On Wed, 7 Dec 2022 12:23:59 -0800 (PST) "[email protected]" <[email protected]> wrote:
> - hosts: rhev_hosts
> become: yes
> become_method: su
> gather_facts: no
> vars:
> ssh_key: '/root/.ssh/id_rsa.pub'
>
> tasks:
>
> - name: Copy SSH key to each server
> authorized_key:
> key: "{{ lookup('file', ssh_key) }}"
> user: root
>
> Will that basically do an ssh-copy-id from each host in rhev_hosts to
> every other host in that host group?
No. The playbook won't neither do *ssh-copy-id* nor will it copy
public keys from each host in rhev_hosts to every other host in that
host group. The playbook will read /root/.ssh/id_rsa.pub on the
controller and insert this public key into the root's authorized_key
file on each host in the group rhev_hosts.
Notes:
* lookup always works on the controller.
* It is a bad idea to use root account on the Ansible controller to
run a playbook.
* It is also a bad idea to ssh to root on the remote host.
* The module ansible.posix.authorized_key doesn't use *ssh-copy-id*
utility. It writes the file authorized_key directly.
--
Vladimir Botka
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/20221207221833.2fef2968%40gmail.com.
pgpWba4gzGMdL.pgp
Description: OpenPGP digital signature
