我想开始使用ansible,并且有一件简单的事情我不知道:
flipl@sun ~ % ansible -vvvv -m ping t420
SUDO password:
<t420.beach.lan> ESTABLISH CONNECTION FOR USER: flipl
<t420.beach.lan> REMOTE_MODULE ping
<t420.beach.lan> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/flipl/.ansible/cp/ansible-ssh-%h-%p-%r" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 t420.beach.lan /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1454775840.71-251439732457316 && chmod a+rx $HOME/.ansible/tmp/ansible-tmp-1454775840.71-251439732457316 && echo $HOME/.ansible/tmp/ansible-tmp-1454775840.71-251439732457316'
<t420.beach.lan> PUT /tmp/tmp1fqFHM TO /home/flipl/.ansible/tmp/ansible-tmp-1454775840.71-251439732457316/ping
<t420.beach.lan> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/flipl/.ansible/cp/ansible-ssh-%h-%p-%r" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 t420.beach.lan /bin/sh -c 'LANG=C LC_CTYPE=C /usr/bin/python /home/flipl/.ansible/tmp/ansible-tmp-1454775840.71-251439732457316/ping; rm -rf /home/flipl/.ansible/tmp/ansible-tmp-1454775840.71-251439732457316/ >/dev/null 2>&1'
t420.beach.lan | success >> {
"changed": false,
"ping": "pong"
}
flipl@sun ~ % su -
Password:
Last login: Sa Feb 6 17:22:40 CET 2016 on pts/0
[root@sun ~]# ansible -vvvv -m ping t420 -u flipl
SUDO password:
<t420.beach.lan> ESTABLISH CONNECTION FOR USER: flipl
<t420.beach.lan> REMOTE_MODULE ping
<t420.beach.lan> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/root/.ansible/cp/ansible-ssh-%h-%p-%r" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=flipl -o ConnectTimeout=10 t420.beach.lan /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1454775858.05-125216053853458 && chmod a+rx $HOME/.ansible/tmp/ansible-tmp-1454775858.05-125216053853458 && echo $HOME/.ansible/tmp/ansible-tmp-1454775858.05-125216053853458'
t420.beach.lan | FAILED => SSH Error: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
while connecting to 192.168.0.100:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
我是否会错过使用ansible的特别之处?
我希望实现的目标是只有root才能执行playbooks(为什么会出现SUDO密码提示,但这并不重要,我放在那里)。由于安全性,不允许通过ssh进行root访问。 所以我想以root身份执行playbooks / ansible命令,使用带有客户端登录的ssh并再次成为root用于包安装。
但正如你所看到的,我已经遇到了简单任务的问题:(
我已经尝试编辑我的广告资源文件:
[t420]
flipl@t420.beach.kan
t420.beach.lan ansible_ssh_user=flipl
任何帮助都会被贬低!
感谢, PWE
答案 0 :(得分:0)
好的,我解决了。
root# ssh-copy-id flipl@t420
解决了......
我想,我误解了ssh-key-concept ......
答案 1 :(得分:-1)
您是否已将公钥添加到远程服务器中的授权文件中?