公司内部补允许用key来认证,而且是内网无法访问外网,只能通过源码安装和装特定模块达到密码登陆的功能
1.安装sshpass
运行下列命令安装:
tar -zxvf sshpass-1.05.tar.gz cd sshpass-1.05 ./configure make && make install
安装完成后输入sshpass出现如下提示即安装成功
#sshpass
Usage: sshpass [-f|-d|-p|-e] [-hV] command parameters -f filename Take password to use from file -d number Use number as file descriptor for getting password -p password Provide password as argument (security unwise) -e Password is passed as env-var "SSHPASS" With no parameters - password will be taken from stdin -h Show help (this screen) -V Print version information At most one of -f, -d, -p or -e should be used
/etc/ansible/hosts文件中添加用户密码,认证ssh连接
[test] 127.0.0.1 ansible_ssh_user=root ansible_ssh_port=22 ansible_ssh_pass=123456 192.168.1.137 ansible_ssh_user=root ansible_ssh_port=22 ansible_ssh_pass=123456
2.错误汇总:
[root@localhost ~]# ansible test -m ping
127.0.0.1 | FAILED! => { "msg": "Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this. Please add this host's fingerprint to your known_hosts file to manage this host." } 192.168.1.103 | FAILED! => { "msg": "Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this. Please add this host's fingerprint to your known_hosts file to manage this host." }
3.原因和解决办法:
ssh第一次连接的时候一般会提示输入yes 进行确认为将key字符串加入到 ~/.ssh/known_hosts 文件中。而本机的~/.ssh/known_hosts文件中并有fingerprint key串
解决方法:在ansible.cfg文件中更改下面的参数:
#host_key_checking = False 将#号去掉即可