informatiquecdc.win_authorized_key

win_authorized_key - Manage SSH Authorized Keys

Overview

This Ansible module helps you add or remove SSH keys for user accounts on Windows systems.

Requirements

To use this module, the following is required on the host:

Win32 OpenSSH

Parameters

Parameter	Options/Defaults	Description
user	Required	The username on the remote system whose authorized_keys file you want to modify.
key	Required	The SSH public key, which can be provided as a string or through a URL (e.g., https://github.com/username.keys).
path	Default: `(homedir)+/.ssh/authorized_keys`	Alternative location for the authorized_keys file.
manage_dir	Choices: no, yes (default: yes)	Control whether to manage the directory of the authorized key file. Setting it to 'no' helps prevent locking yourself out if using a custom directory.
state	Choices: present (default), absent	Indicates if the key should be present or absent in the file.
key_options		Additional SSH key options to apply.
exclusive	Choices: no (default), yes	If set to 'yes', it removes all other keys not specified, keeping only the specified ones in the file.
validate_certs	Choices: no, yes (default: yes)	Applies when using a URL as the key source. Setting it to 'no' skips SSL certificate validation.
comment		Change the comment on the public key. Useful for identifiers like GitHub usernames. If not specified, it keeps the existing comment.
follow	Choices: no (default), yes	Follows symbolic links instead of replacing them.

Examples

---
roles:
  - win_authorized_key

tasks:

  - name: Add authorized key from file
    win_authorized_key:
      user: charlie
      state: present
      key: "{{ lookup('file', 'c:/users/charlie/.ssh/id_rsa.pub') }}"

  - name: Add authorized keys from URL
    win_authorized_key:
      user: charlie
      state: present
      key: https://github.com/charlie.keys

  - name: Add authorized key in a different location
    win_authorized_key:
      user: charlie
      state: present
      key: "{{ lookup('file', 'c:/users/charlie/.ssh/id_rsa.pub') }}"
      path: c:/ProgramData/ssh/administrators_authorized_key
      manage_dir: false

  - name: Add multiple authorized keys
    win_authorized_key:
      user: deploy
      state: present
      key: '{{ item }}'
    with_file:
      - public_keys/doe-jane
      - public_keys/doe-john

  - name: Add authorized key with options
    win_authorized_key:
      user: charlie
      state: present
      key: "{{ lookup('file', 'c:/users/charlie/.ssh/id_rsa.pub') }}"
      key_options: 'no-port-forwarding,from="10.0.1.1"'

  - name: Add authorized key without validating certificates
    win_authorized_key:
      user: charlie
      state: present
      key: https://github.com/user.keys
      validate_certs: false

  - name: Add authorized key while removing others
    win_authorized_key:
      user: administrator
      key: '{{ item }}'
      state: present
      exclusive: true
    with_file:
      - public_keys/doe-jane

Return Values

Here are the unique return values for this module:

Key	Returned	Description
exclusive	success	Indicates if the key was set to be exclusive.
key	success	The key being processed.
key_option	success	SSH key options related to the key.
keyfile	success	The path of the authorized key file.
manage_dir	success	Indicates if the module managed the directory of the authorized key file.
path	success	Alternate path to the authorized_keys file.
state	success	Shows if the key is present or absent as per the defined state.
unique	success	Indicates if the key is unique.
user	success	The username whose authorized_keys file will be modified.
validate_certs	success	States whether SSL certificates were validated if using a URL.