diff --git a/jperm/perm_api.py b/jperm/perm_api.py
index de5cbcdb7..fb020ea07 100644
--- a/jperm/perm_api.py
+++ b/jperm/perm_api.py
@@ -182,8 +182,9 @@ def gen_resource(ob, perm=None):
info = {'hostname': asset.hostname,
'ip': asset.ip,
'port': asset_info.get('port', 22),
+ 'ansible_ssh_private_key_file': role_key,
'username': role.name,
- 'password': CRYPTOR.decrypt(role.password)
+ # 'password': CRYPTOR.decrypt(role.password)
}
if os.path.isfile(role_key):
diff --git a/jperm/views.py b/jperm/views.py
index b4eb6a1c1..7ff572bcf 100644
--- a/jperm/views.py
+++ b/jperm/views.py
@@ -519,12 +519,12 @@ def perm_role_push(request):
ret["pass_push"] = task.add_user(role.name)
ret["key_push"] = task.push_key(role.name, os.path.join(role.key_path, 'id_rsa.pub'))
- # 2. 推送账号密码
- elif password_push:
- ret["pass_push"] = task.add_user(role.name, CRYPTOR.decrypt(role.password))
+ # 2. 推送账号密码 <为了安全 系统用户统一使用秘钥进行通信, 不再提供密码方式的推送>
+ # elif password_push:
+ # ret["pass_push"] = task.add_user(role.name, CRYPTOR.decrypt(role.password))
# 3. 推送sudo配置文件
- if password_push or key_push:
+ if key_push:
sudo_list = set([sudo for sudo in role.sudo.all()]) # set(sudo1, sudo2, sudo3)
if sudo_list:
ret['sudo'] = task.push_sudo_file([role], sudo_list)
diff --git a/jumpserver.conf b/jumpserver.conf
index cee5fd8e5..9f16edfc9 100644
--- a/jumpserver.conf
+++ b/jumpserver.conf
@@ -1,6 +1,6 @@
[base]
-url = http://192.168.244.129
-key = i6k2zeu8x6mncl76
+url = http://192.168.10.165
+key = 941enj9neshd1wes
ip = 0.0.0.0
port = 80
log = debug
@@ -14,9 +14,9 @@ database = jumpserver
[mail]
mail_enable = 1
-email_host = smtp.exmail.qq.com
-email_port = 25
-email_host_user = noreply@jumpserver.org
-email_host_password = xxxxxxxxxx
+email_host =
+email_port = 587
+email_host_user =
+email_host_password =
email_use_tls = True
diff --git a/templates/jperm/perm_role_push.html b/templates/jperm/perm_role_push.html
index 7e0541cc0..c8dfd0e63 100644
--- a/templates/jperm/perm_role_push.html
+++ b/templates/jperm/perm_role_push.html
@@ -74,16 +74,6 @@
-