Linux之免密登录及ansible安装(超详解)
目录
准备三台机器:配置IP,主机名,/etc/hosts编辑然后去配置免密登录
1.上传公钥
2.将公钥传给用户
3.验证免密登录
配置yum源使用Centos-stream.repo
安装ansible
1.首先安装源
2. 下载ansible
3.使用ansible --version去验证
配置清单
/etc/ansible/hosts[node]rhcerhel
使用ansible node -m ping去验证
准备三台机器:
配置IP,主机名,/etc/hosts
然后去配置免密登录
1.上传公钥
[root@rhcsa .ssh]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:0ihaGqzhrrggldA2+PdMixdf80qkmODATm08Z/77wmE root@rhcsa
The key's randomart image is:
+---[RSA 3072]----+
| |
| o |
|o + |
| * = o |
|. X X B S + |
|.* X % BE+ o |
|+.+ o Ooo.. . |
|= . .o. . |
|=o o+o |
+----[SHA256]-----+
2.将公钥传给用户
[root@rhcsa .ssh]# ssh-copy-id root@rhce
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'rhce (192.168.40.132)' can't be established.
ECDSA key fingerprint is SHA256:70V58bQzrfUci7EE23sAS/cd7Zjc3zbRhTx15uN1PVY.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@rhce's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@rhce'"
and check to make sure that only the key(s) you wanted were added.
[root@rhcsa .ssh]# ssh-copy-id root@rhel
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'rhel (192.168.40.135)' can't be established.
ECDSA key fingerprint is SHA256:70V58bQzrfUci7EE23sAS/cd7Zjc3zbRhTx15uN1PVY.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@rhel's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@rhel'"
and check to make sure that only the key(s) you wanted were added.
3.验证免密登录
[root@rhcsa .ssh]# ssh root@rhce
Activate the web console with: systemctl enable --now cockpit.socket
This system is not registered to Red Hat Insights. See https://cloud.redhat.com/
To register this system, run: insights-client --register
Last failed login: Tue Aug 2 17:13:21 CST 2022 from 192.168.40.129 on ssh:notty
There were 2 failed login attempts since the last successful login.
Last login: Tue Aug 2 16:26:36 2022 from 192.168.40.129
[root@rhce ~]# exit
logout
Connection to rhce closed.
[root@rhcsa .ssh]# ssh root@rhel
Activate the web console with: systemctl enable --now cockpit.socket
This system is not registered to Red Hat Insights. See https://cloud.redhat.com/
To register this system, run: insights-client --register
Last login: Tue Aug 2 16:55:17 2022 from 192.168.40.129
[root@rhel ~]# exit
logout
Connection to rhel closed.
配置yum源使用Centos-stream.repo
安装ansible
1.首先安装源
[root@rhcsa yum.repos.d]# rpm -ivh https://mirrors.tuna.tsinghua.edu.cn/zabbix/zabbix/6.0/rhel/8/x86_64/zabbix-release-6.0-1.el8.noarch.rpm
Retrieving https://mirrors.tuna.tsinghua.edu.cn/zabbix/zabbix/6.0/rhel/8/x86_64/zabbix-release-6.0-1.el8.noarch.rpm
warning: /var/tmp/rpm-tmp.uSbUwD: Header V4 RSA/SHA512 Signature, key ID a14fe591: NOKEY
Verifying... ################################# [100%]
Preparing... ################################# [100%]
Updating / installing...
1:zabbix-release-6.0-1.el8 ################################# [100%]
[root@rhcsa yum.repos.d]# yum install -y https://mirrors.tuna.tsinghua.edu.cn/epel/epel-release-latest-8.noarch.rpm
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered with an entitlement server. You can use subscription-manager to register.
Repository AppStream is listed more than once in the configuration
Zabbix Official Repository - x86_64 25 kB/s | 107 kB 00:04
Zabbix Official Repository non-supported - x86_ 294 B/s | 1.2 kB 00:04
epel-release-latest-8.noarch.rpm 33 kB/s | 24 kB 00:00
Dependencies resolved.
================================================================================
Package Architecture Version Repository Size
================================================================================
Installing:
epel-release noarch 8-16.el8 @commandline 24 k
Transaction Summary
================================================================================
Install 1 Package
Total size: 24 k
Installed size: 34 k
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : epel-release-8-16.el8.noarch 1/1
Running scriptlet: epel-release-8-16.el8.noarch 1/1
Many EPEL packages require the CodeReady Builder (CRB) repository.
It is recommended that you run /usr/bin/crb enable to enable the CRB repository.
Verifying : epel-release-8-16.el8.noarch 1/1
Installed products updated.
