GROG.authorized-key

Panoramica Versioni Approfondimenti

Authorized-key

Ansible Galaxy Build Status Latest tag Gitter chat

This is a tool for managing authorized SSH keys.

The following tools are designed to work well with this one:

  • user: for managing user accounts.
  • sudo: for managing sudo permissions.

The management-user tool combines all these features into one easy-to-use package.

Requirements

  • Your systems should be set up to use Ansible (with Python installed, etc.).
  • You need root access, e.g., become: yes.

Role Variables

Variable Description Default Value
authorized_key_list List of users and their keys (see details below!) []
authorized_key_list_host List of users and their keys for specific hosts (see details below!) []
authorized_key_list_group List of users and their keys for specific groups (see details below!) []
authorized_key_exclusive Default value for exclusivity no
authorized_key_key_options Default options for keys /
authorized_key_manage_dir Control if the directory is managed yes
authorized_key_state Default state of the keys present

Details on authorized_key_list

The lists authorized_key_list, authorized_key_list_host, and authorized_key_list_group are combined when managing the authorized keys. You can specify keys for specific hosts or groups using these lists.

The authorized-key list lets you define which users and keys should be managed. Each entry includes a username and a list of keys.

Variable Description Default
name Username /
authorized_keys List of keys /

Each key in the authorized_keys list can have these attributes:

Variable Description Required Default
exclusive Is this key exclusive? no authorized_key_exclusive
key The SSH key yes /
key_options Options to add to the key no /
manage_dir Control if the authorized_keys directory is managed no authorized_key_manage_dir
path Path for the SSH key no 'home_dir/.ssh/authorized_keys'
state State of the key (present/absent) no authorized_key_state
Example of authorized_key_list
authorized_key_list:
  - name: testuser1
    authorized_keys:
      - key: "{{ lookup('file', '/home/charlie/.ssh/id_rsa.pub') }}"
      - key: "{{ lookup('file', '/home/john/.ssh/id_rsa.pub') }}"
        state: absent
  - name: testuser2
    authorized_keys:
      - key: "{{ lookup('file', '/home/charlie/.ssh/id_rsa.pub') }}"

Dependencies

None.

Example Playbook

---
- hosts: servers
  roles:
  - { role: GROG.authorized-key, become: yes }

Inside group_vars/servers.yml:

authorized_key_list_group:
  - name: user
    authorized_keys:
      - key: "{{ lookup('file', '/home/charlie/.ssh/id_rsa.pub') }}"
      - key: "{{ lookup('file', '/home/john/.ssh/id_rsa.pub') }}"

Contributing

All help, suggestions, or improvements are welcome!

Author

By G. Roggemans

License

MIT

Informazioni sul progetto

A role for managing authorized keys.

role authorized key ssh system
Installa
ansible-galaxy install GROG.authorized-key
GitHub repository
25 stelle
7 fork
1 problemi aperti
Licenza
mit
Download
258.9k
Proprietario
GROG
Open Source Science and Technology