The wind blows wherever it pleases. You hear its sound, but you cannot tell where it comes from or where it is going.
Ansible facts are variables that are automatically discovered by Ansible from a managed host. Facts are pulled by the setup module and contain useful information stored into variables that administrators can reuse. Ansible facts can be part of playbooks, in conditionals, loops, or any other dynamic statement that depends on a value for a managed host
Continue reading “Ansible Facts”
Ansible supports variables that can be used to store values that can be reused throughout files in an entire Ansible project. This can help simplify creation and maintenance of a project and reduce the incidence of errors.
Continue reading “Ansible Variables”
Templates give the ability to provide a skeletal file that can be dynamically completed using variables
In comparison with ad-hoc commands, playbooks are used in complex scenarios, and they offer increased flexibility. Playbooks use YAML format, so there is not much syntax needed, but indentation must be respected. Ansible playbooks tend to be more of a configuration language than a programming language.
Tailing /var/log/secure on the target machine is a lot more useful :
|
1 2 3 4 |
sudo tail -f /var/log/secure Sep 14 01:26:31 new-server sshd[22107]: Authentication refused: bad ownership or modes for directory /home/dave/.ssh Sep 14 01:26:46 new-server sshd[22108]: Connection closed by 98.76.54.32 |
Finally we’re getting somewhere – bad ownership or modes for directory /home/dave/.ssh.
SSH doesn’t like it if your home or ~/.ssh directories have group write permissions. Your home directory should be writable only by you, ~/.ssh should be 700, and authorized_keys should be 600 :
|
1 2 3 |
chmod g-w /home/your_user chmod 700 /home/your_user/.ssh chmod 600 /home/your_user/.ssh/authorized_keys |
You can also get around this by adding StrictModes off to your ssh_config file, but I’d advise against it – fixing permissions is the way to go.