Issue with files created by Ansible
I’m looking at using to setup some new servers at a new ISP and I’ve been doing some basic steps to test first. I am new but have done some testing on diff servers at another ISP which seemed to go OK (I had created files there no problem). Both are Unbuntu 12 but the original testing had been on a server that had already its kernel updated to 3.8.0-44-generic and other maint added. This new server is also Ubuntu 12 but comes from the ISP template, and is using Kernel 3.5 (Ubuntu 12.04.2 LTS (GNU/Linux 3.5.0-23-generic x86_64))
My first test was going to be creating new users and uploading their already existing SSH keys for future login. The user was created with no issues, and the file creation gave no indication of any errors during the creation process, but did when I tried to use them. I tried to login(new user)_ using the key but the system acted as if the SSH key file wasn’t there. Since this was the first new user I had been logged in as root and did my first looking and creation as root
As root everything looks good. The file “authorized_keys” in the .ssh directory exists and appears to have the correct permissions and does have the correct content. But trying to login via SSH acts as if it is not there. I logged out of root and logged back in as the new user (using the password since the key wasn’t being recognized ). I do an “ls -al” and see the .ssh directory fine, but doing “ls -al .ssh” to see the “authorized_keys” file in the directory gives me a very strange result. ‘ls’ put out a “Permission denied” error message for each item inside the directory, and then displays what should be command results, but while the file name is visible everything else (permissions, file size, user/group, date) are replaced by question marks.
First as user - myusername
myusername@my-server:~$ ls -al .ssh
ls: cannot access .ssh/authorized_keys: Permission denied
ls: cannot access .ssh/..: Permission denied
ls: cannot access .ssh/.: Permission denied
total 0
d????????? ? ? ? ? ? .
d????????? ? ? ? ? ? ..
-????????? ? ? ? ? ? authorized_keys
myusername@my-server:~$
Now as root
sudo bash
[sudo] password for myusername:
root@my-server:~# sudo ls -al .ssh
total 12
drw-r--r-- 2 myusername myusername 4096 Sep 17 19:54 .
drwxr-xr-x 4 myusername myusername 4096 Sep 17 22:51 ..
-rw-r--r-- 1 myusername myusername 406 Sep 17 19:54 authorized_keys
root@my-server:~#
As far as the documentation goes, my server meets the minimum requirements (linux, SSH and Python)
The specs are - Ubuntu 12.04.2 LTS (GNU/Linux 3.5.0-23-generic x86_64)
The ansible version is 1.7.1 (Just upgraded to 1.7.2 same result)
I am running the ansible session from my OSX (10.9.4) Python Python 2.7.5 laptop
Below is the Ansible Playbook I ran to do this
---
# This playbook create my user {{userid}} and loads the public ssh-key
- name: create my user {{userid}} and loads the public ssh-key
hosts: myservername-public
# gather_facts: no
# remote_user: myusername
vars:
# security_groups: "sudo,adm"
security_groups: ""
userid: testjunk01
tasks:
- name: test connection
ping:
remote_user: myusername
- name: Create user {{userid}} groups={{security_groups}}
user: name={{userid}} shell=/bin/bash groups={{security_groups}} append=yes
password=$hashed_password_was_here_and_it_worked
- name: Verify that needed directories are in place before file copy
file: dest="/home/{{userid}}/.ssh"
mode=0644
owner={{userid}} group={{userid}}
state=directory
- name: Copy file into user {{userid}}'s directory
copy: src="/Users/osx_user/Documents/Projects/Projects Internal/Security/ssh-key-public/myusername"
dest="/home/{{userid}}/.ssh/authorized_keys"
mode=0644
owner={{userid}} group={{userid}}
backup=yes
- name: Reset permissions for file after file copy
file: dest="/home/{{userid}}/.ssh/authorized_keys"
mode=0644
owner={{userid}} group={{userid}}
state=file