search

bearsears / docker_SIEM

fun times with bural chinggoo
0 stars 1 forks source link

automate keyless ssh using ansible. #7

Open bearsears opened 9 months ago

bearsears commented 9 months ago

Certainly! Here's a small task idea to help you learn about Ansible:

Task: Automated SSH Key Deployment

Objective: Create an Ansible playbook that automates the deployment of SSH keys to remote servers, allowing passwordless authentication.

Steps:

  1. Inventory:

    • Create an inventory file (hosts.ini) with a few remote servers' IP addresses.
    [web_servers]
server1 ansible_host=192.168.1.10
server2 ansible_host=192.168.1.11

  2. SSH Key Generation:

    • Generate an SSH key pair on your local machine using the following command:
    ssh-keygen -t rsa -b 2048

    Follow the prompts to create the key pair.

  3. Playbook Creation:

    • Create an Ansible playbook (deploy_ssh_key.yml) with the following content:
    ---
- name: Deploy SSH Key
 hosts: web_servers
 become: true

 tasks:
   - name: Ensure SSH directory exists
     file:
       path: "~/.ssh"
       state: directory
       mode: "0700"

   - name: Copy public key to remote servers
     authorized_key:
       user: "{{ ansible_user }}"
       key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"

    This playbook does the following:

    • Ensures the ~/.ssh directory exists on the remote servers.
    • Copies the local public key to the authorized_keys file on each remote server.

  4. Run the Playbook:

    • Run the Ansible playbook using the following command:
    ansible-playbook -i hosts.ini deploy_ssh_key.yml

    Ansible will prompt you for the SSH user's password (the user specified in the inventory file). After providing the password, Ansible will deploy the SSH key to the specified servers.

  5. Test Passwordless Authentication:

    • Verify that you can now SSH into the remote servers without being prompted for a password. For example:
    ssh server1

    You should be able to log in without entering a password.

This task introduces you to basic Ansible concepts, including playbooks, tasks, inventory, and modules. It also demonstrates how Ansible can be used for simple automation tasks like deploying SSH keys. You can further expand on this task by adding error handling, logging, or integrating it into a more comprehensive automation workflow.

bearsears commented 9 months ago

pushed to my branch,