1、免输入yes,修改/etc/ssh/ssh_config配置文件
StrictHostKeyChecking no
2、在ansible配置文件中写入需要批量传key的服务器
[14.0] 14.1 ansible_ssh_port=22 ansible_ssh_host=10.6.14.1 ansible_ssh_pass='password' 14.2 ansible_ssh_port=22 ansible_ssh_host=10.6.14.2 ansible_ssh_pass='password' 14.3 ansible_ssh_port=22 ansible_ssh_host=10.6.14.3 ansible_ssh_pass='password' 14.4 ansible_ssh_port=22 ansible_ssh_host=10.6.14.4 ansible_ssh_pass='password' 14.5 ansible_ssh_port=22 ansible_ssh_host=10.6.14.5 ansible_ssh_pass='password' 14.6 ansible_ssh_port=22 ansible_ssh_host=10.6.14.6 ansible_ssh_pass='password'
3、ansible命令实现批量下发公钥
pubkey=`cat /root/.ssh/id_rsa.pub` ansible 14.0 -m shell -a "cd /root/; umask 077; test -d .ssh || mkdir .ssh ; echo $pubkey >> .ssh/authorized_keys"
注意:实际的AuthorizedKeysFile位置应依照对端/etc/ssh/ssh_config配置文件中的值。比如esxi中就不一样
AuthorizedKeysFile /etc/ssh/keys-%u/authorized_keys
所以对端为esxi,则应该执行:
ansible 14.0 -m shell -a "cd /root/; umask 077; test -d .ssh || mkdir .ssh ; echo $pubkey >> /etc/ssh/keys-root/authorized_keys"
4、下发完公钥后,ansible配置文件就能去除密码配置项了
[14.0] 14.1 ansible_ssh_port=22 ansible_ssh_host=10.6.14.1 14.2 ansible_ssh_port=22 ansible_ssh_host=10.6.14.2 14.3 ansible_ssh_port=22 ansible_ssh_host=10.6.14.3 14.4 ansible_ssh_port=22 ansible_ssh_host=10.6.14.4 14.5 ansible_ssh_port=22 ansible_ssh_host=10.6.14.5 14.6 ansible_ssh_port=22 ansible_ssh_host=10.6.14.6
5、测试一下
ansible 14.0 -m ping
转载于:https://blog.51cto.com/9473774/2171522