🔹 Linux Managed Node (SSH Key Authentication)
Ansible uses SSH to communicate with Linux hosts. You can enable passwordless authentication using SSH keys.
✅ Step 1: Generate SSH Key on the Control Node
Run the following command on your Ansible control node (Ubuntu):
ssh-keygen -t rsa -b 4096
Note: Press Enter for default options.
This creates keys in ~/.ssh/id_rsa (private key) and ~/.ssh/id_rsa.pub (public key).
This creates keys in ~/.ssh/id_rsa (private key) and ~/.ssh/id_rsa.pub (public key).
✅ Step 2: Copy SSH Key to the Managed Node
Use ssh-copy-id to copy the key to your Linux managed node (replace with your actual username and IP):
ssh-copy-id -i ~/.ssh/id_rsa.pub user@192.168.1.100
This will add the public key to the remote user's ~/.ssh/authorized_keys file.
If ssh-copy-id is not available, manually copy the key:
cat ~/.ssh/id_rsa.pub | ssh user@192.168.1.100 "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"
✅ Step 3: Test SSH Login Without Password
On your Ansible control node, run:
✅ Step 3: Test SSH Login Without Password
On your Ansible control node, run:
ssh user@192.168.1.100
If you can log in without entering a password, SSH key authentication is working.
✅ Step 4: Configure Ansible Inventory
Edit your inventory file (inventory.ini):
[linux]192.168.1.100ansible_user=useransible_ssh_private_key_file=~/.ssh/id_rsa
Now, test the Ansible connection:
ansible linux -m ping -i inventory.ini
If successful, it should return:
192.168.1.100 | SUCCESS => {
"ping": "pong"
}
🔹 Windows Managed Node (WinRM with Kerberos or CredSSP)
Since Windows does not use SSH, you need to set up WinRM with Kerberos or CredSSP for passwordless authentication.
✅ Step 1: Install Required Libraries on Ansible Control Node
Run the following:
}
🔹 Windows Managed Node (WinRM with Kerberos or CredSSP)
Since Windows does not use SSH, you need to set up WinRM with Kerberos or CredSSP for passwordless authentication.
✅ Step 1: Install Required Libraries on Ansible Control Node
Run the following:
pip install pywinrm kerberos requests-kerberos requests-credssp
✅ Step 2: Configure WinRM on the Windows Managed Node
Open PowerShell (as Administrator) on Windows and run:
winrm quickconfig -q
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
winrm set winrm/config/service/auth '@{Basic="true"}'
For Kerberos authentication, set:
winrm set winrm/config/service/auth '@{Kerberos="true"}'
For CredSSP authentication, enable it:
Enable-WSManCredSSP -Role Server
✅ Step 3: Configure Ansible Inventory
Edit your inventory file (inventory.ini):
[windows]192.168.1.82
[windows:vars]
ansible_user=Administrator
ansible_user=Administrator
ansible_password=YourPassword123!
ansible_connection=winrm
ansible_winrm_transport=credssp
ansible_winrm_server_cert_validation=ignore
✅ Step 4: Test Ansible Connection to Windows
Run:
ansible_connection=winrm
ansible_winrm_transport=credssp
ansible_winrm_server_cert_validation=ignore
✅ Step 4: Test Ansible Connection to Windows
Run:
ansible windows -m win_ping -i inventory.ini
Expected Output:
192.168.1.82 | SUCCESS => {
"ping": "pong"
}
