Lookup in authorized_key not finding the file

Hello everyone, I am very confused as I try to give the permission for a user to ssh to its local machine on its own user. I generate an ssh key on the target machine where the user is previously created and I in adding its public key to its authorized_keys through the authorized_key module.

fatal: [server-01]: FAILED! => {"msg": "The 'file' lookup had an issue accessing the file '/home/coolify/.ssh/id_ed25519.pub'. file not found, use -vvvvv to see paths searched"}

Here is the snippet of code that causes me the hardship (the first task is always successful):

- name: Generate SSH key for Coolify                                               
  community.crypto.openssh_keypair:                                                
    path: /home/coolify/.ssh/id_ed25519                                            
    type: ed25519                                                                  
    state: present                                                                 
    owner: coolify                                                                 
    group: coolify                                                                 
                                                                                   
- name: Add Coolify's public SSH key to authorized_keys                            
  authorized_key:                                                                  
    user: coolify                                                                  
    state: present                                                                 
    key: "{{ lookup('file', '/home/coolify/.ssh/id_ed25519.pub') }}"               
    become: yes                                                                    
    become_user: coolify      

I have in the first place forgot about the become, it did not work and I assumed it was a matter of rights as I am running the playbook with another user.
I ran the playbook multiple times and it always fails at that step, whereas I have checked that the user had indeed its ssh keypair generated with the appropriate rights.

server-01:/home/coolify/.ssh# ll
total 16
drwx------ 2 coolify coolify 4096 Sep  5 16:58 ./
drwxr-x--- 4 coolify coolify 4096 Sep  5 17:10 ../
-rw------- 1 coolify coolify  387 Sep  5 16:58 id_ed25519
-rw-r--r-- 1 coolify coolify   82 Sep  5 16:58 id_ed25519.pub
server-01:/home/coolify# ll
total 28
drwxr-x--- 4 coolify coolify 4096 Sep  5 17:10 ./
drwxr-xr-x 4 root    root    4096 Sep  5 16:47 ../
drwxrwxr-x 3 coolify coolify 4096 Sep  5 17:10 .ansible/
-rw-r--r-- 1 coolify coolify  220 Mar 31 08:41 .bash_logout
-rw-r--r-- 1 coolify coolify 3771 Mar 31 08:41 .bashrc
-rw-r--r-- 1 coolify coolify    0 Jul 16 05:50 .cloud-locale-test.skip
-rw-r--r-- 1 coolify coolify  807 Mar 31 08:41 .profile
drwx------ 2 coolify coolify 4096 Sep  5 16:58 .ssh/

Any idea please?
Thank you a lot in advance!

Is server-01 also your ansible controller? Lookups run on the controller, not the targeted host(s). See the synopsys for the file lookup.

If that is the issue:

You might need to use ansible.builtin.fetch to retrieve /home/coolify/.ssh/id_ed25519.pub first and store that somewhere. Then you can use lookup('file',…).

Or you might use

ansible.builtin.command: cat /home/coolify/.ssh/id_ed25519.pub
register: coolify_pub_key

then use key: "{{ coolify_pub_key.stdout_lines[0] }}" in your authorized_key task.

If that’s not the issue, er, I’m out of ideas.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.