Getting started with Ansible 02 - SSH Overview & Setup
ฝัง
- เผยแพร่เมื่อ 2 พ.ค. 2024
- Ansible is an incredible configuration management and provisioning utility that enables you to automate all the things. In this series, you'll learn everything you need to know in order to use Ansible for your day-to-day administration duties. In the second episode, we take a look at some foundational knowledge, specifically OpenSSH which is required for Ansible to work.
Full series:
Part 1 (Introduction): linux.video/ansible1
Part 2 (This video)
Part 3 (Setting up the Git Repository): linux.video/ansible3
Part 4 (Running Commands): linux.video/ansible4
Part 5 (Running Elevated Commands): linux.video/ansible5
Part 6 (Writing our first Playbook): linux.video/ansible6
Part 7 (The "when" Conditional): linux.video/ansible7
Part 8 (Improving your Playbook): linux.video/ansible8
Part 9 (Targeting Specific Nodes): linux.video/ansible9
Part 10 (Tags): linux.video/ansible10
Part 11 (Managing Files): linux.video/ansible11
Part 12 (Managing Services): linux.video/ansible12
Part 13 (Adding Users & Bootstrapping): linux.video/ansible13
Part 14 (Roles): linux.video/ansible14
Part 15 (Host Variables): linux.video/ansible15
Part 16 (Templates): linux.video/ansible16
🙌 Support me on Patreon and get early access to new content!
➡️ learnlinux.link/patron
🛒 Affiliate store for Linux compatible hardware/accessories (commission earned):
➡️ learnlinux.link/amazon
💻 Check out the Tiny Pilot KVM for your Homelab (commission earned):
➡️ learnlinux.link/tinypilot
Wiki article for this video:
www.learnlinux.tv/getting-sta...
🐦 Follow me on Twitter!
➡️ learnlinux.link/twitter
💬 Official LearnLinux.tv Community:
➡️ community.learnlinux.tv
📖 Check out jay's latest book, Mastering Ubuntu Server 3rd Edition. Available now!
➡️ ubuntuserverbook.com
👨 More about me:
➡️ www.jaylacroix.com
➡️ www.learnlinux.tv/about-me
💽 How to create a bootable flash drive for installing Linux:
➡️ linux.video/flash-usb
🐧 Which distro do I use?
➡️ learnlinux.link/mydistro
🔐 How to better secure OpenSSH:
➡️ linux.video/secure-ssh
☁️ How to create a cloud Linux server with Linode:
➡️ learnlinux.link/create-linode
#Ansible #LearnAnsible #AnsibleCourse - วิทยาศาสตร์และเทคโนโลยี
Your videos should be a template for all other teachable videos. It was clear, good pace, easy to follow and understand. And you explained things perfectly! Thank you.
one of the best lecturers I have listened to😁 keep on good work
thank youuuu
fyi you can play this at 1.25 speed and it is understandable
Legend Unlocked!
You might go even further. I'm watching at 1.75
thanksthiscommentwasactuallyhelpful:)
An absolute necessity if you have ADD. I can't listen to people who talk slow.
Holy smokes you are so right. I just did and it was like 👍 correct speed. Never thought of that was what was irking me about Jay’s delivery.
Second video into your series and I'm already loving it. Keep making great content!
Thank you so much your content is truly well organized, well edited the speed of your voice is 10/10, content is really spot on.
Ohh my!! - This content is better than most paid training I have gotten so far. I signed up for your patron to give you much needed credit for your great work. Looking forward to browsing through all your content :)
Awesome tutorial! You know what, I watched a lot videos about ssh keys to understand this topic but this is first in which someone showed that we don't copy the whole key file but the content of key file to the file "authorized_keys" . Now I understand :)
I am glad I found this channel, thank you for existing!
Thanks Jay, your tutorials are always awesome and very informative.
Thanks Jay, I cam here to learn ansible and all of a sudden I learned so much more the stuff that I didnt bother to learn.
This series is awesome! I truly appreciate the detailed, concise walkthrough.
Thank you so much, Jay, great video and work! very helpfull!! BTW, your english is so beautiful, no any accent, your video quality is also clear and perfect, zoom control is very good, we can see, you definittely spent lot of time and energy to make this video, thanks again!
I was just planning to put the public key on the billboard :) hahaha, good explanation. I just discovered your channel and I can say that it immediately became my favorite place.
finally I got it with SSH, Thank you so much for the effort
Youre amazing! Thanks for the content!!!
This is superb. Solved some long overdue issues for me.
Thank you very much sir... For this quality of video for free...❤️❤️❤️
your video is making me as an strong Engineer in my core... thank you jay.....love from india
Thank you! This is super-high quality training!
Thank you for the over view of SSH
Thanks a lot for posting
For those who can't access the Ubuntu server instances on Virtual Box via ssh.
Settings > Network
Adapter 1: Select Host-Only-Adapter (If you don't have any available name for Host-only Adapter, first go to File Menu > Host Network Manager and Create)
Adapter 2: NAT
❤🔥
Your products are amazing! Thanks a bunch!
