Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Tony Wong]

Yes

My next take is to run rke up pointing to yaml file on my ansible host as
rke user

Will see how it goes

On Fri, Jul 22, 2022 at 3:23 PM John Petro  wrote:

> glad to hear that you got it working.  Now on to the next thing, right?
> hehe
>
> --John
>
> On Fri, Jul 22, 2022, 6:20 PM Tony Wong  wrote:
>
>> ok finally got it working. Thanks all for your help
>>
>> ---
>> # tasks file for createuser
>> - include_vars:
>>dir: vars
>>
>>#- name: copy id_rsa.pub to tmp for reading
>>#ansible.builtin.shell:
>># cmd: "{{ command2 }}"
>>#register: shell_output
>>#become: true
>>#delegate_to: localhost
>>
>> - name: read id_rsa.pub
>>   slurp:
>> path: "{{ authorized_key }}"
>>   become: yes
>>   delegate_to: localhost
>>   register: rke_pub_key
>>
>> - name: create user rke
>>   ansible.builtin.user:
>> name: '{{ username }}'
>> shell: '{{ shell }}'
>> generate_ssh_key: yes
>> create_home: yes
>> groups: [ "{{ group1 }}", "{{ group2 }}" ]
>> append: yes
>> ssh_key_file: .ssh/id_rsa
>>   become: true
>>
>> - name: Make sure we have a 'wheel' group
>>   group:
>> name: wheel
>> state: present
>>
>> - name: Allow 'wheel' group to have passwordless sudo
>>   lineinfile:
>> dest: /etc/sudoers
>> state: present
>> regexp: '^%wheel'
>> line: '%wheel ALL=(ALL) NOPASSWD: ALL'
>> validate: 'visudo -cf %s'
>>
>> - name: Setup authkeys for user rke
>>   become: true
>>   authorized_key:
>> user: '{{ username }}'
>> state: present
>> *key: "{{ rke_pub_key['content'] | b64decode }}"*
>> validate_certs: false
>>
>> On Fri, Jul 22, 2022 at 3:02 PM Tony Wong  wrote:
>>
>>> ok now getting different error
>>>
>>>
>>>
>>> ASK [rancherpocreplay : Setup authkeys for user rke]
>>> 
>>> [WARNING]: The value {'content':
>>> 'c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCZ1FERjhsU2I2d01VZzNBaWwrd1I5ajZGTFViMzE1eWp4WkpFY0huQkV6a0lwNG5rZ2RqbVpiWHFUb3FwN0hGMkdydUI
>>>
>>> 0RnRzNldJMjFXQVhtSGFKekkyUXlJdHhPdjJ4R1VoVnFlTUM3MkIxZUJVaHNDNHlOZXh4VTZLN200MXVFTVJxVEFVR2wweFZZdWVrYk00S0dXWlpSMXhMWVFXcElWN1dPY2hYbklDcnl6TDNIYkdvL01weGxGTWxBVmdQcGp4dWVt
>>>
>>> VVNycnQ3c1VpanVBK09aTGNScTlzOVg5aHZkeGZ0YUdPNEhndlFvWmV0cEgvTnFySitZUENKMjRzSC9BM0hRcEhsYVhVemdYa2QzbUpIdzdBOFBzcExESjBmbHN6L2hqbWhnQmF6OWN1SmZaQUp1eWxsbUk3NXpRekFRRklFYUtMT
>>>
>>> 2RVRW5XQWR3a2F3N1FnWXZGbmZwODk3SVowYitXWlR5WmdZYzgvY295Vi8wb293L3VOMHB6bTl3L1k4VnlUWURxdk5ZSGJnem0rOFJTRmRKc25qOTdYU05OY3hWZXA4N2QwY2d2Tk5ERWU5dXVmdkl6eVBOZmh3Y2dvYlhTampzU3
>>> g0b0tGc216eWlaWGFJVnZaYmRzYzk3Z3J5ZytWUXBmemYyRkhuanBrTExsYlMwclhhc3FQbmJCL2s9IGFuc2libGUtZ2VuZXJhdGVkIG9uIGs4Z3VpCg==',
>>> 'source': '/home/rke/.ssh/id_rsa.pub', 'changed':
>>> False, 'encoding': 'base64', 'failed': False} (type dict) in a string
>>> field was converted to u"{'content':
>>> 'c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCZ1FERjhsU2I2d01VZ
>>>
>>> zNBaWwrd1I5ajZGTFViMzE1eWp4WkpFY0huQkV6a0lwNG5rZ2RqbVpiWHFUb3FwN0hGMkdydUI0RnRzNldJMjFXQVhtSGFKekkyUXlJdHhPdjJ4R1VoVnFlTUM3MkIxZUJVaHNDNHlOZXh4VTZLN200MXVFTVJxVEFVR2wweFZZdW
>>>
>>> VrYk00S0dXWlpSMXhMWVFXcElWN1dPY2hYbklDcnl6TDNIYkdvL01weGxGTWxBVmdQcGp4dWVtVVNycnQ3c1VpanVBK09aTGNScTlzOVg5aHZkeGZ0YUdPNEhndlFvWmV0cEgvTnFySitZUENKMjRzSC9BM0hRcEhsYVhVemdYa2Q
>>>
>>> zbUpIdzdBOFBzcExESjBmbHN6L2hqbWhnQmF6OWN1SmZaQUp1eWxsbUk3NXpRekFRRklFYUtMT2RVRW5XQWR3a2F3N1FnWXZGbmZwODk3SVowYitXWlR5WmdZYzgvY295Vi8wb293L3VOMHB6bTl3L1k4VnlUWURxdk5ZSGJnem0r
>>>
>>> OFJTRmRKc25qOTdYU05OY3hWZXA4N2QwY2d2Tk5ERWU5dXVmdkl6eVBOZmh3Y2dvYlhTampzU3g0b0tGc216eWlaWGFJVnZaYmRzYzk3Z3J5ZytWUXBmemYyRkhuanBrTExsYlMwclhhc3FQbmJCL2s9IGFuc2libGUtZ2VuZXJhd
>>> GVkIG9uIGs4Z3VpCg==', 'source': '/home/rke/.ssh/id_rsa.pub', 'changed':
>>> False, 'encoding': 'base64', 'failed': False}" (type string). If this does
>>> not look like what you
>>> expect, quote the entire value to ensure it does not change.
>>> fatal: [k8node01]: FAILED! => {"changed": false, "msg": "invalid key
>>> specified: {'content':
>>> 'c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCZ1FERjhsU2I2d01VZzNBaWwrd1I5ajZGTFViMzE1eWp4WkpFY0huQkV6a0lwNG5rZ2RqbVpiWHFUb3FwN0hGMkdydUI0RnRzNldJMjFXQVhtSGFKekkyUXlJdHhPdjJ4R1VoVnFlTUM3MkIxZUJVaHNDNHlOZXh4VTZLN200MXVFTVJxVEFVR2wweFZZdWVrYk00S0dXWlpSMXhMWVFXcElWN1dPY2hYbklDcnl6TDNIYkdvL01weGxGTWxBVmdQcGp4dWVtVVNycnQ3c1VpanVBK09aTGNScTlzOVg5aHZkeGZ0YUdPNEhndlFvWmV0cEgvTnFySitZUENKMjRzSC9BM0hRcEhsYVhVemdYa2QzbUpIdzdBOFBzcExESjBmbHN6L2hqbWhnQmF6OWN1SmZaQUp1eWxsbUk3NXpRekFRRklFYUtMT2RVRW5XQWR3a2F3N1FnWXZGbmZwODk3SVowYitXWlR5WmdZYzgvY295Vi8wb293L3VOMHB6bTl3L1k4VnlUWURxdk5ZSGJnem0rOFJTRmRKc25qOTdYU05OY3hWZXA4N2QwY2d2Tk5ERWU5dXVmdkl6eVBOZmh3Y2dvYlhTampzU3g0b0tGc216eWlaWGFJVnZaYmRzYzk3Z3J5ZytWUXBmemYyRkhuanBrTExsYlMwclhhc3FQbmJCL2s9IGFuc2libGUtZ2VuZXJhdGVkIG9uIGs4Z3VpCg==',
>>> 'source': '/home/rke/.ssh/id_rsa.pub', 'changed': False, 'encoding':
>>> 'base64', 'failed': False}"}
>>> fatal: [k8node02]: FAILED! =>

