我想禁用主机密匙,只用账号密码登陆,设置了constants.HOST_KEY_CHECKING = False,依旧无效
来源:7-9 ansible模块核心类章节总结
多彩的云
2018-06-29
AnsibleResult.py代码如下
from ansible.plugins.callback import CallbackBase
class ModelResultsCollector(CallbackBase):
def __init__(self, *args, **kwargs):
super(ModelResultsCollector, self).__init__(*args, **kwargs)
self.host_ok = {}
self.host_unreachable = {}
self.host_failed = {}
def v2_runner_on_unreachable(self, result):
self.host_unreachable[result._host.get_name()] = result
def v2_runner_on_ok(self, result, *args, **kwargs):
self.host_ok[result._host.get_name()] = result
def v2_runner_on_failed(self, result, *args, **kwargs):
self.host_failed[result._host.get_name()] = resultrunner.py代码如下
from ansible.inventory.manager import InventoryManager
from ansible.parsing.dataloader import DataLoader
from ansible.vars.manager import VariableManager
from utils.AnsibleResult import ModelResultsCollector
from ansible.playbook.play import Play
from ansible.executor.task_queue_manager import TaskQueueManager
from collections import namedtuple
from ansible import constants
class ansible_task:
def __init__(self, ip, user, password, port, type, cmd):
self.ip = ip
self.password = password,
self.port = port
self.user = user
self.type = type
self.cmd = cmd
load = DataLoader()
inventory = InventoryManager(loader=load, sources=['hosts'])
varaibles = VariableManager(loader=load, inventory=inventory)
Options = namedtuple('Options',
['connection',
'module_path',
'sudo_user',
'forks',
'timeout',
'remote_user',
'ask_pass',
'private_key_file',
'ssh_common_args',
'ssh_extra_args',
'sftp_extra_args',
'scp_extra_args',
'become',
'become_method',
'become_user',
'ask_value_pass',
'verbosity',
'check',
'listhosts',
'listtasks',
'listtags',
'syntax',
'diff'])
options = Options(connection='smart',
module_path=None,
sudo_user=None,
forks=5,
timeout=10,
remote_user=self.user,
ask_pass=self.password,
private_key_file=None,
ssh_common_args=None,
ssh_extra_args=None,
sftp_extra_args=None,
scp_extra_args=None,
become=None,
become_method=None,
become_user='root',
ask_value_pass=False,
verbosity=None,
check=False,
listhosts=False,
listtasks=False,
listtags=False,
syntax=False,
diff=True)
self.a = inventory
self.v = varaibles
self.loader = load
self.option = options
def playtask(self):
play_source = dict(
name="Ansible test",
hosts=self.ip,
gather_facts='no',
tasks=[
dict(action=dict(module=self.type, args=self.cmd)),
]
)
callback = ModelResultsCollector()
play = Play().load(play_source, variable_manager=self.v, loader=self.loader)
passwords = dict()
try:
tqm = TaskQueueManager(
inventory=self.a,
variable_manager=self.v,
loader=self.loader,
options=self.option,
passwords=passwords,
stdout_callback=callback
)
constants.HOST_KEY_CHECKING = False
tqm.run(play)
except Exception as e:
print(e)
finally:
if tqm is not None:
tqm.cleanup()
result_raw = {'success': {}, 'failed': {}, 'unreachable': {}}
for host, result in callback.host_ok.items():
result_raw['success'][host] = result._result
for host, result in callback.host_failed.items():
result_raw['failed'][host] = result._result
for host, result in callback.host_unreachable.items():
result_raw['unreachable'][host] = result._result
print(result_raw)
if __name__ == '__main__':
a = ansible_task(ip='192.168.1.20', user='root', password='123456', port='22', type='shell', cmd='ls /root')
a.playtask()不知道问题出在哪里?我想禁用主机密匙,只用账号密码登陆。虽然设置了constants.HOST_KEY_CHECKING = False,依旧无效,只要经过密匙认证的主机,而且就算密码错误,一样可以登陆,我估计是只认证书了,没用进行ssh密匙认证的主机无法链接,希望老师指点一下迷津
写回答
1回答
-
Jeson
2018-06-29
你好,首先看下192.168.1.20这台机器的/var/log/secure,如果日志是:
Accepted publickey for root from 说明客户端使用的是秘钥的方式登陆。
如果日志是:
Accepted password for root from 说明使用的密码的方式登陆的。
另外,设置HOST_KEY_CHECKING的作用并不是限制秘钥的方式登陆。这个是不进行host_key检查,省去目标key发生变化时输入(yes/no)的步骤。
1、可以在服务端sshd_config中设置PubkeyAuthentication
2、或者移除客户端~/.ssh/idrsa 配置
等等
00
相似问题
这个imoocc的用户名密码多少呀?
回答 2
扫描主机信息报错
回答 2