authorized_key and multiple keys for one user

[Daniel Nanboe]

I have an inventory file where for one host I have defined the users and keys that I want to use in a playbook:

sftp_users:
- remote_user: prod
  state: present
  long_name: prod user
  ssh_key:
   - prodkey_1
   - prodkey_2
- remote_user: test
  state: present
  long_name: test user
  ssh_key:
   - testkey




I want then to add to each user one or multiple ssh keys that I have located in the repository from where I run the script.

I know that authorized_key on the key: need to have joined the both keys from an user.

This is what I have no but it takes only the last key and not both.

- name: Create sftp user authorized_key entries.
  authorized_key:
   comment: "{{ item.1 | default('') }}"
   exclusive: false
   key: "{{ lookup('file', GIT_HOME + '/config/clients/client/ssh_keys/{{ item.1 }}.pub') }}"
   manage_dir: true
   user: "{{ item.0.remote_user }}"
  become: true
  when: (item.0.state != "absent")
  with_subelements:
   - "{{ sftp_users }}"
   - ssh_key




Any ideas on how I can concatenate the 2 or more keys for one client?

[Stefan Hornburg (Racke)]

On 2/5/20 10:54 PM, Daniel Nanboe wrote:
> I have an inventory file where for one host I have defined the users and keys that I want to use in a playbook:
>
> |
> sftp_users:

> -remote_user:prod

>   state:present
>   long_name:prod user
>   ssh_key:
>    -prodkey_1
>    -prodkey_2

> -remote_user:test

>   state:present
>   long_name:test user
>   ssh_key:
>    -testkey
> |
> |
> |
>
> I want then to add to each user one or multiple ssh keys that I have located in the repository from where I run the script.
>
> I know that authorized_key on the key: need to have joined the both keys from an user.
>
> This is what I have no but it takes only the last key and not both.
>
> |

> -name:Createsftp user authorized_key entries.

>   authorized_key:
>    comment:"{{ item.1 | default('') }}"
>    exclusive:false
>    key:"{{ lookup('file', GIT_HOME + '/config/clients/client/ssh_keys/{{ item.1 }}.pub') }}"
>    manage_dir:true
>    user:"{{ item.0.remote_user }}"
>   become:true

>   when:(item.0.state!="absent")
>   with_subelements:
>    -"{{ sftp_users }}"
>    -ssh_key

The authorized_key module should be able to handle multiple keys for a remote user, there is no need to "join" them.

I'm using the following task successfully:

- name: Add SSH keys
authorized_key:
user: "{{ item.0.username }}"
key: "{{ lookup('file', users_inventory_dir + '/files/ssh-keys/' + item.1 + '-ssh.pub') }}"
state: present
loop: "{{ users | subelements('ssh_keys', {'skip_missing': True})}}"
tags:
- users

Regards
Racke

> |
> |
> |
>
> Any ideas on how I can concatenate the 2 or more keys for one client?
>

> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
> ansible-proje...@googlegroups.com <mailto:ansible-proje...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/f9448fd3-8a41-45d4-98dd-157f3600bf6f%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/f9448fd3-8a41-45d4-98dd-157f3600bf6f%40googlegroups.com?utm_medium=email&utm_source=footer>.


--
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.