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[John Petro]

glad to hear that you got it working.  Now on to the next thing, right?
hehe

--John

On Fri, Jul 22, 2022, 6:20 PM Tony Wong  wrote:

> ok finally got it working. Thanks all for your help
>
> ---
> # tasks file for createuser
> - include_vars:
>dir: vars
>
>#- name: copy id_rsa.pub to tmp for reading
>#ansible.builtin.shell:
># cmd: "{{ command2 }}"
>#register: shell_output
>#become: true
>#delegate_to: localhost
>
> - name: read id_rsa.pub
>   slurp:
> path: "{{ authorized_key }}"
>   become: yes
>   delegate_to: localhost
>   register: rke_pub_key
>
> - name: create user rke
>   ansible.builtin.user:
> name: '{{ username }}'
> shell: '{{ shell }}'
> generate_ssh_key: yes
> create_home: yes
> groups: [ "{{ group1 }}", "{{ group2 }}" ]
> append: yes
> ssh_key_file: .ssh/id_rsa
>   become: true
>
> - name: Make sure we have a 'wheel' group
>   group:
> name: wheel
> state: present
>
> - name: Allow 'wheel' group to have passwordless sudo
>   lineinfile:
> dest: /etc/sudoers
> state: present
> regexp: '^%wheel'
> line: '%wheel ALL=(ALL) NOPASSWD: ALL'
> validate: 'visudo -cf %s'
>
> - name: Setup authkeys for user rke
>   become: true
>   authorized_key:
> user: '{{ username }}'
> state: present
> *key: "{{ rke_pub_key['content'] | b64decode }}"*
> validate_certs: false
>
> On Fri, Jul 22, 2022 at 3:02 PM Tony Wong  wrote:
>
>> ok now getting different error
>>
>>
>>
>> ASK [rancherpocreplay : Setup authkeys for user rke]
>> 
>> [WARNING]: The value {'content':
>> 'c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCZ1FERjhsU2I2d01VZzNBaWwrd1I5ajZGTFViMzE1eWp4WkpFY0huQkV6a0lwNG5rZ2RqbVpiWHFUb3FwN0hGMkdydUI
>>
>> 0RnRzNldJMjFXQVhtSGFKekkyUXlJdHhPdjJ4R1VoVnFlTUM3MkIxZUJVaHNDNHlOZXh4VTZLN200MXVFTVJxVEFVR2wweFZZdWVrYk00S0dXWlpSMXhMWVFXcElWN1dPY2hYbklDcnl6TDNIYkdvL01weGxGTWxBVmdQcGp4dWVt
>>
>> VVNycnQ3c1VpanVBK09aTGNScTlzOVg5aHZkeGZ0YUdPNEhndlFvWmV0cEgvTnFySitZUENKMjRzSC9BM0hRcEhsYVhVemdYa2QzbUpIdzdBOFBzcExESjBmbHN6L2hqbWhnQmF6OWN1SmZaQUp1eWxsbUk3NXpRekFRRklFYUtMT
>>
>> 2RVRW5XQWR3a2F3N1FnWXZGbmZwODk3SVowYitXWlR5WmdZYzgvY295Vi8wb293L3VOMHB6bTl3L1k4VnlUWURxdk5ZSGJnem0rOFJTRmRKc25qOTdYU05OY3hWZXA4N2QwY2d2Tk5ERWU5dXVmdkl6eVBOZmh3Y2dvYlhTampzU3
>> g0b0tGc216eWlaWGFJVnZaYmRzYzk3Z3J5ZytWUXBmemYyRkhuanBrTExsYlMwclhhc3FQbmJCL2s9IGFuc2libGUtZ2VuZXJhdGVkIG9uIGs4Z3VpCg==',
>> 'source': '/home/rke/.ssh/id_rsa.pub', 'changed':
>> False, 'encoding': 'base64', 'failed': False} (type dict) in a string
>> field was converted to u"{'content':
>> 'c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCZ1FERjhsU2I2d01VZ
>>
>> zNBaWwrd1I5ajZGTFViMzE1eWp4WkpFY0huQkV6a0lwNG5rZ2RqbVpiWHFUb3FwN0hGMkdydUI0RnRzNldJMjFXQVhtSGFKekkyUXlJdHhPdjJ4R1VoVnFlTUM3MkIxZUJVaHNDNHlOZXh4VTZLN200MXVFTVJxVEFVR2wweFZZdW
>>
>> VrYk00S0dXWlpSMXhMWVFXcElWN1dPY2hYbklDcnl6TDNIYkdvL01weGxGTWxBVmdQcGp4dWVtVVNycnQ3c1VpanVBK09aTGNScTlzOVg5aHZkeGZ0YUdPNEhndlFvWmV0cEgvTnFySitZUENKMjRzSC9BM0hRcEhsYVhVemdYa2Q
>>
>> zbUpIdzdBOFBzcExESjBmbHN6L2hqbWhnQmF6OWN1SmZaQUp1eWxsbUk3NXpRekFRRklFYUtMT2RVRW5XQWR3a2F3N1FnWXZGbmZwODk3SVowYitXWlR5WmdZYzgvY295Vi8wb293L3VOMHB6bTl3L1k4VnlUWURxdk5ZSGJnem0r
>>
>> OFJTRmRKc25qOTdYU05OY3hWZXA4N2QwY2d2Tk5ERWU5dXVmdkl6eVBOZmh3Y2dvYlhTampzU3g0b0tGc216eWlaWGFJVnZaYmRzYzk3Z3J5ZytWUXBmemYyRkhuanBrTExsYlMwclhhc3FQbmJCL2s9IGFuc2libGUtZ2VuZXJhd
>> GVkIG9uIGs4Z3VpCg==', 'source': '/home/rke/.ssh/id_rsa.pub', 'changed':
>> False, 'encoding': 'base64', 'failed': False}" (type string). If this does
>> not look like what you
>> expect, quote the entire value to ensure it does not change.
>> fatal: [k8node01]: FAILED! => {"changed": false, "msg": "invalid key
>> specified: {'content':
>> 'c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCZ1FERjhsU2I2d01VZzNBaWwrd1I5ajZGTFViMzE1eWp4WkpFY0huQkV6a0lwNG5rZ2RqbVpiWHFUb3FwN0hGMkdydUI0RnRzNldJMjFXQVhtSGFKekkyUXlJdHhPdjJ4R1VoVnFlTUM3MkIxZUJVaHNDNHlOZXh4VTZLN200MXVFTVJxVEFVR2wweFZZdWVrYk00S0dXWlpSMXhMWVFXcElWN1dPY2hYbklDcnl6TDNIYkdvL01weGxGTWxBVmdQcGp4dWVtVVNycnQ3c1VpanVBK09aTGNScTlzOVg5aHZkeGZ0YUdPNEhndlFvWmV0cEgvTnFySitZUENKMjRzSC9BM0hRcEhsYVhVemdYa2QzbUpIdzdBOFBzcExESjBmbHN6L2hqbWhnQmF6OWN1SmZaQUp1eWxsbUk3NXpRekFRRklFYUtMT2RVRW5XQWR3a2F3N1FnWXZGbmZwODk3SVowYitXWlR5WmdZYzgvY295Vi8wb293L3VOMHB6bTl3L1k4VnlUWURxdk5ZSGJnem0rOFJTRmRKc25qOTdYU05OY3hWZXA4N2QwY2d2Tk5ERWU5dXVmdkl6eVBOZmh3Y2dvYlhTampzU3g0b0tGc216eWlaWGFJVnZaYmRzYzk3Z3J5ZytWUXBmemYyRkhuanBrTExsYlMwclhhc3FQbmJCL2s9IGFuc2libGUtZ2VuZXJhdGVkIG9uIGs4Z3VpCg==',
>> 'source': '/home/rke/.ssh/id_rsa.pub', 'changed': False, 'encoding':
>> 'base64', 'failed': False}"}
>> fatal: [k8node02]: FAILED! => {"changed": false, "msg": "invalid key
>> specified: {'content':
>> 'c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCZ1FERjhsU2I2d01VZzNBaWwrd1I5ajZGTFViMzE1eWp4WkpFY0huQkV6a0lwNG5rZ2RqbVpiWHFUb3FwN0hGMkdydUI0RnRzNldJMjFXQVhtSGFKekkyUXlJdHhPdjJ4R1VoVnFlTUM3MkIxZUJV

