Unable to insert sshkey with nxos_command in Ansible 2.1

[Steven Carter]

I have the following two plays to create users with ssh keys in NXOS:

  - name: Create User

    nxos_config:

      lines:

        - username "{{ item }}" role network-admin

      provider: "{{ cli }}"

    with_items: "{{ cil_network_admins }}"

  - name: Create User's SSH Keys

    nxos_config:

      lines:

        - username "{{ item }}" sshkey "{{ user_data[item].ssh_key }}"

      provider: "{{ cli }}"

    with_items: "{{ cil_network_admins }}"

The data structures are:

user_data:

  stevenca:

    name: "Steven Carter"

    uid: 2000

    group: admin

    ssh_key: "ssh-rsa  Rest of SSH Key..."

cil_network_admins:

  - stevenca

I do not get any errors:

TASK [Create User] *************************************************************

changed: [XXX.XXX.XXX.129] => (item=stevenca)

changed: [XXX.XXX.XXX.128] => (item=stevenca)

TASK [Create User's SSH Keys] **************************************************

changed: [XXX.XXX.XXX.129] => (item=stevenca)

changed: [XXX.XXX.XXX.128] => (item=stevenca)

PLAY RECAP *********************************************************************

XXX.XXX.XXX.128            : ok=4    changed=2    unreachable=0    failed=0

XXX.XXX.XXX.129            : ok=4    changed=2    unreachable=0    failed=0

But it does not work.  I get 'username stevenca role network-admin' in the switch's config, but no ssh key.  Is there a length limit that silently eats the SSH key?

The above is using 'cli' for transport.  When I use 'nxapi', I get:

TASK [Create User] *************************************************************

changed: [XXX.XXX.XXX.128] => (item=stevenca)

failed: [XXX.XXX.XXX.129] (item=stevenca) => {"clierror": "% String failed to match token pattern\n", "code": "400", "failed": true, "item": "stevenca", "msg": "CLI execution error"}

TASK [Create User's SSH Keys] **************************************************

failed: [XXX.XXX.XXX.128] (item=stevenca) => {"clierror": "invalid SSH key format\n", "code": "400", "failed": true, "item": "stevenca", "msg": "CLI execution error"}

I verified the key by adding manually, and it worked fine.  It seems like the above could come from truncation as well.

Thanks,

Steven.

[Peter Sprygada]

Strange, I just tested with the the stable-2.1 branch and I am not seeing these issues.  Both Cli and Nxapi transports are working just fine. 

Could you provide the output of both "ansible --version" as well as "show version" from your device?

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscribe@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/1dcf205e-29df-4f0c-9c11-e95fa1473b44%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Steven Carter]

I goofed and qouted the variable.  This did not work:

  - name: Create User's SSH Keys

    nxos_config:

      lines:

        - username "{{ item }}" sshkey "{{ user_data[item].ssh_key }}"

      provider: "{{ cli }}"

    with_items: "{{ network_admins }}"

This did:

  - name: Create User's SSH Keys

    nxos_config:

      lines:

        - username {{ item }} sshkey {{ user_data[item].ssh_key }}

      provider: "{{ cli }}"

    with_items: "{{ network_admins }}"

Have you had any luck with injecting ssh keys into ios?

Thanks,

Steven.

To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.