Hi,
Wanted to verify that I'm not doing something dumb before opening a
bug report. I pulled Ansible this morning.
Using the authorized_keys module to copy keys to hosts, I lose the
quote marks around the key restrictions. I have keys with limitations
on them, such as:
from="192.0.2.5" ssh-rsa AAAAB3NzaC1...
When copied via authorized_keys, it shows up as:
from=192.0.2.5 ssh-rsa AAAAB3NzaC1...
This keyfile is not usable for authentication, generating a the error:
Bad options in /etc/ssh/authorized_keys/ansible file, line 1:
Should the authorized_keys module do behave this way? Or am I probably
doing something wrong?
Thanks,
==ml
I don't think the current module is aware of from and command sections.
The arguments after ‘authorized_key:’ are tokenized by shlex, which is probably stripping out the quotes.
Right, more of a feature request IMHO, but it would be nice to be able to support these.
I recall a pull request to support them but it wasn’t possibly ready because it included them as part of the key and maybe couldn’t modify them like you would expect.
currently authorized_keys treats the whole thing as a string and matches
it, this breaks with from and command fields as you cannot use the same key
more than once (only 1 instance will work), so this needs a bit more
complex logic (separate into fields => match on key => update fields).
Yes, I’d like it to take the from= and other fields as parameters.
Hi,
Feature request logged as issue #3921. Mostly so other people who have
this problem will find a mention of it.
For now, I'm going back to copying the key files.
==ml
Using the authorized_keys module to copy keys to hosts, I lose the
quote marks around the key restrictions. I have keys with limitations
on them, such as:
Use ", that works for me.
All the best,
Berend.