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Tony Wong]

ok finally got it working. Thanks all for your help

---
# tasks file for createuser
- include_vars:
   dir: vars

   #- name: copy id_rsa.pub to tmp for reading
   #ansible.builtin.shell:
   # cmd: "{{ command2 }}"
   #register: shell_output
   #become: true
   #delegate_to: localhost

- name: read id_rsa.pub
  slurp:
path: "{{ authorized_key }}"
  become: yes
  delegate_to: localhost
  register: rke_pub_key

- name: create user rke
  ansible.builtin.user:
name: '{{ username }}'
shell: '{{ shell }}'
generate_ssh_key: yes
create_home: yes
groups: [ "{{ group1 }}", "{{ group2 }}" ]
append: yes
ssh_key_file: .ssh/id_rsa
  become: true

- name: Make sure we have a 'wheel' group
  group:
name: wheel
state: present

- name: Allow 'wheel' group to have passwordless sudo
  lineinfile:
dest: /etc/sudoers
state: present
regexp: '^%wheel'
line: '%wheel ALL=(ALL) NOPASSWD: ALL'
validate: 'visudo -cf %s'

- name: Setup authkeys for user rke
  become: true
  authorized_key:
user: '{{ username }}'
state: present
*key: "{{ rke_pub_key['content'] | b64decode }}"*
validate_certs: false

On Fri, Jul 22, 2022 at 3:02 PM Tony Wong  wrote:

> ok now getting different error
>
>
>
> ASK [rancherpocreplay : Setup authkeys for user rke]
> 
> [WARNING]: The value {'content':
> 'c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCZ1FERjhsU2I2d01VZzNBaWwrd1I5ajZGTFViMzE1eWp4WkpFY0huQkV6a0lwNG5rZ2RqbVpiWHFUb3FwN0hGMkdydUI
>
> 0RnRzNldJMjFXQVhtSGFKekkyUXlJdHhPdjJ4R1VoVnFlTUM3MkIxZUJVaHNDNHlOZXh4VTZLN200MXVFTVJxVEFVR2wweFZZdWVrYk00S0dXWlpSMXhMWVFXcElWN1dPY2hYbklDcnl6TDNIYkdvL01weGxGTWxBVmdQcGp4dWVt
>
> VVNycnQ3c1VpanVBK09aTGNScTlzOVg5aHZkeGZ0YUdPNEhndlFvWmV0cEgvTnFySitZUENKMjRzSC9BM0hRcEhsYVhVemdYa2QzbUpIdzdBOFBzcExESjBmbHN6L2hqbWhnQmF6OWN1SmZaQUp1eWxsbUk3NXpRekFRRklFYUtMT
>
> 2RVRW5XQWR3a2F3N1FnWXZGbmZwODk3SVowYitXWlR5WmdZYzgvY295Vi8wb293L3VOMHB6bTl3L1k4VnlUWURxdk5ZSGJnem0rOFJTRmRKc25qOTdYU05OY3hWZXA4N2QwY2d2Tk5ERWU5dXVmdkl6eVBOZmh3Y2dvYlhTampzU3
> g0b0tGc216eWlaWGFJVnZaYmRzYzk3Z3J5ZytWUXBmemYyRkhuanBrTExsYlMwclhhc3FQbmJCL2s9IGFuc2libGUtZ2VuZXJhdGVkIG9uIGs4Z3VpCg==',
> 'source': '/home/rke/.ssh/id_rsa.pub', 'changed':
> False, 'encoding': 'base64', 'failed': False} (type dict) in a string
> field was converted to u"{'content':
> 'c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCZ1FERjhsU2I2d01VZ
>
> zNBaWwrd1I5ajZGTFViMzE1eWp4WkpFY0huQkV6a0lwNG5rZ2RqbVpiWHFUb3FwN0hGMkdydUI0RnRzNldJMjFXQVhtSGFKekkyUXlJdHhPdjJ4R1VoVnFlTUM3MkIxZUJVaHNDNHlOZXh4VTZLN200MXVFTVJxVEFVR2wweFZZdW
>
> VrYk00S0dXWlpSMXhMWVFXcElWN1dPY2hYbklDcnl6TDNIYkdvL01weGxGTWxBVmdQcGp4dWVtVVNycnQ3c1VpanVBK09aTGNScTlzOVg5aHZkeGZ0YUdPNEhndlFvWmV0cEgvTnFySitZUENKMjRzSC9BM0hRcEhsYVhVemdYa2Q
>
> zbUpIdzdBOFBzcExESjBmbHN6L2hqbWhnQmF6OWN1SmZaQUp1eWxsbUk3NXpRekFRRklFYUtMT2RVRW5XQWR3a2F3N1FnWXZGbmZwODk3SVowYitXWlR5WmdZYzgvY295Vi8wb293L3VOMHB6bTl3L1k4VnlUWURxdk5ZSGJnem0r
>
> OFJTRmRKc25qOTdYU05OY3hWZXA4N2QwY2d2Tk5ERWU5dXVmdkl6eVBOZmh3Y2dvYlhTampzU3g0b0tGc216eWlaWGFJVnZaYmRzYzk3Z3J5ZytWUXBmemYyRkhuanBrTExsYlMwclhhc3FQbmJCL2s9IGFuc2libGUtZ2VuZXJhd
> GVkIG9uIGs4Z3VpCg==', 'source': '/home/rke/.ssh/id_rsa.pub', 'changed':
> False, 'encoding': 'base64', 'failed': False}" (type string). If this does
> not look like what you
> expect, quote the entire value to ensure it does not change.
> fatal: [k8node01]: FAILED! => {"changed": false, "msg": "invalid key
> specified: {'content':
> 'c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCZ1FERjhsU2I2d01VZzNBaWwrd1I5ajZGTFViMzE1eWp4WkpFY0huQkV6a0lwNG5rZ2RqbVpiWHFUb3FwN0hGMkdydUI0RnRzNldJMjFXQVhtSGFKekkyUXlJdHhPdjJ4R1VoVnFlTUM3MkIxZUJVaHNDNHlOZXh4VTZLN200MXVFTVJxVEFVR2wweFZZdWVrYk00S0dXWlpSMXhMWVFXcElWN1dPY2hYbklDcnl6TDNIYkdvL01weGxGTWxBVmdQcGp4dWVtVVNycnQ3c1VpanVBK09aTGNScTlzOVg5aHZkeGZ0YUdPNEhndlFvWmV0cEgvTnFySitZUENKMjRzSC9BM0hRcEhsYVhVemdYa2QzbUpIdzdBOFBzcExESjBmbHN6L2hqbWhnQmF6OWN1SmZaQUp1eWxsbUk3NXpRekFRRklFYUtMT2RVRW5XQWR3a2F3N1FnWXZGbmZwODk3SVowYitXWlR5WmdZYzgvY295Vi8wb293L3VOMHB6bTl3L1k4VnlUWURxdk5ZSGJnem0rOFJTRmRKc25qOTdYU05OY3hWZXA4N2QwY2d2Tk5ERWU5dXVmdkl6eVBOZmh3Y2dvYlhTampzU3g0b0tGc216eWlaWGFJVnZaYmRzYzk3Z3J5ZytWUXBmemYyRkhuanBrTExsYlMwclhhc3FQbmJCL2s9IGFuc2libGUtZ2VuZXJhdGVkIG9uIGs4Z3VpCg==',
> 'source': '/home/rke/.ssh/id_rsa.pub', 'changed': False, 'encoding':
> 'base64', 'failed': False}"}
> fatal: [k8node02]: FAILED! => {"changed": false, "msg": "invalid key
> specified: {'content':
> 'c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCZ1FERjhsU2I2d01VZzNBaWwrd1I5ajZGTFViMzE1eWp4WkpFY0huQkV6a0lwNG5rZ2RqbVpiWHFUb3FwN0hGMkdydUI0RnRzNldJMjFXQVhtSGFKekkyUXlJdHhPdjJ4R1VoVnFlTUM3MkIxZUJVaHNDNHlOZXh4VTZLN200MXVFTVJxVEFVR2wweFZZdWVrYk00S0dXWlpSMXhMWVFXcElWN1dPY2hYbklDcnl6TDNIYkdvL01weGxGTWxBVmdQcGp4dWVtVVNycnQ3c1VpanVBK09aTGNScTlzOVg5aHZkeGZ0YUdPNEhndlFvWmV0cEgvTnFySitZUENKMjRzSC9BM0hRcEhsYVhVemdYa2QzbUpIdzdBOFBzcExESjBmbHN6L2hqbWhnQmF6OWN1SmZaQUp1eWxsbUk3NXp

