GeekTechStuff

In the previous post I walked through installing Ansible on a Raspberry Pi and finished at the point of the Ansible inventory being set up but needing some SSH.

For this part of the project I am using:

• A Raspberry Pi 3 with Ansible installed, running Raspbian OS (Buster). This is my controller.
• 2x Raspberry Pi Zero W, running Raspbian OS (Buster). These are freshly installed with the basic Pi account, SSH enabled and the default account password changed.

Note: At the first opportunity (i.e. first boot of the newly installed device) change the default Pi account password to something more secure.

Creating a public SSH key

On the Raspberry Pi 3 I opened terminal and typed:

ssh-keygen -o

This generated a public and private key under /home/pi/.ssh/ as pi is the user account I am using.

Note: Never give your private key to anyone.

Copying SSH ID to the other Pis

On the Raspberry Pi 3 I then used:

ssh-copy-id USERNAME@IP_ADDRESS_OF_DEVICE

e.g.

ssh-copy-id pi@192.168.0.38

on both Raspberry Pi Zero Ws. The devices will ask for their passwords but should then allow SSH from the Pi 3 without further credentials.

If this method doesn’t work then bring the public SSH key into play:

• Open a terminal on the Pi 3
• CD to the ~/.ssh directory
• Set permissions on the files and directory using:
• chmod 700 ~/.ssh && chmod 600 ~/.ssh/authorized_keys
• Copy the files to the Pi Zero Ws using:
• scp ~/.ssh/id_rsa.pub USERNAME@IP_ADDRESS_OF_DEVICE:~/.ssh/authorized_keys

Note: chmod changes the permissions of an object. 700 allows the owner to read/write, 600 allows the owner to read/write and execute.

Testing Ansible

If the correct IP addresses (or host names) are in your Ansible inventory then it is time to test Ansible again.

Open the terminal and type:

ansible group_heading -m ping

e.g.

ansible Pi_Collection -m ping

Last time this generated SSH errors, however it should now successfully ping the devices and respond.

If the response comes back with a “SUCCESS” message then all is good.