I'm glad to find this video, great job.
Such a amazing style, I have request please make a series of linux administration, and othe devops tools. thanks
that opened my eyes man, thanks a lot
That is great . Im junior Python developer . This is Zero to Hero .... Thanks So MUCH !!!
Great channel. Love the content.
Nice explaination and qualtiy stuff, Thankyou.
Great video Jay
Nice explanation!
Awsome tutorials! Wish I had found your channel earlier
You are the best man! Thanks alot!
This was good I am excited.
How does ssh-copy-id put the public key into the server's autorized_keys file? how is this request authenticated?
have to pay attention that you've changed tmux panes but it's great tutorial! thank you very much!
Thanks for this. This is one of the best and detailed series I have seen.
Many Thanks Bro ! It's very help me
Great job👍
Good info, but what you don´t mention is that before you can copy over the pub ssh key for the ansible user to a remote server the user has to exist there. This is less of a problem if you´re starting out with your server deployments but if you already have xxx linux servers you´ll have to craft this with some script outside of the ansible scope to get started. (well not really, you could create users and stuff with ansible as well, sure)
Haha great tip but I had to laugh at having “..xxx Linux servers…”. I knew what you meant but my mind went there -> hosting xxx content on Linux servers….lulz
Again thanks for the tip I noticed Jay kind of glosses over that there needs to be a user on that server already
Can you guys tell me how to do that? or know any TH-cam video where i can see it?
Great video, thanks a lot!
Excellent
thanks buddy so many good things
great tutorial, thanks
great video , appreciate if you add automation for network devices as well to the series
big like
I wish I could hit the like button a hundred times!
Just one thing: I did it also in the past and do it also with test environments, but for production systems the fingerprint mechanism should be handled with more care.
Thanks 👍
WOW thanky ou for the information I done this before but I never understood what was happening underhood
I’m confused. Does your workstation have a Linux OS installed on it? Or is it basically windows with some kind of SSH tool? Like putty mobaxterm etc? The you just use the tool to make SSH connections to everything?
When you start tmux with the server prompts are you manually creating prompts and launching ssh in each one?
Thank you
Hi Jay, Can we use certs for nodes and users for that purpose? to authenticate our hosts (servers) and users...
Hello Jay. Thank you for making these videos. And I also have few questions for you.
When I was trying to simulate this video in my Oracle virtual box running Ubuntu 20 LTS, I faced two problems with tmux that I couldn't solve
First, when I opened four different windows like you did, they all have the same IP address. How can I assign different IP addresses to each window?
Second, when I tried to rename the windows like you named them,
The rename command works but when i write a new name and hit enter, it say the file or the name couldn't be found and defaults back to its original name. But on my screen it, An index word is placed before the renaming space, which you can't delete.
I will greatly appreciate It you can help me with these issues.
Thank you again.
And have a great day in peace and in good health
So I want to use Ansible with network switches. Does the Ansible ping command only work if python is installed on the target server/switch?
hi good work,
my question is how does the openssh choose the key when you don't specify .
why did the connection work with the first key and not the ansible key when you didn't specify the key to use?
Hello, your videos are awesome. I like your tmux setup, is possible somewhere find and download same theme? Thank you.
Well done great video, however when copy the ssh to a remote host your command doesnt work , i get "Error Too many arguments, expecting a target hostname?"
what is yours ssh_config and sshd_config - What kind of identification rules is enabled in your config?
thanks
u r awesome
In case someone come across this issue "ssh: could not resolve hostname add: Name or service not known". Make sure to apply the changes by either restarting your terminal or sourcing the .bashrc file with the following command "source ~/.bashrc"
I'm currently going through this using WSL and using SSH to connect to a CentOS VM I have. Do I need to set up more VMs to have multiple servers to connect to? In your video you simply added 1 to the IP address to add more servers without issue
I'm using a Win10 machine. I originally tried using VSCode but when I tried pinging my inventory, they all timed out due to not being able to SSH so I switched back to using a terminal instead of an IDE.
System76 Rocks !
Are we supposed to download tmux and have 3 additional servers as well for this tutorial?
is it possible to share your .bashrc ? want to makeuse of some of the awesome aliases.
You go into good detail a lot which I like. However you never once told us when you switched servers and so I ended up following along but copying stuff to the wrong servers which led to me having to restart. I bet 99% of us aren't using what you are for VMS so please make sure to make it clear when you switch between servers. It is especially hard to notice when you are using that software because all you do is click "1" to change so I am sure I am not the only one that missed that. Overall though I appreciate the series, you seem to be one of the only good series on youtube so thank you for the knowledge.
Thank you for this incredible learning path. Please clarify whether you created all virtual machines on one PC. In my case, all machines have the same IP address.
If you cloned it power off and remove network and reattach? After that configure up address as static and also change hostname
Which tool is he using to navigate between his vm's? Cant hear it clearly enough. Teambox,teamvox,...
Tmux
You are my favorite TH-cam Linux instructor. You are just the kind of teacher I was looking for. Quick question. Are you using the same user account to log in to you SSH sessions?
you are amazing, how about making videos for installing like jenkins, nginx, tomcat without root?