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Tony Wong]

ok now getting different error



ASK [rancherpocreplay : Setup authkeys for user rke]

[WARNING]: The value {'content':
'c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCZ1FERjhsU2I2d01VZzNBaWwrd1I5ajZGTFViMzE1eWp4WkpFY0huQkV6a0lwNG5rZ2RqbVpiWHFUb3FwN0hGMkdydUI
0RnRzNldJMjFXQVhtSGFKekkyUXlJdHhPdjJ4R1VoVnFlTUM3MkIxZUJVaHNDNHlOZXh4VTZLN200MXVFTVJxVEFVR2wweFZZdWVrYk00S0dXWlpSMXhMWVFXcElWN1dPY2hYbklDcnl6TDNIYkdvL01weGxGTWxBVmdQcGp4dWVt
VVNycnQ3c1VpanVBK09aTGNScTlzOVg5aHZkeGZ0YUdPNEhndlFvWmV0cEgvTnFySitZUENKMjRzSC9BM0hRcEhsYVhVemdYa2QzbUpIdzdBOFBzcExESjBmbHN6L2hqbWhnQmF6OWN1SmZaQUp1eWxsbUk3NXpRekFRRklFYUtMT
2RVRW5XQWR3a2F3N1FnWXZGbmZwODk3SVowYitXWlR5WmdZYzgvY295Vi8wb293L3VOMHB6bTl3L1k4VnlUWURxdk5ZSGJnem0rOFJTRmRKc25qOTdYU05OY3hWZXA4N2QwY2d2Tk5ERWU5dXVmdkl6eVBOZmh3Y2dvYlhTampzU3
g0b0tGc216eWlaWGFJVnZaYmRzYzk3Z3J5ZytWUXBmemYyRkhuanBrTExsYlMwclhhc3FQbmJCL2s9IGFuc2libGUtZ2VuZXJhdGVkIG9uIGs4Z3VpCg==',
'source': '/home/rke/.ssh/id_rsa.pub', 'changed':
False, 'encoding': 'base64', 'failed': False} (type dict) in a string field
was converted to u"{'content':
'c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCZ1FERjhsU2I2d01VZ
zNBaWwrd1I5ajZGTFViMzE1eWp4WkpFY0huQkV6a0lwNG5rZ2RqbVpiWHFUb3FwN0hGMkdydUI0RnRzNldJMjFXQVhtSGFKekkyUXlJdHhPdjJ4R1VoVnFlTUM3MkIxZUJVaHNDNHlOZXh4VTZLN200MXVFTVJxVEFVR2wweFZZdW
VrYk00S0dXWlpSMXhMWVFXcElWN1dPY2hYbklDcnl6TDNIYkdvL01weGxGTWxBVmdQcGp4dWVtVVNycnQ3c1VpanVBK09aTGNScTlzOVg5aHZkeGZ0YUdPNEhndlFvWmV0cEgvTnFySitZUENKMjRzSC9BM0hRcEhsYVhVemdYa2Q
zbUpIdzdBOFBzcExESjBmbHN6L2hqbWhnQmF6OWN1SmZaQUp1eWxsbUk3NXpRekFRRklFYUtMT2RVRW5XQWR3a2F3N1FnWXZGbmZwODk3SVowYitXWlR5WmdZYzgvY295Vi8wb293L3VOMHB6bTl3L1k4VnlUWURxdk5ZSGJnem0r
OFJTRmRKc25qOTdYU05OY3hWZXA4N2QwY2d2Tk5ERWU5dXVmdkl6eVBOZmh3Y2dvYlhTampzU3g0b0tGc216eWlaWGFJVnZaYmRzYzk3Z3J5ZytWUXBmemYyRkhuanBrTExsYlMwclhhc3FQbmJCL2s9IGFuc2libGUtZ2VuZXJhd
GVkIG9uIGs4Z3VpCg==', 'source': '/home/rke/.ssh/id_rsa.pub', 'changed':
False, 'encoding': 'base64', 'failed': False}" (type string). If this does
not look like what you
expect, quote the entire value to ensure it does not change.
fatal: [k8node01]: FAILED! => {"changed": false, "msg": "invalid key
specified: {'content':
'c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCZ1FERjhsU2I2d01VZzNBaWwrd1I5ajZGTFViMzE1eWp4WkpFY0huQkV6a0lwNG5rZ2RqbVpiWHFUb3FwN0hGMkdydUI0RnRzNldJMjFXQVhtSGFKekkyUXlJdHhPdjJ4R1VoVnFlTUM3MkIxZUJVaHNDNHlOZXh4VTZLN200MXVFTVJxVEFVR2wweFZZdWVrYk00S0dXWlpSMXhMWVFXcElWN1dPY2hYbklDcnl6TDNIYkdvL01weGxGTWxBVmdQcGp4dWVtVVNycnQ3c1VpanVBK09aTGNScTlzOVg5aHZkeGZ0YUdPNEhndlFvWmV0cEgvTnFySitZUENKMjRzSC9BM0hRcEhsYVhVemdYa2QzbUpIdzdBOFBzcExESjBmbHN6L2hqbWhnQmF6OWN1SmZaQUp1eWxsbUk3NXpRekFRRklFYUtMT2RVRW5XQWR3a2F3N1FnWXZGbmZwODk3SVowYitXWlR5WmdZYzgvY295Vi8wb293L3VOMHB6bTl3L1k4VnlUWURxdk5ZSGJnem0rOFJTRmRKc25qOTdYU05OY3hWZXA4N2QwY2d2Tk5ERWU5dXVmdkl6eVBOZmh3Y2dvYlhTampzU3g0b0tGc216eWlaWGFJVnZaYmRzYzk3Z3J5ZytWUXBmemYyRkhuanBrTExsYlMwclhhc3FQbmJCL2s9IGFuc2libGUtZ2VuZXJhdGVkIG9uIGs4Z3VpCg==',
'source': '/home/rke/.ssh/id_rsa.pub', 'changed': False, 'encoding':
'base64', 'failed': False}"}
fatal: [k8node02]: FAILED! => {"changed": false, "msg": "invalid key
specified: {'content':
'c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCZ1FERjhsU2I2d01VZzNBaWwrd1I5ajZGTFViMzE1eWp4WkpFY0huQkV6a0lwNG5rZ2RqbVpiWHFUb3FwN0hGMkdydUI0RnRzNldJMjFXQVhtSGFKekkyUXlJdHhPdjJ4R1VoVnFlTUM3MkIxZUJVaHNDNHlOZXh4VTZLN200MXVFTVJxVEFVR2wweFZZdWVrYk00S0dXWlpSMXhMWVFXcElWN1dPY2hYbklDcnl6TDNIYkdvL01weGxGTWxBVmdQcGp4dWVtVVNycnQ3c1VpanVBK09aTGNScTlzOVg5aHZkeGZ0YUdPNEhndlFvWmV0cEgvTnFySitZUENKMjRzSC9BM0hRcEhsYVhVemdYa2QzbUpIdzdBOFBzcExESjBmbHN6L2hqbWhnQmF6OWN1SmZaQUp1eWxsbUk3NXpRekFRRklFYUtMT2RVRW5XQWR3a2F3N1FnWXZGbmZwODk3SVowYitXWlR5WmdZYzgvY295Vi8wb293L3VOMHB6bTl3L1k4VnlUWURxdk5ZSGJnem0rOFJTRmRKc25qOTdYU05OY3hWZXA4N2QwY2d2Tk5ERWU5dXVmdkl6eVBOZmh3Y2dvYlhTampzU3g0b0tGc216eWlaWGFJVnZaYmRzYzk3Z3J5ZytWUXBmemYyRkhuanBrTExsYlMwclhhc3FQbmJCL2s9IGFuc2libGUtZ2VuZXJhdGVkIG9uIGs4Z3VpCg==',
'source': '/home/rke/.ssh/id_rsa.pub', 'changed': False, 'encoding':
'base64', 'failed': False}"}
fatal: [k8master]: FAILED! => {"changed": false, "msg": "invalid key
specified: {'content':
'c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCZ1FERjhsU2I2d01VZzNBaWwrd1I5ajZGTFViMzE1eWp4WkpFY0huQkV6a0lwNG5rZ2RqbVpiWHFUb3FwN0hGMkdydUI0RnRzNldJMjFXQVhtSGFKekkyUXlJdHhPdjJ4R1VoVnFlTUM3MkIxZUJVaHNDNHlOZXh4VTZLN200MXVFTVJxVEFVR2wweFZZdWVrYk00S0dXWlpSMXhMWVFXcElWN1dPY2hYbklDcnl6TDNIYkdvL01weGxGTWxBVmdQcGp4dWVtVVNycnQ3c1VpanVBK09aTGNScTlzOVg5aHZkeGZ0YUdPNEhndlFvWmV0cEgvTnFySitZUENKMjRzSC9BM0hRcEhsYVhVemdYa2QzbUpIdzdBOFBzcExESjBmbHN6L2hqbWhnQmF6OWN1SmZaQUp1eWxsbUk3NXpRekFRRklFYUtMT2RVRW5XQWR3a2F3N1FnWXZGbmZwODk3SVowYitXWlR5WmdZYzgvY295Vi8wb293L3VOMHB6bTl3L1k4VnlUWURxdk5ZSGJnem0rOFJTRmRKc25qOTdYU05OY3hWZXA4N2QwY2d2Tk5ERWU5dXVmdkl6eVBOZmh3Y2dvYlhTampzU3g0b0tGc216eWlaWGFJVnZaYmRzYzk3Z3J5ZytWUXBmemYyRkhuanBrTExsYlMwclhhc3FQbmJCL2s9IGFuc2libGUtZ2VuZXJhdGVkIG9uIGs4Z3VpCg==',
'source': '

