Check out the following comment from github: https://github.com/ansible/ansible/issues/13159#issuecomment-156482308
Short answer is that you need to use 0400 instead of 400 so that Ansible knows you are supplying an octal mode as opposed to decimal. On Thursday, November 19, 2015, <[email protected]> wrote: > Hey, > > This is potentially something that is frowned upon, but I'm trying to add > SSH keys to a server via Ansible so that the destination server can use > these keys later for other operations. > > So I am trying to do the following: > > - name: add default ssh keys > become: true > copy: > src: ./.ssh/ > dest: ~/.ssh > mode: 400 > force: true > > > I would expect to see the keys added and set to read only: > > -r-------- > > > However, when looking at the keys on the destination server I'm seeing > this: > > -rw--w---- > > > Is there any particular reason why they do not have the permissions I'm > asking? > Or is there a way I can upload them and then update all keys in that > folder to be read only? > > Thanks, > Gary > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] > <javascript:_e(%7B%7D,'cvml','ansible-project%[email protected]');> > . > To post to this group, send email to [email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/a44a9a07-7c36-4aad-abc7-055a35d3e754%40googlegroups.com > <https://groups.google.com/d/msgid/ansible-project/a44a9a07-7c36-4aad-abc7-055a35d3e754%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- Matt Martz @sivel sivel.net -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAD8N0v9uDNOaxxDKFgeip1uhdt3r%3DNzf_W0fd-HAS68f_fuNTg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
