cans.ssh-authorize

This is a simple tool that sets up SSH access for user accounts in bulk.

It takes a folder (default is public_keys) that has several files, each with a public SSH key, and combines these to create the ~/.ssh/authorized_keys file on the remote user account.

The actual file that gets created depends on a few settings:

"{{sshauthz_homes_dir}}/{{sshauthz_user}}/{{sshauthz_ssh_config_dirname}}/{{sshauthz_authorized_keys_filename}}"

You can customize it if needed, but the default settings should work for most situations.

Important: This tool works straightforwardly, and to prevent locking you out of the machine, it includes a way to check if your key is in the source folder.

Requirements

There are no specific requirements for this tool.

Role Variables

Default Settings

• sshauthz_homes_dir: The main directory for user accounts on the remote machine (default: "/home")
• sshauthz_user: The remote account for which you want to set up access (default: "{{ansible_user_id}}")
• sshauthz_ssh_config_dirname: (default: ".ssh")
• sshauthz_authorized_keys_filename: The name of the authorization file on the remote machine (default: "authorized_keys")
• sshauthz_keys_directory: The folder where the keys to be authorized are located on the remote account (default: "{{ playbook_dir + '/files/public_keys/default' }}")

Dependencies

This tool has no dependencies.

Example Playbook

- hosts: etl, proxy
  roles:
    - { role: ssh-access, sshauthz_user: remus }
    - { role: ssh-access, sshauthz_user: romolus, sshauthz_keys_directory: '~/public_keys' }

License

GPLv2

Author Information

Copyright © 2017, Nicolas CANIART.