I promise you.... I'm pretty smart!!

[Leroy Walker Jr]

But I can't seem to wrap my head around this! 

I've started working for a new company as a Linux admin. I've dabbled in ansible a bit, but in a lab setting. 

We have about 300 plus existing servers and I will be building more in the future. This is where Ansible comes in. I would like to use ansible to install stuff onto existing servers if needed and to deploy new ones.  The thing I don't understand is how do I get the SSH keys onto the existing servers and how should I go about putting them on future servers. I know to generate a key and I know how to ssh-copy-id, but this can't be the best method for 300 servers. Also, should I create my keys as my user or root? I've looked and looked, but can't seem to find a concise answer. 

[Brian Coca]

There several ways to do this, Ansible has an authorized_keys module that can do the copying, the user module can also generate keys. But it does need to log onto the servers, the first time it can use user/password as part of a bootstrapping play.

As for root vs shared user with sudo vs individual users with sudo ... it does not matter to Ansible, do what fits your policy and worfklow better. FYI, sudo is not the only privilege escalation method supported, just used as example.

--

----------

Brian Coca