The balrog key could interfere with the Gandalf key. :) Mike
> On Jul 12, 2022, at 15:54, Ben Coleman <[email protected]> wrote: > > In a variables file, I have a series of ssh keys assigned to variables: > > samwise_key: 'ssh-rsa..... > legolas_key: 'ssh-rsa.... > gandalf_key: 'ssh-rsa..... > > I then have variable defined to be a list of said keys: > > ssh_keys: > - "{{ samwise_key }}" > - "{{ legolas_key }}" > - "{{ gandalf_key }}" > > The idea is to be able to set up such keys (which are used in multiple places > in my Ansible scripts) in one place, instead of having to put them in each > place they're used. > > One of the places I need to use them is when creating a new linode. The > linode_v4 module has a parameter authorized_keys, which expects a list. > > I've got this set up as: > > - name: Create a new linode > linode_v4: > label: "{{ label }}.domainname.com > type: g6-nanode-1 > region: us-southeast > image: linode/ubuntu20.04 > root_pass: "yeah, like I'm going to include that in here" > authorized_keys: "{{ ssh_keys }}" > state: present > register: my_linode > > > I believe this has worked in the past, but currently (under ansible 2.12.3), > when I run this, I'm getting: > > fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unable to query the > Linode API. Saw: authorized_keys must be either paths to the key files or a > list of raw public key of one of these types: ('ssh-dss', 'ssh-rsa', > 'ecdsa-sha2-nistp', 'ssh-ed25519')"} > > If I copy the keys to an explicit list under authorized keys, like so: > > authorized_keys: > - 'ssh-rsa...... > - 'ssh-rsa...... > - 'ssh-rsa...... > > it works, which seems to eliminate the possibility that I'm using a key type > that's not recognized (my actual list has more than ssh-rsa keys). > > Which leaves me wondering: how do I pass this ssh_keys variable to the > authorized_keys parameter correctly? > > Ben > -- > Ben Coleman [email protected] | For the wise man, doing right trumps > http://oloryn.benshome.net/ | looking right. For the fool, looking > Amateur Radio NJ8J | right trumps doing right. > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/8e9e9524-33ba-3bcb-0d19-9ee9236bc675%40benshome.net. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/B7F63942-160C-4903-9450-19D6F0C6E184%40gmail.com.
OpenPGP_signature
Description: Binary data