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[John Petro]

The one thing I will add to this, is that if you are using ansible 2.9.x,
make sure you are looking at that version of the docs.  Some of the
problems you might be having could be from exactly what Todd was getting
at.  This goes for the module that was suggested to you earlier for this
task. ( the ssh_key module ) if you haven't already looked at the 2.9
specific documentation.

When it comes to this, I also have found google to be my friend in these
cases.  It will many times, point me to a github repository where someone
has written something similar to what I am trying to do, which definitely
has helped get me on the right track more than a few times.  Hope you are
able to get this worked out.

--John

On Fri, Jul 22, 2022 at 4:28 PM Todd Lewis  wrote:

> The error message is pretty clear: the command module doesn't have a "cmd"
> parameter. (Then it helpfully lists the parameters it does have.)
> You could say
>
>   ansible.builtin.shell: "{{ command2 }}"
>
> But Brian already gave you a solution, which I'll repeat here:
> You either need to run ansible-playbook as a user with permissions (rke,
> root?)
> or use a task to read the file while using privilege escalation (become):
>  - slurp:
>  path: , '*/home/rke/*.ssh/id_rsa.pub'
>become: yes
>delegate_to: localhost
>register: rke_pub_key
> This is the equivalent of you doing `sudo cat */home/rke/*.ssh/id_rsa.pub'
> (lookups always run 'locally and are not affected by become, which only
> affects the 'remote' side of a task).
>
>
>
> On Friday, July 22, 2022 at 2:06:55 PM UTC-4 tdub...@gmail.com wrote:
>
>>
>> trying to do this another way
>>
>> - name: copy id_rsa.pub to tmp for reading on localhost
>>   ansible.builtin.shell:
>> cmd: "{{ command2 }}"
>>   register: shell_output
>>   become: true
>>   delegate_to: localhost
>>
>>
>> where command2 is 'cp /home/rke/.ssh/id_rsa.pub /tmp'
>>
>> I am trying to run this only on the ansible controller (localhost)
>>
>> but it looks like its trying to run on remote nodes
>>
>>
>> fatal: [k8node02 -> localhost]: FAILED! => {"changed": false, "msg":
>> "Unsupported parameters for (command) module: cmd Supported parameters
>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>> fatal: [k8master -> localhost]: FAILED! => {"changed": false, "msg":
>> "Unsupported parameters for (command) module: cmd Supported parameters
>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>> fatal: [k8node01 -> localhost]: FAILED! => {"changed": false, "msg":
>> "Unsupported parameters for (command) module: cmd Supported parameters
>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>>
>>
>> any idea?
>> On Thursday, July 21, 2022 at 9:42:44 AM UTC-7 Tony Wong wrote:
>>
>>> do you mean something like this?
>>>
>>>
>>> ---
>>> # tasks file for createuser
>>> - include_vars:
>>>dir: vars
>>>
>>>
>>>
>>>
>>> *- name: Get id_rsa.pub from localhost  set_fact:auth_key: "{{
>>> lookup('file', '/home/rke/.ssh/id_rsa.pub')}}"  delegate_to: localhost*
>>>
>>> - name: create user rke
>>>   ansible.builtin.user:
>>> name: '{{ username }}'
>>> shell: '{{ shell }}'
>>> generate_ssh_key: yes
>>> create_home: yes
>>> groups: [ "{{ group1 }}", "{{ group2 }}" ]
>>> append: yes
>>> ssh_key_file: .ssh/id_rsa
>>>   become: true
>>>
>>> - name: Make sure we have a 'wheel' group
>>>   group:
>>> name: wheel
>>> state: present
>>>
>>> - name: Allow 'wheel' group to have passwordless sudo
>>>   lineinfile:
>>> dest: /etc/sudoers
>>> state: present
>>> regexp: '^%wheel'
>>> line: '%wheel ALL=(ALL) NOPASSWD: ALL'
>>> validate: 'visudo -cf %s'
>>>
>>>
>>> - name: Setup authkeys for user rke
>>>   become: true
>>>
>>>   authorized_key:
>>> user: '{{ username }}'
>>> state: present
>>> key: auth_key
>>>
>>>
>>>
>>> On Thu, Jul 21, 2022 at 7:48 AM Dick Visser  wrote:
>>>
 On Thu, 21 Jul 2022 at 16:32, Tony Wong  wrote:
 >
 > yes it does, but the user (ansible) i am running the playbook with
 even though it has sudo rights and in root group cant access that folder.


 Your authorized_keys task is run on the remote host, but using the
 lookup/file plugin in one of the arguments doesn't allow for privilege
 escalation locally.
 I think for fetching the materials, you should have an initial
 set_fact task with delegate_to=localhost and set become=true on that.

