将密钥对添加到远程linux服务器

问题描述 投票:0回答:2

我想使用ansible在Linux服务器“Ubuntu 18.04lts”上为“tuser”添加密钥对,以避免基于密码的登录。所以我在yml playbook文件中成功尝试了这种方式:

- name: Set authorized key for tuser
  become: yes
  authorized_key:
    user: tuser
    state: present
    key:  "{{ lookup('file', '/home/rogg/.ssh/id_rsa.pub') }}"

好吧,但是当我试图在密钥中使用其他位置时:

- name: Set authorized key for tuser
  become: yes
  authorized_key:
    user: tuser
    state: present
    key: "{{ role_path }}/files/csbin_keys/id_rsa.pub"

我明白了:

“msg”:“指定了无效密钥

我已经使用{{role_path}}来复制其他文件并且只是工作,但是在这个键中它没有

ansible ssh-keys
2个回答
1
投票

摘自authorized_key模块的文档:

= key SSH公钥,作为字符串或(自1.9)url(https://github.com/username.keys

在您的第一个示例中,lookup('file', '/home/rogg/.ssh/id_rsa.pub')读取文件/home/rogg/.ssh/id_rsa.pub并将其内容作为key值提供。

在第二个示例中,您尝试将文件路径作为key值提供。

用查找替换它:

lookup('file', role_path+'/files/csbin_keys/id_rsa.pub')

1
投票

您还可以使用with_file选项,该选项读取文件的内容:

- name: Ensure the public key is populated
    authorized_key:
      user: john
      state: present
      key: '{{ item }}'
    with_file:
      - /home/john/.ssh/id_rsa.pub
© www.soinside.com 2019 - 2024. All rights reserved.