Not getting desired o/p Help required

Archives Ansible Project
1

I have a config file :

[ansible-master .ssh]# cat ~/.ssh/config
Host *
StrictHostKeyChecking no

RAKA

Host node1
Hostname 10.160.0.7
IdentityFile ~/.ssh/RAKA
Host node2
Hostname 10.128.0.11
IdentityFile ~/.ssh/RAKA
Host node3
Hostname 10.160.0.8
IdentityFile ~/.ssh/RAKA
[root@ansible-master .ssh]#

My Playbook is —

  • hosts: localhost
    become: true
    become_user: root
    vars:
    SITEID: RAKA
    Configfile: ‘~/.ssh/config’
    ssh_key_location: ‘~/.ssh/“{{ SITEID }}”.pub’
    ssh_key_create_path: ‘~/.ssh/“{{ SITEID }}”’
    vars_prompt:
  • name: “some_password”
    prompt: “Enter Password”
    private: yes

tasks:

  • stat:
    path: “{{ ssh_key_location }}”
    register: sshkey_result

  • name: If SSH key Present then Ignore teh creation of SSH
    delegate_to: localhost
    when: sshkey_result.stat.exists == true
    debug:
    msg: “SSH keys already present. No need for creation”

  • name: Generating a new SSH key for the current user if it Does’nt exists already
    delegate_to: localhost
    command: ssh-keygen -q -b 2048 -t rsa -N “” -f “{{ ssh_key_create_path }}”
    changed_when: False
    when: sshkey_result.stat.exists == false

  • name: Deploy teh Key generated on teh required machines
    shell: grep ‘Host’ “{{ SITEID }}” “{{ Configfile }}” |awk '{print $2}'

raw: grep ‘Host’ “{{ SITEID }}” “{{ Configfile }}”

register: desired_hosts

  • debug:
    var: desired_hosts.stdout_lines
    command: ssh-copy-id -i “{{ ssh_key_location }}” “{{ desired_hosts }}”

While running i am getting an error:

TASK [debug] ********************************************************************************************************************************************************************************
ok: [localhost] => {
“desired_hosts.stdout_lines”:
}

TASK [Deploy] *******************************************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {“changed”: true, “cmd”: [“ssh-copy-id”, “-i”, “~/.ssh/RAKA.pub”, “{‘stderr_lines’: [u’grep: RAKA: No such file or directory’, u’grep: ~/.ssh/config: No such file or directory’], u’changed’: True, u’end’: u’2019-06-21 06:54:43.497017’, ‘failed’: False, u’stdout’: u’‘, u’cmd’: u’grep \‘Host\’ RAKA ~/.ssh/config |awk \\'{print $2}\\'‘, u’rc’: 0, u’start’: u’2019-06-21 06:54:43.488159’, u’stderr’: u’grep: RAKA: No such file or directory\ngrep: ~/.ssh/config: No such file or directory’, u’delta’: u’0:00:00.008858’, ‘stdout_lines’: }”], “delta”: “0:00:00.069500”, “end”: “2019-06-21 06:54:43.798178”, “msg”: “non-zero return code”, “rc”: 1, “start”: “2019-06-21 06:54:43.728678”, “stderr”: “/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/RAKA.pub"\n/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed\n\n/usr/bin/ssh-copy-id: ERROR: ssh: Could not resolve hostname {‘stderr_lines’: [u’grep: raka: no such file or directory’, u’grep: ~/.ssh/config: no such file or d: Name or service not known”, “stderr_lines”: [“/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/RAKA.pub"”, “/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed”, “”, “/usr/bin/ssh-copy-id: ERROR: ssh: Could not resolve hostname {‘stderr_lines’: [u’grep: raka: no such file or directory’, u’grep: ~/.ssh/config: no such file or d: Name or service not known”], “stdout”: “”, “stdout_lines”: }

PLAY RECAP *****************

2

Hii

You seem to be running ansible as root (bad practice) yet also use become (not necessary), to generate SSH keys using a shell command and using the deploy user’s own ssh_config as some sort of inventory.

The subject of the message says “Not getting desired o/p” - so what IS the desired output (assuming that’s what o/p means)?

Or perhaps a better question: what are you trying to achieve?

Dick

3

Hi Dick,
Thanks for the reply . My target is i want to copy the pub key to all hosts present inside the ~/.ssh/config file(viz. node1,node2,node3).
I had tried doing it using authorized_key module , but as I dont want to make changes in the “ansibleconfig” for disabling the stict host checking. So i had to modify the playbook using shell module.
But the shell module says that grep is not working. I think iam making something wrong in syntax…
Would really appreciate , if any one can help me. achieving this goal.

Changing teh subject lien as you mentioned:)

.
I had tried to do it using On Friday, June 21, 2019 at 2:26:18 PM UTC+5:30, Dick Visser wrote:

4

Hi

The code you posted seems to generate a set of (unprotected) key pairs
in the deploy user's home directory, and then tries to manually copy
those hosts, using a mix of shell/grep/awk.
And you want to copy "the pub key" to all hosts that are listed in the
deploy user's ~/ssh/config.
This is done using root locally, and also root on the remote hosts?
It's still not clear to me what you want to achieve? I.e. the purpose
of this playbook. Please explain more clearly.

In any case I would strongly advise to stop using root's ~/.ssh/config
and instead use an inventory file:
https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html

Also, if your purpose is to set up passwordless authentication to a
number of hosts, then you should use the authorized_key module.

Dick