gerer du materiel reseau via ansible, exemple avec cisco

pour se connecter sur une equipement reseau sans avoir a saisir de mot de passe afin de favoriser l'automatisation il faut auprealable echanger les clés ssh , puis on fera usage de ansible via ssh pour lancer des commandes .

generer une paire e clée ssh sur la station de commande linux (master node)

[ansnet@ansmnode ~]$ ssh-keygen -b 4096 -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/ansnet/.ssh/id_rsa): /home/ansnet/.ssh/id_rsa_ansiblenet46      
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/ansnet/.ssh/id_rsa_ansiblenet46.
Your public key has been saved in /home/ansnet/.ssh/id_rsa_ansiblenet46.pub.

formater la clée dans un format compatible avec le copier/coller vers la cli cisco

[ansnet@ansmnode .ssh]$ fold -b -w 72  id_rsa_ansiblenet46.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC+NTIY3H4/yfQymt1kKfgNzEkfSKNkx8U4
Fxn65ZNmt5cx61MEXYK6Ok8HkRWCRAh6DCm/NzDzPLPqMZCj5VeMkIk1RMccafdCVxKfBnPd
....
8gjWECltaV10HCSKeUgZ2S9rT8KIUGlvMhp5Mg1jmRMIgOK+/iJOdMaKylx3zklR8lcJYzTt
UQ== ansnet@ansmnode.domain.fr

• https://yetiops.net/posts/ansible-for-networking-part-3-cisco-ios/
• https://community.cisco.com/t5/security-knowledge-base/ise-cli-with-ansible/ta-p/4702386
• https://blog.gainskills.top/2018/09/07/ansible-access-network-via-ssh/
• https://www.ipspace.net/kb/Ansible/Parsing_Text_Printouts_Ansible.html
• https://blog.stephane-robert.info/post/ansible-vault/
• https://mindlesstux.com/2022/01/15/fix-for-ping-socket-operation-not-permitted/