2- Create ssh key for Ansible

1- create the Private key & Public key ( .pub) on the Client: ssh-keygen
2- copy the public key to the server: ssh-copy-id or just a sftp
3- To set up SSH agent to avoid retyping passwords, you can do:
4- SSH test ( will ask for the passphrase once!)
5- check the Local keys:
6- check the Remote keys:

1- create the private & Public key on the Client:

ssh-keygen ( press enter + enter the passphrase )

ssh-keygen

passphrase = ansible123

/project # ssh-keygen

!!!!!  default wull use: root 
!!!!!  and will put it in /root/.ssh/ 


/project # ssh-keygen -t rsa -f /project/id_rsa -P ansible123 -C ansible
Generating public/private rsa key pair.
Your identification has been saved in /project/id_rsa.
Your public key has been saved in /project/id_rsa.pub.
The key fingerprint is:
SHA256:gjLEcnkqJ5bE6O/KBH5c1mGle6clTJNqDvQ+72CIy0w ansible
The key's randomart image is:
+---[RSA 2048]----+
|         .       |
|o. .    o .      |
|oo= .. + +       |
|o+.o..+ * .      |
|++= .+.*S+ o     |
|++oo+ *.. =      |
| o E . * .       |
|o * . . +        |
| o.=    .o       |
+----[SHA256]-----+

show keys

/project # more id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAxxxxxxxxxxxxxxxxxxxxxxxPhGutC3GzMrtI+oYiT ansible

/project # more id_rsa
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,05388A42A5804ABDF36414653984ABE6

vMRf+ef7ZuiS1nnur4HsAgF+I+ZLkj0gUqvfAQMVCn8HPy1fU7pV7YjhUuGRqfa+
FtDSP6OChx9pU+UBS+Q/6d+FRWhdOvJxfG2Rjrs4i4uc4STyn6N393Ns5M9quEjc
tARO9EOcROR73xtXws03jRewwj1YF8rCa+c3jytRzz/IwZZX617t3ANk38s9KKX2
u1H1KCkzDZTTUO7Zp37yzpRa/YIcQ6g8iYuSMgWedzkasolBSLpgGTz+Qg2FrN2+
3jPksBZdQrYp0gaDVoRtwOOSUqHmlRku3mshN4nhSAFQtcRNNX0FI8+mnrOgil3c
TIVc89M+6BzuJAZ9zXwkuNUVRT9/Woh5GXn0yhlSA2DVF9jHpxJ2W69GHUaCUbj8
WunQJxtKTpMp6viu/QIfpBHqLJYJ2NDo8f+G7J6rmz1bB169wAcV6R3YuLkTVbPQ
pRS3gj9sem3MPBIT1T+AvqCQ3+uI8qYR+5jHw5rHizwTrm6+GYlJL4ewnTVtjbIV
N847W1HD8jeWkddYcbHA/UrHSwiwBdx/tezfdHDvrh46ho0QBz1e99+tjFo+Hm2z
KbadPeIJOHvSVYAFzYcazxN69vhgef/bAUKeHvHtyMJzRV/sGeClQD7AAPfd9Fzl
PWtH4NBIWTWGhGY8UCkqDUZFGAcDBMunScQuPR7sYnJa6Uc0VWoOJN6C52SNRBtm
/ZPfgayPw7lR7ENWl25moY7KAEE6DUEfxbH7Te5UcXx9h9pQQ1Q18oyKx8MYMdxi
QnFiTQsCeV7hCX4CqtirMnIIr79r5NmmiyR0jI/Bd/dlGujutbZt0/P/YJU98UV0
F1VmqI2Zfs0N9yvvHMxJIDWkAfe7MtrVvF5kLinZWGMVoTZjMO0nxgdkzQm/DnCY
PA+rvWqZTN7hObCDyPiNiOeTMLGT6zAQdwS666iecfqUaj01BUTrvuvKs2Abjpc1
BKtWI8yfKPA8HXpPPJ/IU4oLtzq6QbblxOVfCu5mKIoRnUs7uo295W04zo+pXFs6
aVA1mj3ir4+q7wKudj/AjMSp5BYY7Vo9aIyRX1XkPUbpavOsjAtpC/lh9TH7KTOq
b11SlmZaUlBgJnNHoceXZ5qXLfbGFCYMgMi5xAEwLiMKb4blah6a7DGPgSxU1JyC
39ci8/WufEyIUHhocpCWHJ7d6UUh0NDXZHLEiB+jJHaLOtt1usQS4EnZ4/z+ddRM
PuNJ+fyEkwHhkIQuCIK3UAJRoCCRMG9FA4dgPVwJKyAde6r8KtB5SXjW9gv4FC5d
9o9JTLHWzIOu2+AW49MqSGbwx3xVxtDlHbQUZf0teynZqK//LJMoa3WWQk+xXvaD
HjFju/GGZFLy/pDDMucJv7eyUAI3Rl3clvpdrWt3jAHX4IkSJJM728KZ81SwR3w9
EB6Zl7wvUEWHoZtHW1E61k9QubPYXN6tyb/Gt5AdR35s2aU4mY3v43Av3+lznslb
ja1oHKvMuAQZ/LoN+ev4+U6IaIhA7BydN5KnS7Ekr0ntwWJGyJvXUxMlEDdd6/QN
EzVhd12EjTSh4jTsrb150gaWhGs7RmBRLPqKoU89nz5/xxCDA9/5yh2/ARss2zqJ
-----END RSA PRIVATE KEY-----
/project #