Installed:
epel-release-8-16.el8.noarch
Complete!
2. 下载ansible
[root@rhcsa yum.repos.d]# yum install ansible -y
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered with an entitlement server. You can use subscription-manager to register.
Repository AppStream is listed more than once in the configuration
Extra Packages for Enterprise Linux 8 - x86_64 248 kB/s | 13 MB 00:52
Extra Packages for Enterprise Linux Modular 8 - 211 kB/s | 1.0 MB 00:04
Last metadata expiration check: 0:00:03 ago on Tue 02 Aug 2022 05:25:07 PM CST.
Dependencies resolved.
================================================================================
Package Arch Version Repo Size
================================================================================
Installing:
ansible noarch 5.4.0-3.el8 epel 40 M
Installing dependencies:
ansible-core x86_64 2.12.7-1.el8 AppStream 2.5 M
python38 x86_64 3.8.13-1.module_el8.7.0+1177+19c53253 AppStream 80 k
python38-asn1crypto
noarch 1.2.0-3.module_el8.5.0+742+dbad1979 AppStream 184 k
python38-babel noarch 2.7.0-11.module_el8.6.0+929+89303463 AppStream 5.9 M
python38-cffi x86_64 1.13.2-3.module_el8.5.0+742+dbad1979 AppStream 248 k
python38-cryptography
x86_64 2.8-3.module_el8.5.0+742+dbad1979 AppStream 553 k
python38-idna noarch 2.8-6.module_el8.5.0+742+dbad1979 AppStream 87 k
python38-jinja2 noarch 2.11.3-1.module_el8.7.0+1171+3bbf18c8 AppStream 248 k
python38-libs x86_64 3.8.13-1.module_el8.7.0+1177+19c53253 AppStream 8.3 M
python38-markupsafe
x86_64 1.1.1-6.module_el8.5.0+742+dbad1979 AppStream 36 k
python38-pip-wheel
noarch 19.3.1-6.module_el8.7.0+1184+30eba247 AppStream 1.0 M
python38-ply noarch 3.11-10.module_el8.5.0+742+dbad1979 AppStream 112 k
python38-pycparser
noarch 2.19-3.module_el8.5.0+742+dbad1979 AppStream 128 k
python38-pytz noarch 2019.3-3.module_el8.5.0+742+dbad1979 AppStream 55 k
python38-pyyaml x86_64 5.4.1-1.module_el8.6.0+929+89303463 AppStream 212 k
python38-resolvelib
noarch 0.5.4-5.el8 AppStream 30 k
python38-setuptools
noarch 41.6.0-5.module_el8.6.0+929+89303463 AppStream 667 k
python38-setuptools-wheel
noarch 41.6.0-5.module_el8.6.0+929+89303463 AppStream 304 k
python38-six noarch 1.12.0-10.module_el8.5.0+742+dbad1979 AppStream 39 k
sshpass x86_64 1.09-4.el8 AppStream 30 k
Installing weak dependencies:
python3-jmespath noarch 0.9.0-11.el8 AppStream 45 k
python38-pip noarch 19.3.1-6.module_el8.7.0+1184+30eba247 AppStream 1.8 M
Enabling module streams:
python38 3.8
Transaction Summary
================================================================================
Install 23 Packages
Total download size: 63 M
Installed size: 389 M
Downloading Packages:
(1/23): python3-jmespath-0.9.0-11.el8.noarch.rp 20 kB/s | 45 kB 00:02
(2/23): python38-3.8.13-1.module_el8.7.0+1177+1 34 kB/s | 80 kB 00:02
(3/23): python38-asn1crypto-1.2.0-3.module_el8. 132 kB/s | 184 kB 00:01
(4/23): python38-cffi-1.13.2-3.module_el8.5.0+7 142 kB/s | 248 kB 00:01
(5/23): python38-cryptography-2.8-3.module_el8. 173 kB/s | 553 kB 00:03
(6/23): python38-idna-2.8-6.module_el8.5.0+742+ 72 kB/s | 87 kB 00:01
(7/23): python38-jinja2-2.11.3-1.module_el8.7.0 180 kB/s | 248 kB 00:01
(8/23): ansible-core-2.12.7-1.el8.x86_64.rpm 146 kB/s | 2.5 MB 00:17
(9/23): python38-markupsafe-1.1.1-6.module_el8. 129 kB/s | 36 kB 00:00
(10/23): python38-pip-19.3.1-6.module_el8.7.0+1 169 kB/s | 1.8 MB 00:10
