I am running a recipe on chef-server and it requires me to provide password for ssh on remote machine. While running the recipe chef-client ask for the machine password and even if I provides the recipe wont work. Can anyone pls help me in this. This is my recipe
execute "run ssh" do
command "rsync -avz --progress /opt/tomcat7/webapps/ROOT/static [email protected]:/opt/chef/rsyncEx"
end
Instead of using this stone-age technique we should try using ssh keys, For this First generate the ssh key on remote machine on which we are going to run our recipe.
[root@node01 ~]# ssh-keygen
Remember dont give any passphrase for the key file
[root@node01 ~]# chmod 700 ~/.ssh
[root@node01 ~]# chmod 600 ~/.ssh/*
[root@node01 ~]# ssh root@node02 'mkdir -p /root/.ssh'
[root@node01 ~]# scp /root/.ssh/id_rsa.pub root@node02:/root/.ssh/authorized_keys
[root@node01 ~]# ssh root@node02 'chmod 700 /root/.ssh'
[root@node01 ~]# ssh root@node02 'chmod 600 /root/.ssh/*'
Now we can login without using password
[root@node01 ~]# ssh root@node02
Now to run any sh command from our recipe use ssh key , for my scenario while running rsync I used this
execute "static_backup" do
command "rsync -avz --progress -e 'ssh -i /root/.ssh/id_rsa -C -c blowfish' /opt/tomcat7/webapps/static root@node2:/opt/chef/rsyncEx"
only_if {node.name=='node2'}
end