I am new to ansible and have a large number of computers to manage - my question is around authentication to computers
I understand I need a local account on all machines which I can create at build time
I would like to rotate the passwords for these accounts to keep them secure
I want the lowest risk way of accessing them
Is certificate based auth with a mapping to a cert the way to go or is the overhead too much - if I do this on an account do I need to manage the password in anyway?