authorized_key and multiple keys for one user

Archives Ansible Project
1

I have an inventory file where for one host I have defined the users and keys that I want to use in a playbook:

`
sftp_users:

  • remote_user: prod
    state: present
    long_name: prod user
    ssh_key:
  • prodkey_1
  • prodkey_2
  • remote_user: test
    state: present
    long_name: test user
    ssh_key:
  • testkey
    `

I want then to add to each user one or multiple ssh keys that I have located in the repository from where I run the script.

I know that authorized_key on the key: need to have joined the both keys from an user.

This is what I have no but it takes only the last key and not both.

`

  • name: Create sftp user authorized_key entries.
    authorized_key:
    comment: “{{ item.1 | default(‘’) }}”
    exclusive: false
    key: “{{ lookup(‘file’, GIT_HOME + ‘/config/clients/client/ssh_keys/{{ item.1 }}.pub’) }}”
    manage_dir: true
    user: “{{ item.0.remote_user }}”
    become: true
    when: (item.0.state != “absent”)
    with_subelements:
  • “{{ sftp_users }}”
  • ssh_key
    `

Any ideas on how I can concatenate the 2 or more keys for one client?

2

I have an inventory file where for one host I have defined the users and keys that I want to use in a playbook:

>
sftp_users:
-remote_user:prod
state:present
long_name:prod user
ssh_key:
-prodkey_1
-prodkey_2
-remote_user:test
state:present
long_name:test user
ssh_key:
-testkey
>
>
>

I want then to add to each user one or multiple ssh keys that I have located in the repository from where I run the script.

I know that authorized_key on the key: need to have joined the both keys from an user.

This is what I have no but it takes only the last key and not both.

>
-name:Createsftp user authorized_key entries.
authorized_key:
comment:"{{ item.1 | default('') }}"
exclusive:false
key:"{{ lookup('file', GIT_HOME + '/config/clients/client/ssh_keys/{{ item.1 }}.pub') }}"
manage_dir:true
user:"{{ item.0.remote_user }}"
become:true
when:(item.0.state!="absent")
with_subelements:
-"{{ sftp_users }}"
-ssh_key

The authorized_key module should be able to handle multiple keys for a remote user, there is no need to "join" them.

I'm using the following task successfully:

- name: Add SSH keys
  authorized_key:
    user: "{{ item.0.username }}"
    key: "{{ lookup('file', users_inventory_dir + '/files/ssh-keys/' + item.1 + '-ssh.pub') }}"
    state: present
  loop: "{{ users | subelements('ssh_keys', {'skip_missing': True})}}"
  tags:
    - users

Regards
         Racke