(11/23): python38-pip-wheel-19.3.1-6.module_el8 170 kB/s | 1.0 MB 00:06
(12/23): python38-ply-3.11-10.module_el8.5.0+74 144 kB/s | 112 kB 00:00
(13/23): python38-pycparser-2.19-3.module_el8.5 147 kB/s | 128 kB 00:00
(14/23): python38-pytz-2019.3-3.module_el8.5.0+ 95 kB/s | 55 kB 00:00
(15/23): python38-babel-2.7.0-11.module_el8.6.0 174 kB/s | 5.9 MB 00:34
(16/23): python38-resolvelib-0.5.4-5.el8.noarch 98 kB/s | 30 kB 00:00
(17/23): python38-pyyaml-5.4.1-1.module_el8.6.0 187 kB/s | 212 kB 00:01
(18/23): python38-setuptools-wheel-41.6.0-5.mod 183 kB/s | 304 kB 00:01
(19/23): python38-six-1.12.0-10.module_el8.5.0+ 112 kB/s | 39 kB 00:00
(20/23): sshpass-1.09-4.el8.x86_64.rpm 104 kB/s | 30 kB 00:00
(21/23): python38-setuptools-41.6.0-5.module_el 185 kB/s | 667 kB 00:03
(22/23): python38-libs-3.8.13-1.module_el8.7.0+ 175 kB/s | 8.3 MB 00:48
(23/23): ansible-5.4.0-3.el8.noarch.rpm 239 kB/s | 40 MB 02:52
--------------------------------------------------------------------------------
Total 301 kB/s | 63 MB 03:33
CentOS-8-stream - AppStream - mirrors.aliyun.co 6.6 kB/s | 1.6 kB 00:00
Importing GPG key 0x8483C65D:
Userid : "CentOS (CentOS Official Signing Key) "
Fingerprint: 99DB 70FA E1D7 CE22 7FB6 4882 05B5 55B3 8483 C65D
From : https://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-Official
Key imported successfully
Extra Packages for Enterprise Linux 8 - x86_64 1.6 MB/s | 1.6 kB 00:00
Importing GPG key 0x2F86D6A1:
Userid : "Fedora EPEL (8) "
Fingerprint: 94E2 79EB 8D8F 25B2 1810 ADF1 21EA 45AB 2F86 D6A1
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : sshpass-1.09-4.el8.x86_64 1/23
Installing : python38-setuptools-wheel-41.6.0-5.module_el8.6.0+ 2/23
Installing : python38-pip-wheel-19.3.1-6.module_el8.7.0+1184+30 3/23
Installing : python38-libs-3.8.13-1.module_el8.7.0+1177+19c5325 4/23
Installing : python38-3.8.13-1.module_el8.7.0+1177+19c53253.x86 5/23
Running scriptlet: python38-3.8.13-1.module_el8.7.0+1177+19c53253.x86 5/23
Installing : python38-setuptools-41.6.0-5.module_el8.6.0+929+89 6/23
Running scriptlet: python38-setuptools-41.6.0-5.module_el8.6.0+929+89 6/23
Installing : python38-pip-19.3.1-6.module_el8.7.0+1184+30eba247 7/23
Running scriptlet: python38-pip-19.3.1-6.module_el8.7.0+1184+30eba247 7/23
Installing : python38-six-1.12.0-10.module_el8.5.0+742+dbad1979 8/23
Installing : python38-asn1crypto-1.2.0-3.module_el8.5.0+742+dba 9/23
Installing : python38-idna-2.8-6.module_el8.5.0+742+dbad1979.no 10/23
Installing : python38-markupsafe-1.1.1-6.module_el8.5.0+742+dba 11/23
Installing : python38-ply-3.11-10.module_el8.5.0+742+dbad1979.n 12/23
Installing : python38-pycparser-2.19-3.module_el8.5.0+742+dbad1 13/23
Installing : python38-cffi-1.13.2-3.module_el8.5.0+742+dbad1979 14/23
Installing : python38-cryptography-2.8-3.module_el8.5.0+742+dba 15/23
Installing : python38-pytz-2019.3-3.module_el8.5.0+742+dbad1979 16/23
Installing : python38-babel-2.7.0-11.module_el8.6.0+929+8930346 17/23
Installing : python38-jinja2-2.11.3-1.module_el8.7.0+1171+3bbf1 18/23
Installing : python38-pyyaml-5.4.1-1.module_el8.6.0+929+8930346 19/23
Installing : python38-resolvelib-0.5.4-5.el8.noarch 20/23
Installing : ansible-core-2.12.7-1.el8.x86_64 21/23
Installing : python3-jmespath-0.9.0-11.el8.noarch 22/23
Installing : ansible-5.4.0-3.el8.noarch 23/23
