1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

SSH Public key synchonization acros several servers, how to automate it?

Discussion in 'Site & Server Administration' started by postcd, Nov 11, 2014.

  1. #1
    Hello,

    im working on a script which will allow several folders synchronization acros multiple servers.
    On each server the script will download data from rest of the servers via rsync via ssh (rsync have archive and update attribute).
    For this transfer ssh public access key is needed.

    When i add new server to the group, i need to:
    1) run ssh-keygen on new server and via ssh-copy-id add key it to rest of servers so i can download data from them...
    2) do the same on all old servers so each of them can also download data from my new server..

    Im thinking how to automate this thing via bash script...

    In my backup script i already have list of all servers IPs. So i can do some loop acros these IPs, exclude my new server IP and after one time key generation i will be manually putting this key to all old server IPs... ?
    Then how to allow old servers to access this new server. It appears more complicated as i would need to login to each old server and there i dont know ...

    what about somehow sycing files with public keys between existing old servers? Any idea how to do it, how to realize it in bash? thx
    SEMrush
     
    postcd, Nov 11, 2014 IP
    SEMrush
  2. actionspec

    actionspec Greenhorn

    Messages:
    10
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    13
    #2
    Ansible might be good for this depending on how you handle the provisioning of said servers.

    Here is Ansible's documentation on deploying SSH keys: https://docs.ansible.com/ansible/latest/modules/authorized_key_module.html

    You can wrap ansible into your script, or use Ansible to replace your script entirely. We use terraform to provision servers, then Ansible to configure the servers themselves once the infrastructure pieces are up.

    What platform are you running on? Are these metal or are they VPS's somewhere like AWS or DigitalOcean?
     
    actionspec, May 11, 2020 IP
    postcd likes this.