- Adds or removes SSH authorized keys for particular user accounts.
- Ansible User Module Generate_ssh_key 4
- Copy Ssh Key Ansible
- Ansible User Module Generate_ssh_key Download
- Set Up Ssh Key Ansible
The user module can be used to create user accounts and set passwords. How to use the user module to set passwords for Linux accounts? This is something that took me a while to figure out. Luckily, there is a reference to Ansible FAQ in ansible-doc. The Solution: Hashing Filters. The answer is taken from Ansible FAQ. I have an ansible server I have another server M I have other servers B1, B2, B3. All known by ansible. I have a hosts file such as this CTRL M SLAVES B1 B2 B3 I want to generate a ssh key on my master (not ansible itself) and deploy it on my other slave servers to permit the master to connect on the slaves by keys. Here is what I tried.
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| comment string | Change the comment on the public key. Rewriting the comment is useful in cases such as fetching it from GitHub or GitLab. If no comment is specified, the existing comment will be kept. | |
| exclusive boolean |
| Whether to remove all other non-specified keys from the authorized_keys file. Multiple keys can be specified in a single key string value by separating them by newlines.This option is not loop aware, so if you use with_ , it will be exclusive per iteration of the loop.If you want multiple keys in the file you need to pass them all to key in a single batch as mentioned above. |
| follow boolean |
| |
| key | The SSH public key(s), as a string or (since Ansible 1.9) url (https://github.com/username.keys). | |
| key_options - | A string of ssh key options to be prepended to the key in the authorized_keys file. | |
| manage_dir boolean |
| Whether this module should manage the directory of the authorized key file. If set to yes, the module will create the directory, as well as set the owner and permissions of an existing directory.Be sure to set manage_dir=no if you are using an alternate directory for authorized_keys, as set with path, since you could lock yourself out of SSH access. |
| path | Alternate path to the authorized_keys file. When unset, this value defaults to ~/.ssh/authorized_keys. | |
| state string |
| Whether the given key (with the given key_options) should or should not be in the file. |
| user string / required | The username on the remote host whose authorized_keys file will be modified. | |
| validate_certs boolean |
| This only applies if using a https url as the source of the keys. If set to no, the SSL certificates will not be validated.This should only set to no used on personally controlled sites using self-signed certificates as it avoids verifying the source site.Prior to 2.1 the code worked as if this was set to yes. |
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
| exclusive boolean | success | If the key has been forced to be exclusive or not. |
| key string | success | Sample: |
| key_option | success | Key options related to the key. |
| keyfile string | success | Sample: |
| manage_dir | success | Whether this module managed the directory of the authorized key file. True |
| path string | success | |
| state | success | Whether the given key (with the given key_options) should or should not be in the file present |
| unique boolean | success | |
| user | success | The username on the remote host whose authorized_keys file will be modified user |
| validate_certs boolean | success | This only applies if using a https url as the source of the keys. If set to no, the SSL certificates will not be validated.True |
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Core Team. [core]
Red Hat Support¶
More information about Red Hat’s support of this module is available from this Red Hat Knowledge Base article.
Authors¶
- Ansible Core Team
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
- Manage user accounts and user attributes.
Ansible User Module Generate_ssh_key 4
| parameter | required | default | choices | comments |
|---|---|---|---|---|
| append | no | no |
| If yes, will only add groups, not set them to just the list in groups. |
| comment | no | Optionally sets the description (aka GECOS) of user account. | ||
| createhome | no | yes |
| Unless set to no, a home directory will be made for the user when the account is created or if the home directory does not exist. |
| expires | no | None | An expiry time for the user in epoch, it will be ignored on platforms that do not support this. Currently supported on Linux and FreeBSD. | |
| force | no | no |
| When used with state=absent, behavior is as with userdel --force. |
| generate_ssh_key | no | no |
| Whether to generate a SSH key for the user in question. This will not overwrite an existing SSH key. |
| group | no | Optionally sets the user's primary group (takes a group name). | ||
| groups | no | Puts the user in list of groups. When set to the empty string ('groups='), the user is removed from all groups except the primary group. Before version 2.3, the only input format allowed was a 'comma separated string', now it should be able to accept YAML lists also. | ||
| home | no | Optionally set the user's home directory. | ||
| login_class | no | Optionally sets the user's login class for FreeBSD, OpenBSD and NetBSD systems. | ||
| move_home | no | no |
| If set to yes when used with home=, attempt to move the user's home directory to the specified directory if it isn't there already. |
| name | yes | Name of the user to create, remove or modify. aliases: user | ||
| non_unique | no | no |
| Optionally when used with the -u option, this option allows to change the user ID to a non-unique value. |
| password | no | Optionally set the user's password to this crypted value. See the user example in the github examples directory for what this looks like in a playbook. See http://docs.ansible.com/ansible/faq.html#how-do-i-generate-crypted-passwords-for-the-user-module for details on various ways to generate these password values. Note on Darwin system, this value has to be cleartext. Beware of security issues. | ||
| remove | no | no |
| When used with state=absent, behavior is as with userdel --remove. |
| seuser | no | Optionally sets the seuser type (user_u) on selinux enabled systems. | ||
| shell | no | Optionally set the user's shell. | ||
| skeleton | no | Optionally set a home skeleton directory. Requires createhome option! | ||
| ssh_key_bits | no | default set by ssh-keygen | Optionally specify number of bits in SSH key to create. | |
| ssh_key_comment | no | ansible-generated on $HOSTNAME | Optionally define the comment for the SSH key. | |
| ssh_key_file | no | .ssh/id_rsa | Optionally specify the SSH key filename. If this is a relative filename then it will be relative to the user's home directory. | |
| ssh_key_passphrase | no | Set a passphrase for the SSH key. If no passphrase is provided, the SSH key will default to having no passphrase. | ||
| ssh_key_type | no | rsa | Optionally specify the type of SSH key to generate. Available SSH key types will depend on implementation present on target host. | |
| state | no | present |
| Whether the account should exist or not, taking action if the state is different from what is stated. |
| system | no | no |
| When creating an account, setting this to yes makes the user a system account. This setting cannot be changed on existing users. |
| uid | no | Optionally sets the UID of the user. | ||
| update_password | no | always |
| always will update passwords if they differ. on_create will only set the password for newly created users. |
Copy Ssh Key Ansible
Note
- There are specific requirements per platform on user management utilities. However they generally come pre-installed with the system and Ansible will require they are present at runtime. If they are not, a descriptive error message will be shown.
This module is flagged as stableinterface which means that the maintainers for this module guarantee that no backward incompatible interface changes will be made.
This module is maintained by those with core commit privileges
Ansible User Module Generate_ssh_key Download
For more information on what this means please read Module Support
Set Up Ssh Key Ansible
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Helping Testing PRs and Developing Modules.
Coments are closed
Top News
- ✔ Wpa2 Ccmp Encryption Key Generator
- ✔ All Software Key Generator 2013
- ✔ Generating Public And Private Key From Password
- ✔ The Crew Steam Key Generator
- ✔ Office Professional Plus 2010 Key Generator
- ✔ Forza Motorsport 7 Cd Key Generator Torrent
- ✔ Generate A Public Key With Putty
- ✔ Stellar Phoenix Windows Data Recovery Key Generator
- ✔ Dota Custom Key Generator Inventory
- ✔ Generate Ssh Key For Gerrit
© 2020 - excla1m.netlify.app