This role allows management of SSH and authorized keys independently of users.
No special requirements.
| Variable name | Default value | Description |
|---|---|---|
ssh_user |
undefined |
Name of ssh key owner. |
ssh_user_home |
/home/{{ ssh_user }} |
Derived path to owner's home directory. |
ssh_ssh_dir |
{{ ssh_user_home }}/.ssh |
Derived path to owner's .ssh directory. |
ssh_ssh_dir_owner |
{{ ssh_user }} |
Owner of .ssh directory. |
ssh_ssh_dir_group |
{{ ssh_user }} |
Group of .ssh directory. |
ssh_ssh_dir_mode |
0700 |
Default permissions for .ssh directory. |
ssh_ssh_keys |
[] |
List of ssh keys. |
ssh_authorized_keys_file |
{{ ssh_ssh_dir }}/authorized_keys |
Derived path to owner's authorized_keys file. |
ssh_authorized_keys_mode |
0600 |
Default permissions for authorized_keys file. |
ssh_authorized_keys |
[] |
List of paths to public keys to be added to authorized_keys file. |
The ssh_ssh_keys var is a list of the properties of the keys. The
src property is mandatory, but the mode property can be omitted:
ssh_ssh_keys:
- src: path/to/private_key
mode: 0600
- src: path/to/public_key.pub
mode: 0644
The ssh_authorized_keys var is a simple list of paths:
ssh_authorized_keys:
- path/to/public_key_1.pub
- path/to/public_key_2.pub
- On linux systems, only one variable besides
ssh_ssh_keysand/orssh_authorized_keysmust be set:ssh_user. - On macOS hosts, two variables besides
ssh_ssh_keysand/orssh_authorized_keysmust be set:ssh_userandssh_user_home.
None.
- hosts: servers
vars:
ssh_user: "username"
ssh_ssh_keys:
- src: "files/keys/id_rsa"
- src: "files/keys/id_rsa.pub"
ssh_authorized_keys:
- "files/authorized_keys/keyname.pub"
role:
- ansible-role-ssh-keys
GPLv3
Christopher Torgalson