SSH 隧道接入
[英]SSH Tunnel Access
问题描述
Good Day
再会
I work for an ISP and we basically manage all our switches and routers via the CLI from a Jumpbox.我为 ISP 工作,我们基本上通过 Jumpbox 的 CLI 管理所有交换机和路由器。
I would like to automate some of my work on these devices by writing Python scripts, etc.我想通过编写 Python 脚本等来自动化我在这些设备上的一些工作。
However, this Jumpbox (Linux), is quite old and the Python version is old.但是,这个 Jumpbox (Linux) 相当旧,而且 Python 版本也很旧。 I cannot add Ansible, Netmiko, etc. Plus I'm not an Admin for that box so can't upgrade it.我无法添加 Ansible、Netmiko 等。另外,我不是那个盒子的管理员,所以无法升级它。
My question is, if I set up my own Linux VM with all the required tools, how would I be able to access these routers and switches from my local Linux VM?我的问题是,如果我使用所有必需的工具设置我自己的 Linux VM,我将如何从我的本地 Linux VM 访问这些路由器和交换机?
I tried setting up a Local/Remote/Dynamic SSH Tunnel to the Jumpbox, but I always end up on the Jumpbox SSH session itself.我尝试设置到 Jumpbox 的本地/远程/动态 SSH 隧道,但我总是以 Jumpbox SSH session 本身结束。
1 个解决方案
解决方案1
0 2021-04-24 15:57:12
You can use the jumpbox as a bastion host.您可以将 jumpbox 用作堡垒主机。 Copy your public keys to both hosts (the jumpbox and the devices) and in your inventory file use the ansible_ssh_common_args option to set it up, like this:将您的公钥复制到两个主机(跳转盒和设备)并在您的清单文件中使用ansible_ssh_common_args选项进行设置,如下所示:
[switches]
switch-01 ansible_host=192.168.0.1 ansible_ssh_common_args='-o ProxyCommand="ssh -W %h:%p -q user@ip-bastion"'
Note: you must be running Ansible version 2.注意:您必须运行 Ansible 版本 2。
Best regards.此致。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.