Running scriptlet: ansible-5.4.0-3.el8.noarch 23/23
Verifying : ansible-core-2.12.7-1.el8.x86_64 1/23
Verifying : python3-jmespath-0.9.0-11.el8.noarch 2/23
Verifying : python38-3.8.13-1.module_el8.7.0+1177+19c53253.x86 3/23
Verifying : python38-asn1crypto-1.2.0-3.module_el8.5.0+742+dba 4/23
Verifying : python38-babel-2.7.0-11.module_el8.6.0+929+8930346 5/23
Verifying : python38-cffi-1.13.2-3.module_el8.5.0+742+dbad1979 6/23
Verifying : python38-cryptography-2.8-3.module_el8.5.0+742+dba 7/23
Verifying : python38-idna-2.8-6.module_el8.5.0+742+dbad1979.no 8/23
Verifying : python38-jinja2-2.11.3-1.module_el8.7.0+1171+3bbf1 9/23
Verifying : python38-libs-3.8.13-1.module_el8.7.0+1177+19c5325 10/23
Verifying : python38-markupsafe-1.1.1-6.module_el8.5.0+742+dba 11/23
Verifying : python38-pip-19.3.1-6.module_el8.7.0+1184+30eba247 12/23
Verifying : python38-pip-wheel-19.3.1-6.module_el8.7.0+1184+30 13/23
Verifying : python38-ply-3.11-10.module_el8.5.0+742+dbad1979.n 14/23
Verifying : python38-pycparser-2.19-3.module_el8.5.0+742+dbad1 15/23
Verifying : python38-pytz-2019.3-3.module_el8.5.0+742+dbad1979 16/23
Verifying : python38-pyyaml-5.4.1-1.module_el8.6.0+929+8930346 17/23
Verifying : python38-resolvelib-0.5.4-5.el8.noarch 18/23
Verifying : python38-setuptools-41.6.0-5.module_el8.6.0+929+89 19/23
Verifying : python38-setuptools-wheel-41.6.0-5.module_el8.6.0+ 20/23
Verifying : python38-six-1.12.0-10.module_el8.5.0+742+dbad1979 21/23
Verifying : sshpass-1.09-4.el8.x86_64 22/23
Verifying : ansible-5.4.0-3.el8.noarch 23/23
Installed products updated.
Installed:
ansible-5.4.0-3.el8.noarch
ansible-core-2.12.7-1.el8.x86_64
python3-jmespath-0.9.0-11.el8.noarch
python38-3.8.13-1.module_el8.7.0+1177+19c53253.x86_64
python38-asn1crypto-1.2.0-3.module_el8.5.0+742+dbad1979.noarch
python38-babel-2.7.0-11.module_el8.6.0+929+89303463.noarch
python38-cffi-1.13.2-3.module_el8.5.0+742+dbad1979.x86_64
python38-cryptography-2.8-3.module_el8.5.0+742+dbad1979.x86_64
python38-idna-2.8-6.module_el8.5.0+742+dbad1979.noarch
python38-jinja2-2.11.3-1.module_el8.7.0+1171+3bbf18c8.noarch
python38-libs-3.8.13-1.module_el8.7.0+1177+19c53253.x86_64
python38-markupsafe-1.1.1-6.module_el8.5.0+742+dbad1979.x86_64
python38-pip-19.3.1-6.module_el8.7.0+1184+30eba247.noarch
python38-pip-wheel-19.3.1-6.module_el8.7.0+1184+30eba247.noarch
python38-ply-3.11-10.module_el8.5.0+742+dbad1979.noarch
python38-pycparser-2.19-3.module_el8.5.0+742+dbad1979.noarch
python38-pytz-2019.3-3.module_el8.5.0+742+dbad1979.noarch
python38-pyyaml-5.4.1-1.module_el8.6.0+929+89303463.x86_64
python38-resolvelib-0.5.4-5.el8.noarch
python38-setuptools-41.6.0-5.module_el8.6.0+929+89303463.noarch
python38-setuptools-wheel-41.6.0-5.module_el8.6.0+929+89303463.noarch
python38-six-1.12.0-10.module_el8.5.0+742+dbad1979.noarch
sshpass-1.09-4.el8.x86_64
Complete!
3.使用ansible --version去验证
[root@rhcsa yum.repos.d]# ansible --version
ansible [core 2.12.7]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.8/site-packages/ansible
ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible
python version = 3.8.13 (default, Jun 24 2022, 15:27:57) [GCC 8.5.0 20210514 (Red Hat 8.5.0-13)]
jinja version = 2.11.3
libyaml = True
配置清单
/etc/ansible/hosts
[node]
rhce
rhel
[root@rhcsa yum.repos.d]# vim /etc/ansible/hosts 
使用ansible node -m ping去验证