 (not verified)



 > i tried to copy the id_rsa.pub to /tmp and it works
 >
 > On Thu, Jul 21, 2022 at 7:10 AM John Petro 
 wrote:
 >>
 >> Does /home/rke/.ssh/id_pub.rsa exist on the host you are running the
 ansible playbook from?  Also, what happens if you try to do a ls on th

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Todd Lewis]

The error message is pretty clear: the command module doesn't have a "cmd" 
parameter. (Then it helpfully lists the parameters it does have.)
You could say

  ansible.builtin.shell: "{{ command2 }}"

But Brian already gave you a solution, which I'll repeat here:
You either need to run ansible-playbook as a user with permissions (rke, 
root?)
or use a task to read the file while using privilege escalation (become):
 - slurp:
 path: , '*/home/rke/*.ssh/id_rsa.pub'
   become: yes
   delegate_to: localhost
   register: rke_pub_key
This is the equivalent of you doing `sudo cat */home/rke/*.ssh/id_rsa.pub'
(lookups always run 'locally and are not affected by become, which only 
affects the 'remote' side of a task).



On Friday, July 22, 2022 at 2:06:55 PM UTC-4 tdub...@gmail.com wrote:

>
> trying to do this another way
>
> - name: copy id_rsa.pub to tmp for reading on localhost
>   ansible.builtin.shell:
> cmd: "{{ command2 }}"
>   register: shell_output
>   become: true
>   delegate_to: localhost
>
>
> where command2 is 'cp /home/rke/.ssh/id_rsa.pub /tmp'
>
> I am trying to run this only on the ansible controller (localhost)
>
> but it looks like its trying to run on remote nodes
>
>
> fatal: [k8node02 -> localhost]: FAILED! => {"changed": false, "msg": 
> "Unsupported parameters for (command) module: cmd Supported parameters 
> include: _raw_params, _uses_shell, argv, chdir, creates, executable, 
> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
> fatal: [k8master -> localhost]: FAILED! => {"changed": false, "msg": 
> "Unsupported parameters for (command) module: cmd Supported parameters 
> include: _raw_params, _uses_shell, argv, chdir, creates, executable, 
> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
> fatal: [k8node01 -> localhost]: FAILED! => {"changed": false, "msg": 
> "Unsupported parameters for (command) module: cmd Supported parameters 
> include: _raw_params, _uses_shell, argv, chdir, creates, executable, 
> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>
>
> any idea?
> On Thursday, July 21, 2022 at 9:42:44 AM UTC-7 Tony Wong wrote:
>
>> do you mean something like this?
>>
>>
>> ---
>> # tasks file for createuser
>> - include_vars:
>>dir: vars
>>
>>
>>
>>
>> *- name: Get id_rsa.pub from localhost  set_fact:auth_key: "{{ 
>> lookup('file', '/home/rke/.ssh/id_rsa.pub')}}"  delegate_to: localhost*
>>
>> - name: create user rke
>>   ansible.builtin.user:
>> name: '{{ username }}'
>> shell: '{{ shell }}'
>> generate_ssh_key: yes
>> create_home: yes
>> groups: [ "{{ group1 }}", "{{ group2 }}" ]
>> append: yes  
>> ssh_key_file: .ssh/id_rsa
>>   become: true
>>
>> - name: Make sure we have a 'wheel' group
>>   group:
>> name: wheel
>> state: present
>>
>> - name: Allow 'wheel' group to have passwordless sudo
>>   lineinfile:
>> dest: /etc/sudoers
>> state: present
>> regexp: '^%wheel'
>> line: '%wheel ALL=(ALL) NOPASSWD: ALL'
>> validate: 'visudo -cf %s'
>>
>>
>> - name: Setup authkeys for user rke
>>   become: true
>>
>>   authorized_key:
>> user: '{{ username }}'
>> state: present
>> key: auth_key
>>
>>
>>
>> On Thu, Jul 21, 2022 at 7:48 AM Dick Visser  wrote:
>>
>>> On Thu, 21 Jul 2022 at 16:32, Tony Wong  wrote:
>>> >
>>> > yes it does, but the user (ansible) i am running the playbook with 
>>> even though it has sudo rights and in root group cant access that folder.
>>>
>>>
>>> Your authorized_keys task is run on the remote host, but using the
>>> lookup/file plugin in one of the arguments doesn't allow for privilege
>>> escalation locally.
>>> I think for fetching the materials, you should have an initial
>>> set_fact task with delegate_to=localhost and set become=true on that.
>>>
>>> (not verified)
>>>
>>>
>>>
>>> > i tried to copy the id_rsa.pub to /tmp and it works
>>> >
>>> > On Thu, Jul 21, 2022 at 7:10 AM John Petro  
>>> wrote:
>>> >>
>>> >> Does /home/rke/.ssh/id_pub.rsa exist on the host you are running the 
>>> ansible playbook from?  Also, what happens if you try to do a ls on that 
>>> directory as the user that is executing the ansible playbook, are you 
>>> getting any errors?
>>> >>
>>> >> On Thu, Jul 21, 2022 at 9:09 AM Tony Wong  wrote:
>>> >>>
>>> >>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected 
>>> paths (use -v to see paths)
>>> >>> fatal: [k8master]: FAILED! => {"msg": "An unhandled exception 
>>> occurred while running the lookup plugin 'file'. Error was a >> 'ansible.errors.AnsibleError'>, original message: could not locate file in 
>>> lookup: /home/rke/.ssh/id_pub.rsa"}
>>> >>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected 
>>> paths (use -v to see paths)
>>> >>> fatal: [k8node01]: FAILED! => {"msg": "An unhandled exception 
>>> occurred while running the lookup plugin 'file'. Error was a >> 'ansible.errors.AnsibleError'>, original message: could not locate file in 
>>> lookup: /home/rke/.ssh/id_pu

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Tony Wong]

ansible 2.9.6
  config file = /etc/ansible/ansible.cfg
  configured module search path =
['/home/ansible/.ansible/plugins/modules',
'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3/dist-packages/ansible
  executable location = /usr/bin/ansible
  python version = 3.8.10 (default, Jun 22 2022, 20:18:18) [GCC 9.4.0]

On Fri, Jul 22, 2022 at 11:40 AM John Petro  wrote:

> What ansible version do you have installed
>
> On Fri, Jul 22, 2022 at 2:37 PM Tony Wong  wrote:
>
>> still failed
>>
>> TASK [rancherpocreplay : copy id_rsa.pub to tmp for reading]
>> *
>> fatal: [k8master -> localhost]: FAILED! => {"changed": false, "msg":
>> "Unsupported parameters for (command) module: cmd Supported parameters
>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>> fatal: [k8node02 -> localhost]: FAILED! => {"changed": false, "msg":
>> "Unsupported parameters for (command) module: cmd Supported parameters
>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>> fatal: [k8node01 -> localhost]: FAILED! => {"changed": false, "msg":
>> "Unsupported parameters for (command) module: cmd Supported parameters
>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>>
>> On Fri, Jul 22, 2022 at 11:32 AM John Petro 
>> wrote:
>>
>>> just for giggles, have you tried putting a sudo in front of your
>>> command?  I am not saying this would work, but just curious if maybe the
>>> "become" is being honored on the remote site only, so locally it might
>>> still be running as whatever local user you are running the ansible
>>> playbook as.
>>>
>>> On Fri, Jul 22, 2022 at 2:21 PM Tony Wong  wrote:
>>>
 trying to copy id_rsa.pub for a user (rke) on my ansible controller to
 authorized_keys on remote hosts

 I am running ansible playbook as user ansible

 since ansible user cannt access /home/rke/.ssh, it cannot lookup the
 pub key

 I tried elevating privileges on lookup tasks and cannot do it



 On Fri, Jul 22, 2022 at 11:12 AM John Petro 
 wrote:

