基于ssh的方式与被管理的主机进行通信,在管理的主机上(部署ansible的主机上)生成一对非对称密钥,将公钥发给被管理的主机。
(1)生成一对密钥:ssh-keygen -t rsa
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | [root@wlm yum.repos.d] # ssh-keygen -t rsa # 默认存放的地方为/root/.ssh目录下 Generating public /private rsa key pair. Enter file in which to save the key ( /root/ . ssh /id_rsa ): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/ . ssh /id_rsa . Your public key has been saved in /root/ . ssh /id_rsa .pub. The key fingerprint is: e8:60:67:4d:29:90:d2:4d:7d:52:2f:c7:e4:87:a4:80 root@wlm The key's randomart p_w_picpath is: +--[ RSA 2048]----+ | ..+.o... o | | . o.E oo.B . | | . . ooo * . | | = o . | | o + S | | . = | | . | | | | | +-----------------+ |
(2)将公钥发给要管理的主机:ssh-copy-id -i /root/.ssh/id_rsa.pub root@10.10.10.3
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | [root@wlm yum.repos.d] # ssh-copy-id -i /root/.ssh/id_rsa.pub root@10.10.10.4 The authenticity of host '10.10.10.4 (10.10.10.4)' can't be established. RSA key fingerprint is 43:8a:cc:2c:6a:07:0e:16:17:04:b5: dd :2c:4a:9a:41. Are you sure you want to continue connecting ( yes /no )? yes /usr/bin/ssh-copy-id : INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id : INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@10.10.10.4's password: Permission denied, please try again. root@10.10.10.4's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@10.10.10.4'" and check to make sure that only the key(s) you wanted were added. |