Saya mencoba untuk menghasilkan kembali kunci host ssh pada beberapa server jarak jauh via ansible (dan ssh-keygen
), tetapi file-file tersebut tampaknya tidak muncul. Playbook berjalan OK, tetapi file pada remote tidak diubah.
Saya perlu menggunakan echo -e
hackery karena remote ini menjalankan Ubuntu 14.04 dan belum memiliki versi yang benar dari yang python-pexpect
tersedia (sesuai dengan yang dimungkinkan).
Apa yang saya lewatkan? Buku pedoman dan hasil saya di bawah:
buku pedoman
---
- hosts: all
become: true
gather_facts: false
tasks:
- name: Generate /etc/ssh/ RSA host key
command : echo -e 'y\n'|ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -C "" -N ""
register: output
- debug: var=output.stdout_lines
- name: Generate /etc/ssh/ DSA host key
command : echo -e 'y\n'|ssh-keygen -q -t dsa -f /etc/ssh/ssh_host_dsa_key -C "" -N ""
register: output
- debug: var=output.stdout_lines
- name: Generate /etc/ssh/ ECDSA host key
command : echo -e 'y\n'|ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -C "" -N ""
register: output
- debug: var=output.stdout_lines
keluaran
$ ansible-playbook ./playbooks/ssh-hostkeys.yml -l myhost.mydom.com,
SUDO password:
PLAY [all] **********************************************************************************************
TASK [Generate /etc/ssh/ RSA host key] ******************************************************************
changed: [myhost.mydom.com]
TASK [debug] ********************************************************************************************
ok: [myhost.mydom.com] => {
"output.stdout_lines": [
"y",
"|ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -C -N "
]
}
TASK [Generate /etc/ssh/ DSA host key] ******************************************************************
changed: [myhost.mydom.com]
TASK [debug] ********************************************************************************************
ok: [myhost.mydom.com] => {
"output.stdout_lines": [
"y",
"|ssh-keygen -q -t dsa -f /etc/ssh/ssh_host_dsa_key -C -N "
]
}
TASK [Generate /etc/ssh/ ECDSA host key] ****************************************************************
changed: [myhost.mydom.com]
TASK [debug] ********************************************************************************************
ok: [myhost.mydom.com] => {
"output.stdout_lines": [
"y",
"|ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -C -N "
]
}
PLAY RECAP **********************************************************************************************
myhost.mydom.com : ok=6 changed=3 unreachable=0 failed=0