0%

0/1 Lessons

Course Introduction

• 16min

0 / 3 lessons complete

IT Lab Setup

• 20min

0 / 3 lessons complete

Installing Ansible

• 35min

0 / 3 lessons complete

Managing your Ansible Inventory

• 2hr 7min

0 / 8 lessons complete

Ansible Basics

• 1hr 43min

0 / 9 lessons complete

Ansible Roles

• 1hr 46min

0 / 8 lessons complete

Ansible Galaxy

• 1hr 33min

0 / 6 lessons complete

Ansible Facts, Variables, Passwords and Templates

• 1hr 51min

0 / 9 lessons complete

Advanced Ansible Playbook Creation

• 1hr 41min

0 / 8 lessons complete

Course Conclusion

• 11min

0 / 1 lessons complete

SSH Keys and DNS Resolution

Instructions

Q&A (0)

Notes (0)

Resources (0)

Saving Progress...

Resources

There are no resources for this lesson.

Notes can be saved and accessed anywhere in the course. They also double as bookmarks so you can quickly review important lesson material.

Create note

In this lesson, you will learn about setting up DNS entries and SSH key authentication for Ansible-managed nodes. By the end of this lesson, you will be able to create DNS entries in the hosts file for your managed nodes and Ansible controller, generate an SSH key pair, deploy it to your managed nodes, and verify SSH connectivity from the Ansible controller to the managed nodes.

Setting Up DNS Entries

DNS (Domain Name System) resolution is crucial for network communication. In many cases, especially in test environments, you might need to manually set up DNS entries. We'll start by adding entries to the /etc/hosts file on the Ansible controller for managed-node-1, managed-node-2, and the ansible-controller itself.

Open the /etc/hosts file on the Ansible controller with a text editor. You will need root or sudo privileges to edit this file:

nano /etc/hosts

Now add the following to at the bottom of your hosts file:

# Ansible nodes
192.168.1.200 managed-node-1
192.168.1.201 managed-node-2

Save the file and exit the editor. This allows us to use the name managed-node-1 instead of remembering and typing its IP address, 192.168.1.200. It will come in handy later!

Creating an SSH Key Pair

SSH keys provide a secure way of logging into a server without using a password. Let's generate an SSH key pair on the Ansible controller. Run the following command to generate an SSH key pair:bash

ssh-keygen -t rsa -b 4096

When prompted, you can press Enter to use the default file location. Optionally, set a passphrase for additional security.

Deploying the SSH Key

Next, we'll deploy the public key to managed-node-1 and managed-node-2. This will allow the Ansible controller to SSH into these nodes without a password. We will use the ssh-copy-id command to copy the public key to each managed node. Replace username with the actual username on the managed nodes:

Replace paulh with the actual username you set up when installing the OS on the VMs

ssh-copy-id paulh@ansible-controller
ssh-copy-id paulh@managed-node-1
ssh-copy-id paulh@managed-node-2

You will be prompted to verify the key fingerprint of each server, and enter the password for each managed node. Type yes when you receive these prompts (you should receive two of them):

Are you sure you want to continue connecting (yes/no/[fingerprint])? yes

And type in the password you used when you installed the OS on the respective VMs when prompted. If all went well, you should see a message like following for all three servers:

paulh@managed-node-1's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'paulh@managed-node-1'"
and check to make sure that only the key(s) you wanted were added.

You may have noticed that we copied our SSH key to the same server we were already SSH'd into. The reason for this is to set up the Ansible Controller using Ansible itself. Since Ansible will try to SSH into itself, it's necessary to prepare the SSH keys in advance, similar to how we would for other hosts.

Verifying SSH Connectivity

Finally, let's verify that you can SSH from the Ansible controller into each managed node without being prompted for a password.

SSH into managed-node-1 (replace paulh with your username):

ssh paulh@managed-node-1

If you're not prompted for a password and successfully log in, the key deployment was successful. Exit back to the Ansible controller:

exit

Repeat the SSH testing process for managed-node-2, ansible-controller and verify that you can SSH without entering a password.

Conclusion

You've successfully set up DNS entries for your Ansible environment, created an SSH key pair, deployed it to your managed nodes, and verified SSH connectivity. This setup is essential for efficient and secure Ansible automation.

Server Academy Members Only

Sorry, this lesson is only available to Server Academy Full Access members. Become a Full-Access Member now and you’ll get instant access to all of our courses.

0 0 votes
Lesson Rating
Subscribe
Notify of
profile avatar
0 Comments
Inline Feedbacks
View all comments