I have a similar issue that we just ran into.
We can't have root ssh to our clients.
We need to copy file from our master to our clients that is mode u+r / 0400
and this means our admins can't read the file while they are "themselves".
If we run the command as a non-priveleged user, then they can't read the
file.
[urew@cfg ansible]$ ansible 10.10.5.63 -m authorized_key -a "user=urmm
key=\"{{ lookup('file', '/home/urmm/.ssh/id_rsa.pub') }}\" manage_dir=yes
state=present" -u urew --sudo
sudo password:
10.10.5.63 | success >> {
"changed": false,
"key": "",
"key_options": null,
"keyfile": "/home/urmm/.ssh/authorized_keys",
"manage_dir": true,
"path": null,
"state": "present",
"unique": false,
"user": "urmm"
}
[urew@cfg ansible]$
If we run the command as root, then we can't authenticate to the clients.
[root@cfg ansible]# ansible 10.10.5.63 -m authorized_key -a "user=urmm
key=\"{{ lookup('file', '/home/urmm/.ssh/id_rsa.pub') }}\" manage_dir=yes
state=present" -u urew
sudo password:
10.10.5.63 | FAILED => FAILED: Authentication failed.
What am I missing please? I've looked and I've looked but (obviously?) I'm
looking for the wrong thing.
>>>>>>>>Ericw
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/7a909c8f-8c1f-427b-a988-b88b6485f3b3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
