Ana Sayfa Keşfet Yardım
Giriş Yap
RONCC
/
Dell-Omnia-Clusters-HPC-AI
İzle 1
Yıldızla 0
Çatalla 0
Dosyalar Sorunlar 0 Değişiklik İstekleri 0 Wiki
Ağaç: 8353195c73
Dallar Biçim İmleri
Dell-Omnia-C...
/
roles
/
cluster_preperation
/
tasks
/
passwordless_ssh.yml

passwordless_ssh.yml 2.1 KB
Geçmiş Ham

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 
  1. #  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
    2. 

  2. #
    3. 

  3. #  Licensed under the Apache License, Version 2.0 (the "License");
    4. 

  4. #  you may not use this file except in compliance with the License.
    5. 

  5. #  You may obtain a copy of the License at
    6. 

  6. #
    7. 

  7. #      http://www.apache.org/licenses/LICENSE-2.0
    8. 

  8. #
    9. 

  9. #  Unless required by applicable law or agreed to in writing, software
    10. 

  10. #  distributed under the License is distributed on an "AS IS" BASIS,
    11. 

  11. #  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12. 

  12. #  See the License for the specific language governing permissions and
    13. 

  13. #  limitations under the License.
    14. 

  14. ---
    15. 

  15. 

  16. - name: Initialize variables
    17. 

  17.   set_fact:
    18. 

  18.     ssh_status: false
    19. 

  19.     current_host: "{{ item }}"
    20. 

  20. 

  21. - name: Verify whether passwordless ssh is set on the remote host
    22. 

  22.   command: ssh -o PasswordAuthentication=no root@"{{ current_host }}" 'hostname'
    23. 

  23.   register: ssh_output
    24. 

  24.   ignore_errors: yes
    25. 

  25.   changed_when: False
    26. 

  26. 

  27. - name: Update ssh connection status
    28. 

  28.   set_fact:
    29. 

  29.     ssh_status: true
    30. 

  30.   when: "'Permission denied' not in ssh_output.stderr"
    31. 

  31. 

  32. - name: Verify the public key file existence
    33. 

  33.   stat:
    34. 

  34.     path: "{{ rsa_id_file }}"
    35. 

  35.   register: verify_rsa_id_file
    36. 

  36.   when: not ssh_status
    37. 

  37. 

  38. - name: Generate ssh key pair
    39. 

  39.   command: ssh-keygen -t rsa -b 4096 -f "{{ rsa_id_file }}" -q -N "{{ passphrase }}"
    40. 

  40.   when:
    41. 

  41.     - not ssh_status
    42. 

  42.     - not verify_rsa_id_file.stat.exists
    43. 

  43. 

  44. - name: Add the key identity
    45. 

  45.   shell: |
    46. 

  46.     eval `ssh-agent -s`
    47. 

  47.     ssh-add "{{ rsa_id_file }}"
    48. 

  48.   when: not ssh_status
    49. 

  49. 

  50. - name: Create .ssh directory
    51. 

  51.   command: >-
    52. 

  52.     sshpass -p "{{ hostvars['127.0.0.1']['cobbler_password'] }}"
    53. 

  53.     ssh root@"{{ current_host }}" mkdir -p /root/.ssh
    54. 

  54.   when: not ssh_status
    55. 

  55. 

  56. - name: Copy the public key to remote host
    57. 

  57.   shell: >-
    58. 

  58.     set -o pipefail && cat "{{ rsa_id_file }}".pub
    59. 

  59.     | sshpass -p "{{ hostvars['127.0.0.1']['cobbler_password'] }}"
    60. 

  60.     ssh root@"{{ current_host }}" 'cat >> "{{ auth_key_path }}"'
    61. 

  61.   when: not ssh_status
    62. 

  62. 

  63. - name: Change permissions on the remote host
    64. 

  64.   shell: sshpass -p "{{ hostvars['127.0.0.1']['cobbler_password'] }}" ssh root@"{{ current_host }}" 'chmod 700 .ssh; chmod 640 "{{ auth_key_path }}"'
    65. 

  65.   when: not ssh_status
    66.