All geek questions in one place

Configuring remote hosts using a private key and user sudo

Hi, I wrote a book for Ansible to install several applications. I'm having problems, since I have to run every thing as root, which is not a good idea.

So, I created the user sudo and created the private key for authentication.

Can someone help me in defining a hosts file for this scenario.

My current hosts file is as follows:

[webserver] web-01 ansible_ssh_host=192.168.0.11 ansible_ssh_user=root

Thanks,

+5
source share
1 answer

Your new hosts file will look like this:

 [webserver] web-01 ansible_ssh_host=192.168.0.11 ansible_ssh_user=USERNAME ansible_ssh_private_key_file=/secure/mykey

But please also create sudo: True in your player:

  --- - hosts: webserver sudo: True remote_user: USERNAME gather_facts: True # Run these tasks tasks: - name: Run this task.....

The important thing is that your sudo user must be less than a password in order to ensure that you have to edit the sudoer file. If you are using CentOS, edit the file / etc / sudoers and add the following line

 USERNAME ALL=(ALL) NOPASSWD: ALL

add this line after the last line that says

 #includedir /etc/sudoers.d

If you are using Ubuntu, use the visudo command, find and edit the following line:

 # Members of the admin group may gain root privileges %sudo ALL=(ALL:ALL) NOPASSWD: ALL
+8
source

Source: https://habr.com/ru/post/1208635/

More articles:


All Articles