arillso.authorized_key

Panoramica Versioni Approfondimenti

Ansible Role: authorized_key

Build Status license Ansible Galaxy Ansible Role

Description

This role helps set up secure configurations for ssh clients and servers. It aims to follow the DevSec SSH Baseline.

Installation

ansible-galaxy install arillso.authorized_key

Requirements

None

Role Variables

authorized_key_users

By default, this loads from the list of users. authorized_key_users: '{{ users | default() }}'

Parameters for authorized_key_users

comment

Works for: Windows|Linux

Change the comment on the public key. This is useful when copying keys from platforms like GitHub or GitLab. If you don't specify a comment, the current one stays.

exclusive

Works for: Windows|Linux

Decide if all other unspecified keys should be removed from the authorized_keys file. You can put multiple keys in one string, separating them by newlines. Note that this option works once for each loop item if you use a loop. To add multiple keys, pass them all together in a single entry.

follow

Works for: Linux

Follow symbolic links instead of replacing them.

key

Works for: Windows|Linux

Your SSH public key(s), as a string or a URL (like https://github.com/username.keys).

key_options

Works for: Windows|Linux

A string of SSH key options added at the beginning of the key in the authorized_keys file.

manage_dir

Works for: Windows|Linux

Decide if this module should manage the directory of the authorized key file. If yes, it will create the directory and set the owner and permissions for it. If you're using a different directory for authorized_keys (set by the path), set manage_dir=no to avoid being locked out of SSH.

path

Works for: Windows|Linux

Alternative path to the authorized_keys file. If not set, it defaults to ~/.ssh/authorized_keys.

state

Works for: Windows|Linux

Decide if the key (with the specified key_options) should be included or not.

username

Works for: Windows|Linux

The username on the remote host for which the authorized_keys file will be changed.

validate_certs

Works for: Windows|Linux

This applies if you use a HTTPS URL to get the keys. If set to no, SSL certificates won't be checked. Only set this to no for controlled sites that use self-signed certificates, as it skips verifying the source.

Dependencies

None

Example Playbook

- hosts: all
  roles:
    - arillso.authorized_key

Author

License

This project is licensed under the MIT License. See the LICENSE file for full license details.

(c) 2020, Arilso

Informazioni sul progetto

Ansible role to managed authorized key

role authorized key linux openssh ssh windows
Installa
ansible-galaxy install arillso.authorized_key
GitHub repository
0 stelle
1 fork
0 problemi aperti
Licenza
mit
Download
424.6k
Proprietario