ansible-role-create-users
ansible-role-create-users copied to clipboard
Published
20 hours ago •
ryandaniels
ryandaniels
invalid key specified when using SSH keys
Hello everyone,
The execution of my playbook fails when users have SSH key(s). This is the error message (sorry for the layout, but github seems to have degraded the possibilities to write clean code...).
"msg": "invalid key specified: ['ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNtoEXORkQPe92V60dfz5YdkKG/eXmK/kaCboh06UuGwCDhEZxXCRFtXTfleUlD2fygXrkr+w9KWWbp82XufDWZOxXCnfyJhxjstdMIljkBqg9ZxQY+D+N+bV7OhdFEGqycqX6y8/tKySf2x+i79gIq4V/mrnc8ME9iX/WMZA1Doscvhhbob0OWl3WLEjMDe1WENUbbHB23mQOI4ZF5GWV7JBX+HPYX6Gi1vWNUtw1WfEk2fAesIMbsDIemETWWZLiO+fL95TKybn7izakQobZX23Kem+7gK5iJqKIt9sDpWKcgymTL0RIE2WyAoVL7ShUVY2dkQiY9WUcGXJDAHQT matt@mshe']
However, this key is perfectly valid, as shown by the ssh-keygen -l command below.
root@pbs14200:~ # cat id_rsa_matt.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNtoEXORkQPe92V60dfz5YdkKG/eXmK/kaCboh06UuGwCDhEZxXCRFtXTfleUlD2fygXrkr+w9KWWbp82XufDWZOxXCnfyJhxjstdMIljkBqg9ZxQY+D+N+bV7OhdFEGqycqX6y8/tKySf2x+i79gIq4V/mrnc8ME9iX/WMZA1Doscvhhbob0OWl3WLEjMDe1WENUbbHB23mQOI4ZF5GWV7JBX+HPYX6Gi1vWNUtw1WfEk2fAesIMbsDIemETWWZLiO+fL95TKybn7izakQobZX23Kem+7gK5iJqKIt9sDpWKcgymTL0RIE2WyAoVL7ShUVY2dkQiY9WUcGXJDAHQT matt@mshe
root@pbs14200:~ # ssh-keygen -l -f id_rsa_matt.pub
2048 SHA256:wxvifLRrl8wP6QUE3PMYZ0ISZXVHbZ9IgHWgjJu3VA8 matt@mshe (RSA)
I wrote the following role to create users.
- name: Include variables from sudoers.yml
include_vars:
file: "{{ role_path }}/defaults/sudoers.yml"
- name: Create accounts in a loop on the user dictionary
include_role:
name: ryandaniels.create_users
vars:
comment: "{{ user_item.comment }}"
password: "{{ user_item.password }}"
primarygroup: "{{ user_item.primarygroup }}"
ssh_key: "{{ user_item.ssh_key }}"
exclusive_ssh_key: "{{ user_item.exclusive_ssh_key | default(yes) }}"
user_state: "{{ user_item.user_state }}"
update_password: "{{ user_item.update_password | default(on_create) }}"
username: "{{ user_item.username }}"
use_sudo: "{{ user_item.use_sudo }}"
use_sudo_nopass: "{{ user_item.use_sudo_nopass }}"
with_items: "{{ users }}"
loop_control:
loop_var: user_item
the data has been organized in accordance with the documentation and the previous role, in the users dictionary.
users:
- username: matt
user_state: present
comment: Mattieu Latroy
primarygroup: matt
password: "$6$...EhO."
cron_allow: yes
use_sudo: yes
use_sudo_nopass: yes
servers:
- linux
exclusive_ssh_key: yes
ssh_key:
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNtoEXORkQPe92V60dfz5YdkKG/eXmK/kaCboh06UuGwCDhEZxXCRFtXTfleUlD2fygXrkr+w9KWWbp82XufDWZOxXCnfyJhxjstdMIljkBqg9ZxQY+D+N+bV7OhdFEGqycqX6y8/tKySf2x+i79gIq4V/mrnc8ME9iX/WMZA1Doscvhhbob0OWl3WLEjMDe1WENUbbHB23mQOI4ZF5GWV7JBX+HPYX6Gi1vWNUtw1WfEk2fAesIMbsDIemETWWZLiO+fL95TKybn7izakQobZX23Kem+7gK5iJqKIt9sDpWKcgymTL0RIE2WyAoVL7ShUVY2dkQiY9WUcGXJDAHQT matt@mshe"
The debug mode shows that the data is correctly managed by the role:
{
"comment": "Mattieu Latroy",
"cron_allow": true,
"exclusive_ssh_key": true,
"password": "$6$...EhO.",
"primarygroup": "matt",
"servers": [
"linux"
],
"ssh_key": [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNtoEXORkQPe92V60dfz5YdkKG/eXmK/kaCboh06UuGwCDhEZxXCRFtXTfleUlD2fygXrkr+w9KWWbp82XufDWZOxXCnfyJhxjstdMIljkBqg9ZxQY+D+N+bV7OhdFEGqycqX6y8/tKySf2x+i79gIq4V/mrnc8ME9iX/WMZA1Doscvhhbob0OWl3WLEjMDe1WENUbbHB23mQOI4ZF5GWV7JBX+HPYX6Gi1vWNUtw1WfEk2fAesIMbsDIemETWWZLiO+fL95TKybn7izakQobZX23Kem+7gK5iJqKIt9sDpWKcgymTL0RIE2WyAoVL7ShUVY2dkQiY9WUcGXJDAHQT matt@mshe"
],
"use_sudo": true,
"use_sudo_nopass": true,
"user_state": "present",
"username": "matt"
},
I don't know what the problem is and I'd like to know if I've forgotten something or if there's a bug somewhere.
Thanks in advance for your feedback.
Ernest.
