Oct 12, 2018 Generate a new SSH-key. Login as a devops user; ssh-keygen -t rsa; It will generate the public and private key file for the devops user. Now we have to add this public key to all the remote hosts. Create a ansible playbook “add-user-ssh.yml”. Jun 28, 2018 What is ansible-user? It is an Ansible role to. Create user groups; Create a single user, add it to any groups you created and configure its shell; Set your public SSH key as an authorized key so you can login without a password. Oct 12, 2018 In this blog we will Setup SSH Key and initial user using Ansible Playbook. To create new user on ubuntu system, you need the following things. Generate ssh-key for this. Nov 30, 2018 Ansible define ssh key per host using ansiblesshprivatekeyfile. You need to use ansiblesshprivatekeyfile in inventory file. The syntax is pretty simple.
Put this in your `local-configure.yml` file, add as many users as you need: |
users: |
- name: fulvio |
sudoer: yes |
auth_key: ssh-rsa blahblahblahsomekey this is actually the public key in cleartext |
- name: plone_buildout |
group: plone_group |
sudoer: no |
auth_key: ssh-rsa blahblahblah ansible-generated on default |
keyfiles: keyfiles/plone_buildout |
In your playbook root folder, create a folder `keyfiles`. In it, create a subfolder for |
each username for which you want to copy keyfiles to the server. Put the private and public key files, |
as well as any other files, such as `known_hosts` in the user subfolder. |
Add the follwing line in `playbook.yml` under `roles:` (e.g. right under `- role: ANXS.hostname`): |
- role: create_users |
Copy the gist file `main.yml` to `/roles/create_users/tasks`. |
Now run your playbook. |
That's it! |
--- |
# vars: |
# users: |
# - name: steve |
# sudoer: yes |
# auth_key: ssh-rsa .. |
- name: Ensure plone_group |
group: name=plone_group |
# see http://docs.ansible.com/ansible/user_module.html |
- name: Add users |
user: |
name={{ item.name }} |
system={{ item.sudoer }} |
shell=/bin/bash |
append=yes |
groups={{ item.group }} |
# this is just a default password, I think it's SHA512 for 'changeme' |
password=$6$rounds=656000$iO7Q9L6/w8dUUQVf$rmtnxrQ15TGAfG5ODxQ/WGyEpTwk.vD1W.UtedmOlo9YNkrIwapYMjmKmteEnUJmRYucgUVxXUQy7gtenpLmw0 |
update_password=on_create |
when: item.group is defined |
with_items: users |
- name: Add users |
user: |
name={{ item.name }} |
system={{ item.sudoer }} |
shell=/bin/bash |
password=$6$rounds=656000$iO7Q9L6/w8dUUQVf$rmtnxrQ15TGAfG5ODxQ/WGyEpTwk.vD1W.UtedmOlo9YNkrIwapYMjmKmteEnUJmRYucgUVxXUQy7gtenpLmw0 |
update_password=on_create |
when: item.group is not defined |
with_items: users |
- name: Add .ssh directories |
file: |
path=/home/{{ item.name }}/.ssh |
state=directory |
mode=0700 |
owner={{ item.name }} |
group={{ item.group default(item.name) }} |
with_items: users |
- name: Add keys |
lineinfile: |
dest=/home/{{ item.name }}/.ssh/authorized_keys |
state=present |
create=yes |
line='{{ item.auth_key }}' |
owner={{ item.name }} |
group={{ item.group default(item.name) }} |
mode=0644 |
when: item.auth_key is defined |
with_items: users |
- name: Add to sudoers |
copy: |
dest: /etc/sudoers.d/{{ item.name }} |
content: |
{{ item.name }} ALL=(ALL) ALL |
{{ item.name }} ALL=(plone_daemon, plone_buildout) NOPASSWD:ALL |
{{ item.name }} ALL=(root) NOPASSWD:/usr/bin/supervisorctl |
# |
when: item.sudoer |
with_items: users |
- name: SSH keys |
copy: |
src={{ item.keyfiles }}/ |
dest=/home/{{ item.name }}/.ssh/ |
owner={{ item.name }} |
group={{ item.group default(item.name) }} |
mode=0600 |
when: item.keyfiles is defined |
with_items: users |
When trying to follow through the instructions here I faced error message After googling the issue I found a solution here ansible/ansible#23496 (comment) Seems from ansible v2.2 with_items requires explicit wrapping. So i changed in to and it worked for me |
Hello, Could you please review below code and let me know what is missing? Requirement: Add multiple users along with their home directories & ssh_keys, authorized_keys2 files to each, do let me know if you have any questions.
Error that I have when I execute TASK [Create .ssh dir & Insert keys] ************************************************************************************************************************************************************************** PLAY RECAP **************************************************************************************************************************************************************************************************** root@rhel75-test16:/root/ansible/playbooks/> Free Counter Strike: Global offensive beta activation key generator. Counter Strike Global Offensive Full Installer Cracked. Posted by admin at 11:45 PM. Email This BlogThis! Share to Twitter Share to Facebook Share to Pinterest. Counter Strike Global Offensive Beta Activation Key Generator for PC. Feb 17, 2017 Counter Strike Global Offensive CD Key Generator uses a brand new algorithm that you never see before, connects directly to our server and search only for unused Counter Strike Global Offensive product code, that entire process is completed via keygen. This is a really popular tool with many users all over the world. Aug 28, 2017 CS:GO Free Steam key generator (100% working) Ek Ed. Unsubscribe from Ek Ed? Cancel Unsubscribe. Subscribe Subscribed Unsubscribe 134. Download now Direct download link (Windows) 💥STEAM KEY GENERATOR 2019 DOWNLOAD FREE💥 KEYGEN GTA V CSGO PUBG addition to our list of tools. We are happy to say that this program includes latest features and many other options and hidden tricks that will surprise you. This tool is. Csgo product key generator free downloads. After a while all those game keys and wallet codes are being activated, but no one knows since everyone thinks that those code are not working. So what Steamity did is, we got the access to this database of online shops and right now we are giving away tons of free steam game keys and wallet codes. Thank you! |
This Ansible role generates a unique public/private ssh keypair for each host (ssh client), and then copies the public key to an ssh server. This allows for quickly setting up ssh access to 1 server from many hosts in Ansible's inventory.
This would be useful when setting up ssh access for restic or borgbackup where you would need to setup many ssh clients with access to ssh into one target server.
None
Required:
Optional (default values)
None
generate-ssh-keys.yml
inventory
MIT
Created by Benjamin Bryan