我想使用ansible将密钥对添加到Linux服务器“ Ubuntu 18.04lts”上的“ tuser”,以避免基于密码的登录。 因此,我在yml剧本文件中成功尝试了这种方式:
- name: Set authorized key for tuser
become: yes
authorized_key:
user: tuser
state: present
key: "{{ lookup('file', '/home/rogg/.ssh/id_rsa.pub') }}"
好吧,但是当我尝试在密钥中使用其他位置时:
- name: Set authorized key for tuser
become: yes
authorized_key:
user: tuser
state: present
key: "{{ role_path }}/files/csbin_keys/id_rsa.pub"
我明白了:
“ msg”:“指定了无效的密钥
我已经使用{{role_path}}来复制其他文件并且可以正常使用,但是在此键中却没有
答案 0 :(得分:1)
authorized_key模块的文档摘录:
=
key
SSH公钥,以字符串或(自1.9版本开始)URL(https://github.com/username.keys)
在第一个示例中,lookup('file', '/home/rogg/.ssh/id_rsa.pub')读取文件/home/rogg/.ssh/id_rsa.pub并将其内容作为key值提供。
在第二个示例中,您尝试将文件路径作为key值来提供。
用查找替换它:
lookup('file', role_path+'/files/csbin_keys/id_rsa.pub')
答案 1 :(得分:1)
您还可以使用with_file选项,该选项读取文件的内容:
- name: Ensure the public key is populated
authorized_key:
user: john
state: present
key: '{{ item }}'
with_file:
- /home/john/.ssh/id_rsa.pub