Ssh

Ansible PreferredAuthentications SSH 設置從何而來?

  • July 21, 2020

我正在使用 SSH 使用者名和密碼設置執行標準 ansible (v2.3.1) 劇本。使用“-vvvv”設置時,我可以看到這些 SSH 命令正在生成

EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s 
-o StrictHostKeyChecking=no -o Port=2222 
-o KbdInteractiveAuthentication=no 
-o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey 
-o PasswordAuthentication=no -o User=dc_user -o ConnectTimeout=10

在上述情況下,“PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey”設置是從哪裡提取的。我相信這些來自客戶端 SSH 配置設置,但這是正確的嗎?

我知道我可以通過在我的“ansaible.cfg”中定義它來覆蓋 ssh 參數

[ssh_connection]
scp_if_ssh=True
ssh_args = -o ControlMaster=auto -o ControlPersist=60s -o PreferredAuthentications=publickey

誰可以給我解釋一下這個?謝謝

我觀察到在原始碼-o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey中是硬編碼的

如果您將覆蓋添加ssh_args到ssh 命令行,但這不會替換ansible.cfg``-o PreferredAuthentications=publickey``-o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey

例子:

$ grep ssh_args /etc/ansible/ansible.cfg 
#ssh_args = -C -o ControlMaster=auto -o ControlPersist=60s
ssh_args = -o ControlMaster=auto -o ControlPersist=60s -o     PreferredAuthentications=publickey
$ ansible rhel7a -m ping -vvvv |grep EXEC
<rhel7a> SSH: EXEC ssh -vvv -o ControlMaster=auto -o ControlPersist=60s -o PreferredAuthentications=publickey -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=vagrant -o ConnectTimeout=10 -o ControlPath=/home/user/.ansible/cp/13dd447a86 rhel7a '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''

引用自:https://serverfault.com/questions/929222