Introduction to Ansible Transcripts
Chapter: Configuring Servers
Lecture: Creating a Non-root User

Learn more about this course
Login or purchase this course to watch this video and the rest of the course contents.
0:00 We created our initial configuration so let's test out and see how this all works. One step though, that we do need to take
0:07 is we want to connect to these servers from our local server and remove the prompt that appears when we're connecting to a new server.
0:14 For example, let's take a look at our host file. If we copy our IP address and we SSH in, that'll be root@ and then paste in the IP address
0:25 there's a prompt "Are you sure you want to continue connecting?" We'll select Yes, and now this server has been added to the list of known hosts.
0:32 We know we can connect to the server and Ansible will be able to run its commands. Exit out of that one with Control + D and then copy the next server.
0:41 Same command, different server. And again, it prompts us "Are you sure you want to continue connecting?" We'll say Yes.
0:50 Now if we were to try to reconnect there's no prompt asking us if we're sure we want to connect because we've already connected to the server
0:57 and it's listed in the known hosts file which you can find at your home directory .ssh/known_hosts we have two entries in here, one for web server
1:09 one for our database server. Now let's try to kick off our script and see what happens, see if we made any typos
1:13 or if we got it right on the first shot. So we were able to connect, create a non-root group non-root user, but we did have one issue
1:26 of adding an authorized key to the non-root user. So let's take a look at this error here and it looks like a typo
1:31 where this should have been end parenthesis and then the two curly braces. Let's fix that in our playbook and it's just a missing parenthesis.
1:50 All right, one more time. Okay, so unable to find the appropriate file. Now this is most likely an incorrect variable
2:01 var as all file, and it looks like we need an extra trailing slash at the end of ssh_dir. There we are, no errors, and now we should not be able
2:17 to log in to either of our servers via SSH with the root user. Permission denied, that's what we expect. But if we use the deploy user
2:37 all good, and that deploy user will provide the access for the rest of our playbook.


Talk Python's Mastodon Michael Kennedy's Mastodon