我想使用ansible在Linux服务器“Ubuntu 18.04lts”上为“tuser”添加密钥对,以避免基于密码的登录。所以我在yml playbook文件中成功尝试了这种方式:
- name: Set authorized key for tuser
become: yes
authorized_key:
user: tuser
state: present
key: "{{ lookup('file', '/home/rogg/.ssh/id_rsa.pub') }}"
好吧,但是当我试图在密钥中使用其他位置时:
- name: Set authorized key for tuser
become: yes
authorized_key:
user: tuser
state: present
key: "{{ role_path }}/files/csbin_keys/id_rsa.pub"
我明白了:
“msg”:“指定了无效密钥
我已经使用{{role_path}}来复制其他文件并且只是工作,但是在这个键中它没有
摘自authorized_key模块的文档:
=
keySSH公钥,作为字符串或(自1.9)url(https://github.com/username.keys)
在您的第一个示例中,lookup('file', '/home/rogg/.ssh/id_rsa.pub')读取文件/home/rogg/.ssh/id_rsa.pub并将其内容作为key值提供。
在第二个示例中,您尝试将文件路径作为key值提供。
用查找替换它:
lookup('file', role_path+'/files/csbin_keys/id_rsa.pub')
您还可以使用with_file选项,该选项读取文件的内容:
- name: Ensure the public key is populated
authorized_key:
user: john
state: present
key: '{{ item }}'
with_file:
- /home/john/.ssh/id_rsa.pub