我有三个主机-A,B和C,其中A是我的Ansible主机,C是需要通过B到达的目标主机。
作为清单文件的一部分,我具有B和C主机的详细信息,如下所示:
b:
ansible_host: "{{b_ip}}"
ansible_port: 22
ansible_user: root
ansible_password: password
c:
ansible_host: "{{c_ip}}"
ansible_port: 22
ansible_user: root
ansible_password: password
ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q root@{{b_ip}}"'
我们如何配置ansible以使用清单文件中的B和C主机中提到的密码,而不使用〜/ .ssh / config文件中的任何其他配置?
答案 0 :(得分:0)
没有直接的方法可以将跳转主机的密码作为ProxyCommand的一部分提供。
所以,我最终做了以下事情:
# Generate SSH keys for the Ansible Host A
- hosts: localhost
become: false
tasks:
- name: Generate the localhost ssh keys
openssh_keypair:
path: ~/.ssh/id_rsa
force: no
# Copy the host keys of Ansible host to the jump host into the authorized keys of # the ssh to ensure that no password is prompted while logging into jump host A
- hosts: b
become: false
tasks:
- name: Create ssh directory if not exists
file:
path: /home/root/.ssh
state: directory
- name: Copy SSH keys into host B
copy:
src: ~/.ssh/id_rsa.pub
dest: /home/root/.ssh/authorized_keys
force: yes