Introduction to Ansible Transcripts
Chapter: Development Environment Configuration
Lecture: SSH Keys on macOS
0:00 After installing and testing Ansible
0:01 to make sure that it runs
0:03 the next step is to create an SSH key.
0:05 SSH keys are asymmetric keys.
0:07 Which means that the public
0:09 and the private key are different.
0:11 You can share the public key with whoever you want.
0:14 And, in fact, we're going to put the public key
0:15 on remote servers.
0:17 But a private key should never be shared.
0:19 When a server only allows login via SSH keys
0:22 it will use the public key to determine
0:24 if someone is trying to log in with a private key
0:27 regardless of the operating system
0:28 that we're going to be using.
0:29 We need to create an SSH key pair.
0:31 Let's take a look at how to do that on macOS.
0:34 Back in the terminal
0:35 we're going to run the ssh-keygen command.
0:39 If we type it without any parameters
0:41 it'll just use default settings.
0:43 We're going to use a few custom parameters
0:45 with ssh-keygen.
0:46 The first is to specify the type as RSA.
0:49 The number of bits is 4096
0:51 which is the current standard that most people use.
0:54 And we can specify a custom email address
0:56 which in my case is firstname.lastname@example.org.
1:00 Now ssh-keygen will ask you
1:01 where you want to save the public and private key pair.
1:05 I'll store it in the directory that it's recommending
1:07 but I'm going to give it a different name
1:08 because I don't want to overwrite the existing
1:10 public and private keys that I have there.
1:13 I'll call this intro-ansible
1:14 and press enter twice to not use a passphrase.
1:17 And then we'll see a bunch of random art
1:19 that represents the key's image.
1:20 And our keys are created.
1:22 So if we take a look under the .ssh directory
1:26 and then we look specifically using the grep command
1:29 for intro-ansible
1:31 we'll see that we have the private key
1:33 which is just called intro-ansible
1:35 and then the public key
1:36 which always has the .pub at the end
1:38 after ssh-keygen generates those keys.
1:40 intro-ansible.pub is the one that we're going to put
1:43 on remote servers and intro-ansible is the one
1:45 that is going to allow us
1:46 to verify that we are who we say we are
1:49 when we want to connect to those servers.
1:50 Now that we have our public and private keys
1:52 we can write and execute our first Ansible playbook.