How did he create server1, server2, server3??
I'm a total newbie. Can anyone guide pls?
Please how do I create or set the IP address for each servers. I'm using vagrant
when I try to copy the second key (ansible) on the first host I get this error:
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/maroci/.ssh/ansible.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@addreshost: Permission denied (publickey).
I had the same problem, try with non-root user. it worked for me.
I don't have access to any Linux or UNIX machines at all to practice tge stuff in your videos. Is there an easy and preferably free way creating 3 or 4 VM in a cloud provider? This way I will be able to practice Ansible
Hi there. One easy and free way to practice would be virtualbox from Oracle, which is free. While there are so called free tiers from various cloud providers, but you need to be careful, because not everything is free and some free tiers expire pretty soon. The safest way is to use virtualbox, if your machine has enough power and supports virtualization.
If I want to connect with 100 servers do i need to follow these same steps? Is there any alternative?
Thanks for this question, I asked myself the same. 🤝
The bottom line of the video: which tool is allowing you to switch between several shells and showing you on which one you are?
tmux
"are you sure" about that fingerprint?
Get it before you send (colo) it
i hate, when commited ppl call themselves lazy xdddddd great videos
ssh passwords are not the standard though?
Great video but there is one thing I'm a bit lost on. How are you able to ssh into a server just using the IP and not specifying a user?
7:59 read the footnote
Totally missed that! Thanks
Totally missed that! Thanks
how can i create VM ?
I'm saving this for myself, feel free to like or add.
23:22 Too lazy to write passphrase
ssh
Permission denied (publickey).
ssh
Permission denied (publickey).
Please help me
That's because you're probably trying to ssh into VPS - you'll need to run the following:
ssh -i ubuntu@REPLACE-WITH-YOUR-IP-ADDRESS.com
If you're not using Ubuntu then put the name of your distro before the '@' sign - unless you created a different username. Where I put 'REPLACE-WITH-YOUR-IP-ADDRESS' should be self explanatory - but just in case, you'll replace that with your VPS IP Address (or Ec2 or whatever you're ssh'ing into).
FYI, I used this to get the targets ssh finger-print;
for i in {200..215}; do ssh-keyscan -H 192.168.101.$i >> ~/.ssh/known_hosts ; done
I feel like all his videos could be 7 minutes long, instead he repeats himself many times and It's really hard to not get bored.
You don't even need to create an alias and run ssha if you follow this and add it to your ~/.ssh/config
docs.github.com/en/free-pro-team@latest/github/authenticating-to-github/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent
This is for Mac but might need a different option flag for linux
I disagree with the idea of using an ssh key for ansible. Instead you should have keys for each person with access - this will allow you to remove access for each person individually
I am running a home server running Ubuntu Server do you have a video on how to create a ssh key?
It was already shown on this video.. What part was it not understandable?
I had add the comment before thanks
19:38 And that‘s the reason i don‘t use passphrases. Their implementations are wack, not just on ansible, but in general. Also the caching options are far from perfect, for example the PuTTy Agent on Windows, forgot the passphrase. That is, for me, an unacceptable error, i want my keys to be straight and the state of my system consistent. I don’t need side-processes, that work or won’t work on a daily basis.
25:02 yeah as i said, the implementations are wack, sry but’s true. I better focus more on keeping my keys secure, than counter processes which don’t work consistent
Why can't I like twice!?!
if you get an error when trying to copy the key to the server, specify the user of the server ie: ssh-copy-id -i ~/.ssh/id_ed25519.pub patrick@192.111.111.111
first
These damn adverts they appear within a few seconds of watching a video, really annoying, dont mind adverts you can skip but these adverts are getting worse! Then you get double adverts!
Would be good if you would go over some important issues before you have someone go through this sales course to then find out how much it would cost to purchase this product. This product is NOT open source or free.
I fell asleep.....
You mentioned that you should manually log into each of the hosts with ssh, to accept the ECDSA key via the interactive prompt, but if you're working with hundred or thousands of servers - wouldn't that be a terrible way to do it?
I am asking because this is why I am starting to learn Ansible is so that I don't have to manually log into each host permutatively with each other so that I can get passwordless ssh working between all of the host pairs.
Thanks.
You can include the ssh key in your deployment image.
@@LearnLinuxTV
But if you were doing pair-wise login where all of the deployments have to also cross-communicate with each other, the ECDSA key for the deployments won't be know until they are deployed.
For the Ansible to client deployment, this will work.
I am not sure if this will work for pairwise clientclient communications though.
I confirmed that on the remote server the key got installed to ~/.ssh/authorized_keys From the workstation machine I do 'ssh -i ~/.ssh/ansible root@pi4' and I get a password prompt even though my key has no passphrase. The key was installed on a pi running "Raspbian GNU/Linux 10 (buster)"
I figured it out. /var/log/auth.log was telling mePubkey auth attempt with unknown algo so I just did ssh-keygen with no type maybe ed25519 isn't supported on my distribution of dietpi?