Introduction
This guide explains how to prepare Ubuntu servers for Ansible automation. It covers the necessary steps for both Digital Ocean droplets and VMware virtual machines, including user creation, SSH configuration, and firewall setup.
Digital Ocean Setup
Right after creating the droplet, they don’t have a user account to login other than root. So you’d have to create a user and give SSH access.
1. Create Ubuntu User
# Create new user and add to sudo group
adduser ubuntu
usermod -aG sudo ubuntu2. Configure Firewall
# Allow SSH and enable firewall
ufw allow OpenSSH
ufw enable
ufw status3. Transfer SSH Keys
# Copy SSH keys from root to ubuntu user
rsync -avr --chown=ubuntu:ubuntu ~/.ssh /home/ubuntu4. Configure Sudo Access
# Edit sudoers file to allow passwordless sudo
visudo
# Add this line at the bottom:
ubuntu ALL=(ALL) NOPASSWD:ALLVMware Setup
Right after creating the VM, they only allow SSH login with password. So you’d have to change SSH config to login with your SSH key.
1. Copy SSH Key
# Copy SSH public key to VM
rsync -avr ~/.ssh/id.pub ubuntu@vm:~/.ssh/authorized_keys2. Configure SSH
# Login as ubuntu user with password
# Then sudo to root and edit SSH config
sudo su -
nano /etc/ssh/sshd_config
# Change these settings:
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
PermitRootLogin no
PermitRootLogin prohibit-password3. Configure Sudo Access
# Edit sudoers file to allow passwordless sudo
visudo
# Add this line at the bottom:
ubuntu ALL=(ALL) NOPASSWD:ALL4. Restart VM
# Reboot the system
reboot nowRunning Ansible
Now the machines are ready to run Ansible.
Best Practices
- Always use SSH keys instead of passwords
- Keep SSH configuration secure
- Use specific user permissions
- Regularly update firewall rules
- Document all changes made
- Test SSH access before running Ansible
- Keep backup of original configurations
