Hi,
I am just starting to learn ansible and have a question regarding the “authorized_key” Modul.
what i am trying to accomplish is add multiple ssh public keys to a remote systems root user.
in the documentation http://docs.ansible.com/authorized_key_module.html
i see that i need something like this
<i># Using with_file
- name: Set up authorized_keys for the deploy user
authorized_key: user=deploy
key="{{ item }}"
with_file:
- public_keys/doe-jane
- public_keys/doe-john</i>
so i created a playbook "ssh-keys.yml" with this contend
*---*
*- name: "Set up authorized_keys for the root user"*
*hosts: testvms*
*user: root*
*tasks:*
*- name: Set up authorized_keys for the root user*
*authorized_key: user=root*
*key="{{ item }}"*
*with_file:*
*- /path/to/pub-key/user-a*
*- /path/to/pub-key/user-b*
i receive the following error running this playbook
# ansible-playbook -v ssh-keys.yml
ERROR: with_file is not a legal parameter in an Ansible Playbook
OS Information
ansible server
# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.4 (Santiago)
# ansible-playbook --version
ansible-playbook 1.5
any idea what i did wrong?
Yaniv,
Yaniv Ferszt schrieb (21.02.2014 13:45 Uhr):
I am just starting to learn ansible and have a question regarding the "authorized_key" Modul.
what i am trying to accomplish is add multiple ssh public keys to a remote systems root user.
I used copy and assemble to achieve this.
First I copy a directory "keys" containing the individual keys to ~/.ssh/.
Second I assemble all the files in this directory in the authozied_keys file.
Marc
I think that your only problem is indentation, you have to be careful with it. I used your code and added indentation:
user: root, sets the user you login as remotely to root. user has been deprecated in favor of the more explicit remote_user: but they are the same (consider it an alias), it can also be set by the inventory variable ansible_ssh_user.
I think that your only problem is indentation, you have to be careful with it. I used your code and added indentation:
thanks. i used your corrected code and i did not receive the error again.
but now something else is happening. if i run this code only the second ssh public key stays in the authorized_keys file.
its placing user-a public key and then replacing it with the public key from user-b.
even if i try it with this code
What version of Ansible are you using? For me authorized_keys module only adds new keys, it doesn’t replace them, so that shouldn’t happen, even though I would like to have an option to remove all previouse keys before adding new ones.
the latest from git (today)
[yaniv@yfhv1 playbooks]$ ansible --version
ansible 1.5
actually what is happening it reminds me of a puppet feature where you can manage the content of a file.
but i did not expect this from the ansible “authorized_keys” Module.
I’m using 1.4.4 and it is not doing that, it is only appending new keys to the current ones. Maybe something was changed in 1.5. Could you try 1.4.5?
I’m using 1.4.4 and it is not doing that, it is only appending new keys to the current ones. Maybe something was changed in 1.5. Could you try 1.4.5?
same behaviour with version 1.4.5
[yaniv@yfhv1 playbooks]$ ansible-playbook --version
ansible-playbook 1.4.5
here are the playbooks i have tested
[yaniv@yfhv1 playbooks]$ cat ssh-keys.yml
I just tried your first playbook on 1.4.4 and it added both keys to the authorized_keys file. Are you sure that those keys are different files? Maybe you made a mistake an copied one key to another?
i just confirmed that i made a mistake and tested it with every version since 1.4.4 and it is working.
what i did was taking 1 ssh public key made a copy and changed inside the name at the end (user-a → user-b). was thinking it would handle it as a different key.
not working example
user-a public key
cat usera.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAybrGnaPXZJ9LeTVO664PsrybLm5HPuwjOwhz+7+CQbKTqqk9OxL83gQDToCm55XT+6FUcNC1Yxs73Wymt5AetTAGBHKBpXknn1kMe/TFxb0rcF+W1e/LKciO0vjMAi+IyLFMwRiKE7IGUAR0P3eZxrz3TIhrZc+DzQupbCWdAVTAtneHfi5VAh3wg2CCx35SaLpNYZCbaYVTTvj7YjL7R3fkP2zEPTeJxoy7L+NOzSPShwGtMsFqxJTN6up4Y5sVfAAGqNQtGEDDfS0dd0sueg2OwY9KUk6iqE9GE2wPWbYHtNn+bfupAQvaOK1nSh6r2wgiZyd5x5qYaGPzabe8oQ== user-a
user-b public key
cat userb.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAybrGnaPXZJ9LeTVO664PsrybLm5HPuwjOwhz+7+CQbKTqqk9OxL83gQDToCm55XT+6FUcNC1Yxs73Wymt5AetTAGBHKBpXknn1kMe/TFxb0rcF+W1e/LKciO0vjMAi+IyLFMwRiKE7IGUAR0P3eZxrz3TIhrZc+DzQupbCWdAVTAtneHfi5VAh3wg2CCx35SaLpNYZCbaYVTTvj7YjL7R3fkP2zEPTeJxoy7L+NOzSPShwGtMsFqxJTN6up4Y5sVfAAGqNQtGEDDfS0dd0sueg2OwY9KUk6iqE9GE2wPWbYHtNn+bfupAQvaOK1nSh6r2wgiZyd5x5qYaGPzabe8oQ== user-b
so i generated a new key pair and gave user-b a new public key and it works.
sorry for all that trouble and thanks for the help.
Glad you found the problem 