### 添加 堡垒机 域名指定解析 #### ansible -i hosts all -m shell -a " sudo sh -c 'echo \"36.37.142.178 baoleiji.yongshengkeji.top\" >> /etc/hosts'" ### 允许密码访问 ### sed -i "s/PasswordAuthentication\ no/PasswordAuthentication\ yes/g" /etc/ssh/sshd_config sed -i "s/PermitRootLogin\ no/PermitRootLogin\ yes/g" /etc/ssh/sshd_config ### 禁止密码登录 ### ansible -i hosts all -m shell -a "sudo sed -i \" s/PasswordAuthentication\ yes/PasswordAuthentication\ no/g \" /etc/ssh/sshd_config " ansible -i hosts all -m shell -a "sudo sed -i \"s/PermitRootLogin\ yes/PermitRootLogin\ no/g\" /etc/ssh/sshd_config " ansible -i hosts all -m shell -a "sudo service sshd restart " ### 修改服务器密码 ### ansible all -m raw -a "echo 'TcvVeDXAx414RV%b' | passwd --stdin root" ## 批量添加IP白名单 ### ansible -i hosts all -m shell -a "sudo echo '34.96.136.139' >> /opt/sh/ip.txt" ansible -i hosts all -m shell -a "sudo sh /opt/sh/iptables.sh"