1. ssh客户端生成key
$ ssh-keygen -t rsa -b
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/(username)/.ssh/id_rsa): vagrantid_rsa
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in vagrantid_rsa.
Your public key has been saved in vagrantid_rsa.pub.
The key fingerprint is:
##...
$
2. 公钥填充
说明:https://teamtreehouse.com/community/vagrant-the-host-path-of-the-shared-folder-is-missing
使用vagrant的时候,虚拟机中.ssh文件夹路径:(Linux)/Users/yourname/path -> (vagrant)/home/yourname/path
或者采用
[root@vagrant-centos65 /]# find / -name .ssh
/home/vagrant/.ssh
[root@vagrant-centos65 /]# cd /home/vagrant/.ssh
找到.ssh文件夹位置
#客户机
$ scp ./vagrantid_rsa.pub vagrant@192.168.33.10:~/.ssh/
vagrant@192.168.33.10's password:
vagrantid_rsa.pub % .7KB/s : #用作ssh服务器的vm
[root@vagrant-centos65 .ssh]# ls
authorized_keys vagrantid_rsa.pub
拷贝公钥到ssh服务器之后:
[root@vagrant-centos65 .ssh]# cat vagrantid_rsa.pub >> authorized_keys
3. 上手:Hello, Fabric
$ vim fabfile.py #创建文件,命名为fabfile.py,在文件中定义一个hello函数
$ fab hello
Hello world! Done.
Fabric官网入门教程链接:http://docs.fabfile.org/en/1.10/tutorial.html
4. 调用Fabric的API进行远程登录
参考:
#尝试 1:
fabfile.py:
from fabric.api import run, env
env.hosts = ['192.168.33.10']# as host1 def taskA():
run('ls')
def taskB():
run('whoami')
终端fab命令执行tasks:
$ fab taskA taskB
[192.168.33.10] Executing task 'taskA'
[192.168.33.10] run: ls
[192.168.33.10] Login password for (username):
如果用户名不相同(在env.hosts里没有指定)这样的方式登陆不了特定用户。
修改:
#尝试 2
#fabfile.py
from fabric.api import run, env
env.hosts = ['vagrant@192.168.33.10']# 这里可以指定多个主机。多个主机密码需要分别指定,不好
env.passwords = {
'vagrant@192.168.33.10': 'vagrant',
} def taskA():
run('ls')
def taskB():
run('whoami')
终端执行fab命令
$ fab taskA taskB
[vagrant@192.168.33.10] Executing task 'taskA'
[vagrant@192.168.33.10] run: ls
[vagrant@192.168.33.10] Login password for 'vagrant':
Sorry, you can't enter an empty password. Please try again.
[vagrant@192.168.33.10] Login password for 'vagrant':
[vagrant@192.168.33.10] out: httpd-2.4.17 mod_wsgi-4.4.21 pi Python-2.7.10.tar
[vagrant@192.168.33.10] out: httpd-2.4.17.tar.gz mod_wsgi-4.4.21.tar.gz Python-2.7.10
[vagrant@192.168.33.10] out: [vagrant@192.168.33.10] Executing task 'taskB'
[vagrant@192.168.33.10] run: whoami
[vagrant@192.168.33.10] out: vagrant
[vagrant@192.168.33.10] out: Done.
Disconnecting from vagrant@192.168.33.10... done.
还是需要手动输入密码
#尝试 3:在fab命令参数里设置
$ fab taskA -i /Users/(username)/.ssh/vagrantid_rsa -H vagrant@192.168.33.10:
[vagrant@192.168.33.10] Executing task 'taskA'
[vagrant@192.168.33.10] run: ls
[vagrant@192.168.33.10] out: httpd-2.4. mod_wsgi-4.4. pi Python-2.7..tar
[vagrant@192.168.33.10] out: httpd-2.4..tar.gz mod_wsgi-4.4..tar.gz Python-2.7.
[vagrant@192.168.33.10] out: Done.
Disconnecting from vagrant@192.168.33.10... done.
ok,不需要手动输入密码了(客户机的私钥存在/Users/(username)/.ssh/vagrantid_rsa里)
#尝试 4
在fabfile.py里写好密钥存放路径,并且根据http://docs.fabfile.org/en/1.4.0/usage/execution.html#ssh-config与http://*.com/questions/5327465/using-an-ssh-keyfile-with-fabric建议,设置好ssh登陆
参考:
How do I configure SSH on OS X? http://docs.paramiko.org/en/latest/api/client.html#paramiko.client.SSHClient.connect http://segmentfault.com/a/1190000000497630#articleHeader0最终代码:
from fabric.api import run, env
import os if env.ssh_config_path and \
os.path.isfile(os.path.expanduser(env.ssh_config_path)):
env.use_ssh_config = True env.key_filename = ['/Users/***/.ssh/vagrantid_rsa']
env.hosts = ['vagrant@192.168.33.10']# as host1
#not using cache def taskA():
run('ls')
def taskB():
run('whoami')
END.
参考资料:
使用 Vagrant 打造跨平台开发环境 自动化运维工具Fabric - 密码管理(env.password and ssh key)