> I am sure you have mentioned this before, so forgive me if it's a
> repeat. I couldn't find the email in my inbox.  What is it you are trying
> to do again?
>
> On Fri, Jul 22, 2022 at 2:07 PM Tony Wong  wrote:
>
>>
>> trying to do this another way
>>
>> - name: copy id_rsa.pub to tmp for reading on localhost
>>   ansible.builtin.shell:
>> cmd: "{{ command2 }}"
>>   register: shell_output
>>   become: true
>>   delegate_to: localhost
>>
>>
>> where command2 is 'cp /home/rke/.ssh/id_rsa.pub /tmp'
>>
>> I am trying to run this only on the ansible controller (localhost)
>>
>> but it looks like its trying to run on remote nodes
>>
>>
>> fatal: [k8node02 -> localhost]: FAILED! => {"changed": false, "msg":
>> "Unsupported parameters for (command) module: cmd Supported parameters
>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>> fatal: [k8master -> localhost]: FAILED! => {"changed": false, "msg":
>> "Unsupported parameters for (command) module: cmd Supported parameters
>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>> fatal: [k8node01 -> localhost]: FAILED! => {"changed": false, "msg":
>> "Unsupported parameters for (command) module: cmd Supported parameters
>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>>
>>
>> any idea?
>> On Thursday, July 21, 2022 at 9:42:44 AM UTC-7 Tony Wong wrote:
>>
>>> do you mean something like this?
>>>
>>>
>>> ---
>>> # tasks file for createuser
>>> - include_vars:
>>>dir: vars
>>>
>>>
>>>
>>>
>>> *- name: Get id_rsa.pub from localhost  set_fact:auth_key: "{{
>>> lookup('file', '/home/rke/.ssh/id_rsa.pub')}}"  delegate_to: localhost*
>>>
>>> - name: create user rke
>>>   ansible.builtin.user:
>>> name: '{{ username }}'
>>> shell: '{{ shell }}'
>>> generate_ssh_key: yes
>>> create_home: yes
>>> groups: [ "{{ group1 }}", "{{ group2 }}" ]
>>> append: yes
>>> ssh_key_file: .ssh/id_rsa
>>>   become: true
>>>
>>> - name: Make sure we have a 'wheel' group
>>>   group:
>>> name: wheel
>>> state: present
>>>
>>> - name: Allow 'wheel' group to h

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[John Petro]

What ansible version do you have installed

On Fri, Jul 22, 2022 at 2:37 PM Tony Wong  wrote:

> still failed
>
> TASK [rancherpocreplay : copy id_rsa.pub to tmp for reading]
> *
> fatal: [k8master -> localhost]: FAILED! => {"changed": false, "msg":
> "Unsupported parameters for (command) module: cmd Supported parameters
> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
> fatal: [k8node02 -> localhost]: FAILED! => {"changed": false, "msg":
> "Unsupported parameters for (command) module: cmd Supported parameters
> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
> fatal: [k8node01 -> localhost]: FAILED! => {"changed": false, "msg":
> "Unsupported parameters for (command) module: cmd Supported parameters
> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>
> On Fri, Jul 22, 2022 at 11:32 AM John Petro  wrote:
>
>> just for giggles, have you tried putting a sudo in front of your
>> command?  I am not saying this would work, but just curious if maybe the
>> "become" is being honored on the remote site only, so locally it might
>> still be running as whatever local user you are running the ansible
>> playbook as.
>>
>> On Fri, Jul 22, 2022 at 2:21 PM Tony Wong  wrote:
>>
>>> trying to copy id_rsa.pub for a user (rke) on my ansible controller to
>>> authorized_keys on remote hosts
>>>
>>> I am running ansible playbook as user ansible
>>>
>>> since ansible user cannt access /home/rke/.ssh, it cannot lookup the pub
>>> key
>>>
>>> I tried elevating privileges on lookup tasks and cannot do it
>>>
>>>
>>>
>>> On Fri, Jul 22, 2022 at 11:12 AM John Petro 
>>> wrote:
>>>
 I am sure you have mentioned this before, so forgive me if it's a
 repeat. I couldn't find the email in my inbox.  What is it you are trying
 to do again?

 On Fri, Jul 22, 2022 at 2:07 PM Tony Wong  wrote:

>
> trying to do this another way
>
> - name: copy id_rsa.pub to tmp for reading on localhost
>   ansible.builtin.shell:
> cmd: "{{ command2 }}"
>   register: shell_output
>   become: true
>   delegate_to: localhost
>
>
> where command2 is 'cp /home/rke/.ssh/id_rsa.pub /tmp'
>
> I am trying to run this only on the ansible controller (localhost)
>
> but it looks like its trying to run on remote nodes
>
>
> fatal: [k8node02 -> localhost]: FAILED! => {"changed": false, "msg":
> "Unsupported parameters for (command) module: cmd Supported parameters
> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
> fatal: [k8master -> localhost]: FAILED! => {"changed": false, "msg":
> "Unsupported parameters for (command) module: cmd Supported parameters
> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
> fatal: [k8node01 -> localhost]: FAILED! => {"changed": false, "msg":
> "Unsupported parameters for (command) module: cmd Supported parameters
> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>
>
> any idea?
> On Thursday, July 21, 2022 at 9:42:44 AM UTC-7 Tony Wong wrote:
>
>> do you mean something like this?
>>
>>
>> ---
>> # tasks file for createuser
>> - include_vars:
>>dir: vars
>>
>>
>>
>>
>> *- name: Get id_rsa.pub from localhost  set_fact:auth_key: "{{
>> lookup('file', '/home/rke/.ssh/id_rsa.pub')}}"  delegate_to: localhost*
>>
>> - name: create user rke
>>   ansible.builtin.user:
>> name: '{{ username }}'
>> shell: '{{ shell }}'
>> generate_ssh_key: yes
>> create_home: yes
>> groups: [ "{{ group1 }}", "{{ group2 }}" ]
>> append: yes
>> ssh_key_file: .ssh/id_rsa
>>   become: true
>>
>> - name: Make sure we have a 'wheel' group
>>   group:
>> name: wheel
>> state: present
>>
>> - name: Allow 'wheel' group to have passwordless sudo
>>   lineinfile:
>> dest: /etc/sudoers
>> state: present
>> regexp: '^%wheel'
>> line: '%wheel ALL=(ALL) NOPASSWD: ALL'
>> validate: 'visudo -cf %s'
>>
>>
>> - name: Setup authkeys for user rke
>>   become: true
>>
>>   authorized_key:
>> user: '{{ username }}'
>> state: present
>> key: auth_key
>>
>>
>>
>> On Thu, Jul 21, 2022 at 7:48 AM Dick Visser 
>> wrote:
>>
>>> On Thu, 21 Jul 2022 

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Tony Wong]

still failed

TASK [rancherpocreplay : copy id_rsa.pub to tmp for reading]
*
fatal: [k8master -> localhost]: FAILED! => {"changed": false, "msg":
"Unsupported parameters for (command) module: cmd Supported parameters
include: _raw_params, _uses_shell, argv, chdir, creates, executable,
removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
fatal: [k8node02 -> localhost]: FAILED! => {"changed": false, "msg":
"Unsupported parameters for (command) module: cmd Supported parameters
include: _raw_params, _uses_shell, argv, chdir, creates, executable,
removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
fatal: [k8node01 -> localhost]: FAILED! => {"changed": false, "msg":
"Unsupported parameters for (command) module: cmd Supported parameters
include: _raw_params, _uses_shell, argv, chdir, creates, executable,
removes, stdin, stdin_add_newline, strip_empty_ends, warn"}

On Fri, Jul 22, 2022 at 11:32 AM John Petro  wrote:

> just for giggles, have you tried putting a sudo in front of your command?
> I am not saying this would work, but just curious if maybe the "become" is
> being honored on the remote site only, so locally it might still be running
> as whatever local user you are running the ansible playbook as.
>
> On Fri, Jul 22, 2022 at 2:21 PM Tony Wong  wrote:
>
>> trying to copy id_rsa.pub for a user (rke) on my ansible controller to
>> authorized_keys on remote hosts
>>
>> I am running ansible playbook as user ansible
>>
>> since ansible user cannt access /home/rke/.ssh, it cannot lookup the pub
>> key
>>
>> I tried elevating privileges on lookup tasks and cannot do it
>>
>>
>>
>> On Fri, Jul 22, 2022 at 11:12 AM John Petro 
>> wrote:
>>
>>> I am sure you have mentioned this before, so forgive me if it's a
>>> repeat. I couldn't find the email in my inbox.  What is it you are trying
>>> to do again?
>>>
>>> On Fri, Jul 22, 2022 at 2:07 PM Tony Wong  wrote:
>>>

 trying to do this another way

 - name: copy id_rsa.pub to tmp for reading on localhost
   ansible.builtin.shell:
 cmd: "{{ command2 }}"
   register: shell_output
   become: true
   delegate_to: localhost


 where command2 is 'cp /home/rke/.ssh/id_rsa.pub /tmp'

