ansible-将密钥复制到授权密钥文件
我已经使用ansible创建了一个用户,现在想将.ssh/id_rsa.pub文件复制到authorized_keys文件中 我检查了authorized_keys模块,但该模块用于将密钥从主机复制到来宾 想知道什么是正确的方法ansible-将密钥复制到授权密钥文件,ansible,Ansible,我已经使用ansible创建了一个用户,现在想将.ssh/id_rsa.pub文件复制到authorized_keys文件中 我检查了authorized_keys模块,但该模块用于将密钥从主机复制到来宾 想知道什么是正确的方法 - name: Adding user - {{ user }} user: name={{ user }} group={{ group }} shell=/bin/bash password=${passwo
- name: Adding user - {{ user }}
user: name={{ user }}
group={{ group }}
shell=/bin/bash
password=${password}
groups=sudo
append=yes
generate_ssh_key=yes
ssh_key_bits=2048
ssh_key_file=.ssh/id_rsa
生成的密钥由
用户
模块返回,因此您可以注册
结果,然后在后续的授权密钥
任务中使用该密钥。也就是说,如果我有这样的剧本:
- hosts: localhost
tasks:
- name: add user
user:
name: testuser
shell: /bin/bash
password: secret
append: yes
generate_ssh_key: yes
ssh_key_bits: 2048
register: newuser
- debug:
var: newuser
- authorized_key:
user: root
state: present
key: "{{ newuser.ssh_public_key }}"
我将看到如下输出:
TASK [debug] *******************************************************************
ok: [localhost] => {
"newuser": {
"append": true,
"changed": true,
"comment": "",
"group": 21946,
"home": "/home/testuser",
"move_home": false,
"name": "testuser",
"password": "NOT_LOGGING_PASSWORD",
"shell": "/bin/bash",
"ssh_fingerprint": "2048 SHA256:Tn6UOl/WYToJCaW3QUnLMWgEfthILIsoCP+534qWzfw ansible-generated on lkellogg-pc0dzzve (RSA)",
"ssh_key_file": "/home/testuser/.ssh/id_rsa",
"ssh_public_key": "ssh-rsa ... ansible-generated on examplehost",
"state": "present",
"uid": 21940
}
}
因此,您可以添加如下任务:
- hosts: localhost
tasks:
- name: add user
user:
name: testuser
shell: /bin/bash
password: secret
append: yes
generate_ssh_key: yes
ssh_key_bits: 2048
register: newuser
- debug:
var: newuser
- authorized_key:
user: root
state: present
key: "{{ newuser.ssh_public_key }}"