All Questions
21
questions
0
votes
1
answer
450
views
Permission denied (publickey) error when managing GCP machine via Ansible (running on GCP VM) despite successful SSH connection
I deployed two machines to GCP via Terraform. Let's call them control-host and target-host. I want to manage the target-host via Ansible installed on the control-host.
Unfortunately, I keep getting ...
1
vote
1
answer
270
views
Validate all public keys in authorized_file
In my authorized_file i have multiple public keys against one private key. Now i want to add a task in ansible which will validate that all public keys are valid keys and good for connection. My aim ...
1
vote
1
answer
425
views
Ansible file lookup works for debug, but doesn't work for authorized_key module — how to implement taking key from a file?
I am trying to build a playbook which includes distributing authorized SSH keys.
Each user's key is put into its own file named after the username. Users who need to be distributed are set in the ...
0
votes
1
answer
2k
views
Where to store private SSH keys?
Looking for a "best-practices" kind of answer when it comes to storing private SSH keys.
Scenario:
VMs are deployed to the cloud using Terraform, they use a single public key. Now the ...
0
votes
1
answer
752
views
How does everyone manage a multi server environment and their credentials with ansible?
I'm trying to figure out the cleanest and/or most secure way to manage a multi server (linux) environment in AWX/Tower/Ansible.
I've seen a few posts around this topic, but there doesn't seem to be a ...
0
votes
1
answer
306
views
How can I generate multiple ssh keys for a new Ansible server?
I work on an on-premise network, and we have an Ansible server connected via SSH-Keys to around 400 servers.
I've wanted to recreate the Ansible VM, due to the fact that it was poorly made on top of ...
0
votes
0
answers
3k
views
Adding SSH keys to local machine's SSH agent using Ansible
I'm trying to automate some of my personal server setup using Ansible, in order to wipe my disk clean and migrate to Ubuntu 20.04. Part of this process is installing the SSH keys I use for Github ...
4
votes
2
answers
4k
views
How can I make Ansible use the SSH signed client certificate for connections?
I have implemented SSH CA client signing on my servers. Sshd is configured on my servers with the following directive:
TrustedUserCAKeys /etc/ssh/trusted-users-ca.pem
I modified my local ssh config ...
0
votes
3
answers
3k
views
Ansible - wrong passphrase - even if it has to be correct
i am running ansible modules/playbooks (for example ping) with this command by user, who have sudo rights:
sudo ansible -m ping hosts
"hosts" is group of 2 hosts. When i run this, i'm asked for ...
22
votes
7
answers
60k
views
How to generate host SSH keys via ansible?
I'm trying to re-generate ssh host keys on a handful of remote servers via ansible (and ssh-keygen), but the files don't seem to be showing up. The playbook runs OK, but the files on the remote are ...
12
votes
6
answers
4k
views
SSH access gateway for many servers
Managing multiple servers, in excess of 90 currently with 3 devops via Ansible. All is working great, however there is a giant security problem right now. Each devop is using their own local ssh key ...
3
votes
1
answer
4k
views
ansible ssh connections with two factor auth
I'm setting ansible to manage a whole farm of servers. My approach is the following:
Allow a user to connect to all servers protecting his connections with a heavy RSA key, passphrase protected, and ...
0
votes
1
answer
2k
views
How to setup ansible passwordless login, if pbrun is being used and rootlogin is disabled
I am new to ansible, We are using pbrun (powerbroker) instead of sudo, and root login is disabled on all servers.
How can I setup passwordless login via ansible master to all slave servers?
My ...
0
votes
1
answer
3k
views
could not locate file in lookup: ansible ssh key adding failed
name: copy public keys to users- for other environments
authorized_key: user={{ item.username }}
key="{{ lookup('file', '../files/{{ item.username }}.pub') }}"
path='/home/{{ item.username }...
0
votes
1
answer
5k
views
Ansible can't git clone from enterprise git server
Hi I have enterprise git server where I created a private test-repo and added a ssh-key on the deploy ssh key form. I defined a git role in my common roles which is having below yml definition.
---
-...
1
vote
2
answers
9k
views
authorized_keys and with_items in Ansible
I'm trying to create new users and populate their ~/.ssh/authorized_keys file using Ansible. Here's my task:
- name: Create user account
user: name="{{ item.username }}-ns" comment="{{ item....
1
vote
1
answer
7k
views
Ansible deploy multiple authorized_keys on multiple hosts
We need deploy keys on the servers, but trick is that the keys are many and do not all of them must have deploy on all servers. Now we do it follows:
in vars roles/authorized_keys/vars/main.yml
...
8
votes
2
answers
11k
views
Ansible with SSH keys
Moving from Puppet to Ansible. Like the fact that it is agent less and SSH driven. I just setup two test VMs. One as the Ansible server (yes overkill), and the other as an example client (random Linux ...
12
votes
3
answers
12k
views
Distribute ssh public keys among hosts
I'm setting up some machines with Ansible and need to enable password less connections between them. I've got a database master and several slaves. For initial replication the slaves need to ssh into ...
27
votes
11
answers
76k
views
SSH aborts with Too many authentication failures
I'm attempting to run this simple provisioning script but I'm encountering errors when running vagrant up and then vagrant provision commands.
I read that I needed to create a /etc/ansible/hosts file ...
2
votes
3
answers
8k
views
ssh-copy-id in one line with password, possible?
I'm trying to setup an automated script in Ansible to set a new server, and i'm using ssh-copy-id to add the Ansible master server to the new server's authorized ssh keys.
I created a script which ...