!!!!!!! if using defaut ( root account ) !!!!!!!
  
/project # ls /root/.ssh/
id_rsa       id_rsa.pub   known_hosts

 
/project # more /root/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAxxxxxxxxxxxxxxxxxxxx root@fd9589e5bc79
/project #

RSA:

-Asymmetric Encryption: Private and Public key
-#Diffie-Hellman
-2,048 bits (or 617 decimal digits )
-Rivest-Shamir-Adleman

Private Key: AES-128-CBC ???
AES:

-Symmetric Encryption Algorithms
-Block cipher ( 128-bit block message + 128-bit key) >> 128-bit cipher text
- Advanced Encryptiuon Standard

2- copy the public key to the server:

ssh-copy-id ansible@192.168.99.11

or just copy the file using ( if ssh-copy-id not supported ):

sftp ansible@192.168.99.11 ( then put /project/id_rsa.pub /var/home/ansible/id_rsa.pub )

( or with sftp tool like mobaxterm )

sftp ansible@192.168.99.11

/project # sftp ansible@192.168.99.11
ansible@192.168.99.11's password:
Connected to 192.168.99.11.
sftp> put /project/id_rsa.pub
Uploading /project/id_rsa.pub to /var/home/ansible/id_rsa.pub
/project/id_rsa.pub                                                         100%  389   298.9KB/s   0.4KB/s   00:00

sftp> ls
id_rsa.pub

sftp> pwd
Remote working directory: /var/home/ansible

sftp> exit
/project #

Check: after the ssh-copy-id, on the remote server: before/after ( /root/.ddh or /home/<username>/.ssh/ )

3- To set up SSH agent to avoid retyping passwords, you can do:

http://docs.ansible.com/ansible/intro_getting_started.html

$ ssh-agent bash
$ ssh-add ~/.ssh/id_rsa #here you load the Private key to be used

-l Lists fingerprints of all identities currently represented by the agent.

[root@hp8300 ~]# ssh-add -l
2048 48:54:e7:a8:d8:cf:79:23:0d:f7:dd:9a:fc:6c:c5:d3 /root/.ssh/id_rsa (RSA)

-L Lists public key parameters of all identities currently represented by the agent.

[root@hp8300 ~]# ssh-add -L

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyKQ+IXr/yiLt7N/SSh4++V8G3K0ZoU1Pi/M85D/5Gtuh6kq6DAqk/F/lUxc0QFZNVGB9r1fCyVtwuGVhxaImXbziB0gRbBG2uclwwH0bbQUDNm+MJ5QtXjRGCmelNa5DpzfdVI8MzkJN+TI+9PJm1CuuyfBIId554IiFOKsCmt8ORCkU4X+zdXkwZeMv+7jW9sqgYHbEU7m3DU1goJYko8mKMZabpkDUu1sxktGXgMEb3uanID5ViV4VSSxv8c9yVe896cXTmZBra0Dq2NU6WWRWe/fvcukeIO5knNiGTBCpbgpNZM3u11rYbzni/Nun7oKDqBg6+aO4EI0tDn4ZP /root/.ssh/id_rsa

2- Create ssh key for Ansible

1- create the Private key & Public key ( .pub) on the Client: ssh-keygen2- copy the public key to the server: ssh-copy-id or just a sftp3- To set up SSH agent to avoid retyping passwords, you can do:4- SSH test ( will ask for the passphrase once!)5- check the Local keys:6- check the Remote keys:

1- create the private & Public key on the Client:

RSA:

Private Key: AES-128-CBC ???AES:

3- To set up SSH agent to avoid retyping passwords, you can do:

4- SSH test ( will ask for the passphrase once!)

5- check the Local keys:

6- check the Remote keys:

Private Key: AES-128-CBC ???
AES: