I goofed and qouted the variable.  This did not work:

  - name: Create User's SSH Keys
    nxos_config:
      lines:
        - username "{{ item }}" sshkey "{{ user_data[item].ssh_key }}"
      provider: "{{ cli }}"
    with_items: "{{ network_admins }}"

This did:

  - name: Create User's SSH Keys
    nxos_config:
      lines:
        - username {{ item }} sshkey {{ user_data[item].ssh_key }}
      provider: "{{ cli }}"
    with_items: "{{ network_admins }}"

Have you had any luck with injecting ssh keys into ios?

Thanks,

Steven.

On Sunday, September 18, 2016 at 11:19:53 PM UTC-4, Peter Sprygada wrote:
>
> Strange, I just tested with the the stable-2.1 branch and I am not seeing 
> these issues.  Both Cli and Nxapi transports are working just fine. 
>
> Could you provide the output of both "ansible --version" as well as "show 
> version" from your device?
>
> On Sat, Sep 17, 2016 at 1:10 PM, Steven Carter <ste...@smcarter.com 
> <javascript:>> wrote:
>
>> I have the following two plays to create users with ssh keys in NXOS:
>>
>>   - name: Create User
>>     nxos_config:
>>       lines:
>>         - username "{{ item }}" role network-admin
>>       provider: "{{ cli }}"
>>     with_items: "{{ cil_network_admins }}"
>>
>>   - name: Create User's SSH Keys
>>     nxos_config:
>>       lines:
>>         - username "{{ item }}" sshkey "{{ user_data[item].ssh_key }}"
>>       provider: "{{ cli }}"
>>     with_items: "{{ cil_network_admins }}"
>>
>> The data structures are:
>>
>> user_data:
>>   stevenca:
>>     name: "Steven Carter"
>>     uid: 2000
>>     group: admin
>>     ssh_key: "ssh-rsa  Rest of SSH Key..."
>>
>> cil_network_admins:
>>   - stevenca
>>
>> I do not get any errors:
>>
>> TASK [Create User] 
>> *************************************************************
>> changed: [XXX.XXX.XXX.129] => (item=stevenca)
>> changed: [XXX.XXX.XXX.128] => (item=stevenca)
>>
>> TASK [Create User's SSH Keys] 
>> **************************************************
>> changed: [XXX.XXX.XXX.129] => (item=stevenca)
>> changed: [XXX.XXX.XXX.128] => (item=stevenca)
>>
>> PLAY RECAP 
>> *********************************************************************
>> XXX.XXX.XXX.128            : ok=4    changed=2    unreachable=0   
>>  failed=0
>> XXX.XXX.XXX.129            : ok=4    changed=2    unreachable=0   
>>  failed=0
>>
>> But it does not work.  I get 'username stevenca role network-admin' in 
>> the switch's config, but no ssh key.  Is there a length limit that silently 
>> eats the SSH key?
>>
>> The above is using 'cli' for transport.  When I use 'nxapi', I get:
>>
>> TASK [Create User] 
>> *************************************************************
>> changed: [XXX.XXX.XXX.128] => (item=stevenca)
>> failed: [XXX.XXX.XXX.129] (item=stevenca) => {"clierror": "% String 
>> failed to match token pattern\n", "code": "400", "failed": true, "item": 
>> "stevenca", "msg": "CLI execution error"}
>>
>> TASK [Create User's SSH Keys] 
>> **************************************************
>> failed: [XXX.XXX.XXX.128] (item=stevenca) => {"clierror": "invalid SSH 
>> key format\n", "code": "400", "failed": true, "item": "stevenca", "msg": 
>> "CLI execution error"}
>>
>> I verified the key by adding manually, and it worked fine.  It seems like 
>> the above could come from truncation as well.
>>
>> Thanks,
>>
>> Steven.
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com <javascript:>.
>> To post to this group, send email to ansible...@googlegroups.com 
>> <javascript:>.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/1dcf205e-29df-4f0c-9c11-e95fa1473b44%40googlegroups.com
>>  
>> <https://groups.google.com/d/msgid/ansible-project/1dcf205e-29df-4f0c-9c11-e95fa1473b44%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/255bc6f9-7e5b-4d25-b990-3aec44d21369%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to