Lab 12 Automation - Foren-Ken/tech-journal GitHub Wiki
Purpose:
Doing multiple actions of multiple devices using SSH is slow and exhausting. To solve this, multiple tools have been created:
Ansible & pssh
Requirements:
The following packages are required on the main device:
epel-release
pssh
ansible
How To's
How to login with a singular password on multiple devices:
- On the main controlling device, create a key with "ssh-keygen".
- Copy ssh id to other devices "ssh-copy-id user@hostname/ipaddress"
- Check on the "user@hostname/ipaddress" machine if it was sent over with the command "cat .ssh/authorized_keys"
- Now when sshing into the "user@hostname/ipaddress", the passphrase for the ssh key will now be used to log into remote systems.
How to save credentials (to not need to keep using passwords to login).
- To create a ssh-agent in memory to hold the passphrase, the following can be used "eval $(ssh-agent)"
- Adding the passphrase can be done with the command "ssh-add -t [time]" then submitting the passphrase.
- Now sshing will not require any credentials to log in.
How to sudo without needing to submit password (the sudo at the begining will still be required):
- Access the /etc/sudoers file on "user@hostname/ipaddress" system.
- Edit the line stating "%wheel ALL=(ALL) NOPASSWD: ALL"
- Now when sshing into a system, "sudo -i" will not require a password.
How to pssh (requires ssh-agent):
- Create a hosts file. This is done with the following format on each line:
[user@hostname/ipaddr1]
[user@hostname/ipaddr2]
... - With the host file the following command format can be used "pssh -h [hostfile] -i "[command]"
How to Ansible (requires ssh-agent):
- Create a hosts file. This is done with the following format on each line:
[user@hostname/ipaddr1]
[user@hostname/ipaddr2]
... - To check the connection to all the hosts in the hosts file, the following command can be used: "ansible all -i [host file] -m ping""
- With the host file the following format can be used "ansible all -i [hostfile] -a "[command]""