14

IT Automation with Ansible #1 - Installation and Server Ping

Комментарии
Автор

I've watched a lot of videos on the topic and used Ansible for various scenarios, but it's always good to get a new point of view. Yours is always a good one.

RobertFabiano
Автор

I appreciate your taking the time to teach good security practices. In this instance, Least Privilege is a crucial security best practice that really needs to become second nature for folks.

davidgulbransen
Автор

Hi Jim, great start to the series! As a suggestion for a future route - I've taken this one step further at work and ditched winrm as a connection method, and changed all our Windows hosts to be ssh connected using powershell as the default shell... It's a great way of leveraging the power of Ansible in the Windows world without the complexity and flakeyness of winrm!
Gives us Ansible configuration control over our Windows fleet, with the benefit that you can elevate the user account used but also set it to not be allowed to log on locally or remotely! SSH doesn't count as either, so an added layer of security. You can also lock or disable the password at the Windows level and only allow a certificate login at the openSSH level...
It's magic!

timlang
Автор

Thanks Jim! You keep helping me push my homelab to a better place 😊😉

BromZlab
Автор

14:30: You can also utilize the ssh-agent (ssh-add /path/to/private.key) (or PuTTY's Pageant agent, maybe?). This will allow Ansible to use the key without asking for a passphrase every time but still keeps your key safe!

IgnoreMyChan
Автор

Great video as always Jim, thank you! Do you know of any way to pre-configure the sshd-config to accept key-authentication by default? Since your cloud-init video it's now possible to easily create a new VM by cloning it but you still have to manually login to the new VM to enable key-authentication for ansible which is well annoying.. :)
Keep rocking!

alphenit
Автор

Hi Jim, I installed ansible (core 2.16.6) like you showed in the previous video on Ubuntu 22.04.4 LTS. But i don't seem to have a ansible folder in /etc. Any idea what the reason would be? Or do i need to create that myself?

nicoautoxp
Автор

The use of nano inside the VS code terminal made me sad... :)

You should be able to edit that file and when you try to save it, VS code will give you an error that you might need elevated privileges and give you a chance to put in sudo creds. Haven't tried it over remote SSH session though, so it might not work here. I'm definitely going to have to go try it out later and confirm.

jdratlif
Автор

I'm not sure the custom ssh key part at the end was correct.

When you ran your ansible ping command, you didn't have the ssh agent and didn't specify the key, so it makes sense that it failed. Then you ran the ansible command specifying the key AND asking for the password. If the key wasn't going to get you in (which I'm not convinced would have been the case), why specify it at all? Just use --ask-pass if you needed the password.

Ubuntu OpenSSH is configured by default to allow allow ssh pubkey auth. That commented out line with the yes value was the default. It's just showing you the options in case you want to change them.

If I'm missing something, feel free to correct, but this does not look right to me.

jdratlif
Автор

Thanks you. For this curse you have started. My question is, I am planning on implementing Ansible on proxmox cluster. I have created one VM and one CT on this I will be practicing, I follow your instructions I had no problem copying the ssh key to the VM, but to the CT I could only copy it and modify the sshd_config permitrootlogin to yes. the key is on the root folder in the CT. for some reason in the CT is looking for the same folder that was created for the VM when I send the ping. Thank you

jorgegomez
Автор

It's a shame your git repo isn't available for cloning, saves copying and pasting haha. But suppose it for security reasons

jhmc