Skip to main content

Using Salt SSH

Hands-On Lab


Photo of Elle Krout

Elle Krout

Content Team Lead in Content





Salt SSH lets us to use Salt to manage servers that are not included in our Salt infrastructure, as in servers that do not have the salt-minion installed. This works by allowing Salt SSH access to our servers; all we need to do is supply Salt the login information. From here, Salt can use any of our formulas, states, or modules to complete tasks with minimal, if any, changes on our part.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

  1. Install Salt SSH:

    sudo yum install salt-ssh

  2. On the "minion" servers, permit passwordless login:

    sudo visudo

    cloud_user ALL=(ALL) NOPASSWD:ALL

  3. Back on master, add minions to roster:

    sudo vim /etc/salt/roster

    web1: host: user: cloud_user sudo: True tty: True

    web2: host: user: cloud_user sudo: True tty: True

  4. Run SSH command to generate key:

    sudo salt-ssh '*'

  5. Copy SSH IDs:

    sudo ssh-copy-id -i /etc/salt/pki/master/ssh/ user@<PRIVATE IP OF SSH MINION>

  6. Confirm you can connect to minions:

    sudo salt-ssh '*'

  7. Set hostnames:

    sudo salt-ssh 'web1' network.mod_hostname web1 sudo salt-ssh 'web2' network.mod_hostname web2

  8. Run formulas:

    sudo salt-ssh '' state.sls apache sudo salt-ssh '' state.sls mysql.client