Introduction to Ansible Transcripts
Chapter: Configuring Servers
Lecture: Creating a Non-root User
0:00 We created our initial configuration
0:01 so let's test out and see how this all works.
0:04 One step though, that we do need to take
0:06 is we want to connect to these servers from our local server
0:09 and remove the prompt that appears
0:11 when we're connecting to a new server.
0:13 For example, let's take a look at our host file.
0:16 If we copy our IP address
0:19 and we SSH in, that'll be root@
0:22 and then paste in the IP address
0:24 there's a prompt
0:25 "Are you sure you want to continue connecting?"
0:26 We'll select Yes, and now this server has been added
0:29 to the list of known hosts.
0:31 We know we can connect to the server
0:32 and Ansible will be able to run its commands.
0:34 Exit out of that one with Control + D
0:37 and then copy the next server.
0:40 Same command, different server.
0:42 And again, it prompts us
0:43 "Are you sure you want to continue connecting?"
0:45 We'll say Yes.
0:49 Now if we were to try to reconnect
0:52 there's no prompt asking us if we're sure we want to connect
0:55 because we've already connected to the server
0:56 and it's listed in the known hosts file
0:59 which you can find at your home directory .ssh/known_hosts
1:05 we have two entries in here, one for web server
1:08 one for our database server.
1:09 Now let's try to kick off our script
1:10 and see what happens, see if we made any typos
1:12 or if we got it right on the first shot.
1:21 So we were able to connect, create a non-root group
1:23 non-root user, but we did have one issue
1:25 of adding an authorized key to the non-root user.
1:27 So let's take a look at this error here
1:29 and it looks like a typo
1:30 where this should have been end parenthesis
1:32 and then the two curly braces.
1:34 Let's fix that in our playbook
1:43 and it's just a missing parenthesis.
1:49 All right, one more time.
1:53 Okay, so unable to find the appropriate file.
1:55 Now this is most likely an incorrect variable
2:00 var as all file, and it looks like we need
2:02 an extra trailing slash at the end of ssh_dir.
2:14 There we are, no errors, and now we should not be able
2:16 to log in to either of our servers via SSH
2:19 with the root user.
2:26 Permission denied, that's what we expect.
2:31 But if we use the deploy user
2:36 all good, and that deploy user will provide the access
2:40 for the rest of our playbook.