 I am trying to run this only on the ansible controller (localhost)

 but it looks like its trying to run on remote nodes


 fatal: [k8node02 -> localhost]: FAILED! => {"changed": false, "msg":
 "Unsupported parameters for (command) module: cmd Supported parameters
 include: _raw_params, _uses_shell, argv, chdir, creates, executable,
 removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
 fatal: [k8master -> localhost]: FAILED! => {"changed": false, "msg":
 "Unsupported parameters for (command) module: cmd Supported parameters
 include: _raw_params, _uses_shell, argv, chdir, creates, executable,
 removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
 fatal: [k8node01 -> localhost]: FAILED! => {"changed": false, "msg":
 "Unsupported parameters for (command) module: cmd Supported parameters
 include: _raw_params, _uses_shell, argv, chdir, creates, executable,
 removes, stdin, stdin_add_newline, strip_empty_ends, warn"}


 any idea?
 On Thursday, July 21, 2022 at 9:42:44 AM UTC-7 Tony Wong wrote:

> do you mean something like this?
>
>
> ---
> # tasks file for createuser
> - include_vars:
>dir: vars
>
>
>
>
> *- name: Get id_rsa.pub from localhost  set_fact:auth_key: "{{
> lookup('file', '/home/rke/.ssh/id_rsa.pub')}}"  delegate_to: localhost*
>
> - name: create user rke
>   ansible.builtin.user:
> name: '{{ username }}'
> shell: '{{ shell }}'
> generate_ssh_key: yes
> create_home: yes
> groups: [ "{{ group1 }}", "{{ group2 }}" ]
> append: yes
> ssh_key_file: .ssh/id_rsa
>   become: true
>
> - name: Make sure we have a 'wheel' group
>   group:
> name: wheel
> state: present
>
> - name: Allow 'wheel' group to have passwordless sudo
>   lineinfile:
> dest: /etc/sudoers
> state: present
> regexp: '^%wheel'
> line: '%wheel ALL=(ALL) NOPASSWD: ALL'
> validate: 'visudo -cf %s'
>
>
> - name: Setup authkeys for user rke
>   become: true
>
>   authorized_key:
> user: '{{ username }}'
> state: present
> key: auth_key
>
>
>
> On Thu, Jul 21, 2022 at 7:48 AM Dick Visser  wrote:
>
>> On Thu, 21 Jul 2022 at 16:32, Tony Wong  wrote:
>> >
>> > yes it does, but the user (ansible) i am running the playbook with
>> even though it has sudo rights and in root group cant access that folder.
>>
>>
>> Your authorized_keys task is run on the r

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[John Petro]

just for giggles, have you tried putting a sudo in front of your command?
I am not saying this would work, but just curious if maybe the "become" is
being honored on the remote site only, so locally it might still be running
as whatever local user you are running the ansible playbook as.

On Fri, Jul 22, 2022 at 2:21 PM Tony Wong  wrote:

> trying to copy id_rsa.pub for a user (rke) on my ansible controller to
> authorized_keys on remote hosts
>
> I am running ansible playbook as user ansible
>
> since ansible user cannt access /home/rke/.ssh, it cannot lookup the pub
> key
>
> I tried elevating privileges on lookup tasks and cannot do it
>
>
>
> On Fri, Jul 22, 2022 at 11:12 AM John Petro  wrote:
>
>> I am sure you have mentioned this before, so forgive me if it's a repeat.
>> I couldn't find the email in my inbox.  What is it you are trying to do
>> again?
>>
>> On Fri, Jul 22, 2022 at 2:07 PM Tony Wong  wrote:
>>
>>>
>>> trying to do this another way
>>>
>>> - name: copy id_rsa.pub to tmp for reading on localhost
>>>   ansible.builtin.shell:
>>> cmd: "{{ command2 }}"
>>>   register: shell_output
>>>   become: true
>>>   delegate_to: localhost
>>>
>>>
>>> where command2 is 'cp /home/rke/.ssh/id_rsa.pub /tmp'
>>>
>>> I am trying to run this only on the ansible controller (localhost)
>>>
>>> but it looks like its trying to run on remote nodes
>>>
>>>
>>> fatal: [k8node02 -> localhost]: FAILED! => {"changed": false, "msg":
>>> "Unsupported parameters for (command) module: cmd Supported parameters
>>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>>> fatal: [k8master -> localhost]: FAILED! => {"changed": false, "msg":
>>> "Unsupported parameters for (command) module: cmd Supported parameters
>>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>>> fatal: [k8node01 -> localhost]: FAILED! => {"changed": false, "msg":
>>> "Unsupported parameters for (command) module: cmd Supported parameters
>>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>>>
>>>
>>> any idea?
>>> On Thursday, July 21, 2022 at 9:42:44 AM UTC-7 Tony Wong wrote:
>>>
 do you mean something like this?


 ---
 # tasks file for createuser
 - include_vars:
dir: vars




 *- name: Get id_rsa.pub from localhost  set_fact:auth_key: "{{
 lookup('file', '/home/rke/.ssh/id_rsa.pub')}}"  delegate_to: localhost*

 - name: create user rke
   ansible.builtin.user:
 name: '{{ username }}'
 shell: '{{ shell }}'
 generate_ssh_key: yes
 create_home: yes
 groups: [ "{{ group1 }}", "{{ group2 }}" ]
 append: yes
 ssh_key_file: .ssh/id_rsa
   become: true

 - name: Make sure we have a 'wheel' group
   group:
 name: wheel
 state: present

 - name: Allow 'wheel' group to have passwordless sudo
   lineinfile:
 dest: /etc/sudoers
 state: present
 regexp: '^%wheel'
 line: '%wheel ALL=(ALL) NOPASSWD: ALL'
 validate: 'visudo -cf %s'


 - name: Setup authkeys for user rke
   become: true

   authorized_key:
 user: '{{ username }}'
 state: present
 key: auth_key



 On Thu, Jul 21, 2022 at 7:48 AM Dick Visser  wrote:

> On Thu, 21 Jul 2022 at 16:32, Tony Wong  wrote:
> >
> > yes it does, but the user (ansible) i am running the playbook with
> even though it has sudo rights and in root group cant access that folder.
>
>
> Your authorized_keys task is run on the remote host, but using the
> lookup/file plugin in one of the arguments doesn't allow for privilege
> escalation locally.
> I think for fetching the materials, you should have an initial
> set_fact task with delegate_to=localhost and set become=true on that.
>
> (not verified)
>
>
>
> > i tried to copy the id_rsa.pub to /tmp and it works
> >
> > On Thu, Jul 21, 2022 at 7:10 AM John Petro 
> wrote:
> >>
> >> Does /home/rke/.ssh/id_pub.rsa exist on the host you are running
> the ansible playbook from?  Also, what happens if you try to do a ls on
> that directory as the user that is executing the ansible playbook, are you
> getting any errors?
> >>
> >> On Thu, Jul 21, 2022 at 9:09 AM Tony Wong 
> wrote:
> >>>
> >>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected
> paths (use -v to see paths)
> >>> fatal: [k8master]: FAILED! => {"msg": "An unhandled exception
> occurred while running the lookup plugin 'file'. Error was a  'ansible.errors.AnsibleError'>, original message: could not locate file in
> lookup: /home/rke/.ssh/id_pub.rsa"}

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Tony Wong]

trying to copy id_rsa.pub for a user (rke) on my ansible controller to
authorized_keys on remote hosts

I am running ansible playbook as user ansible

since ansible user cannt access /home/rke/.ssh, it cannot lookup the pub key

I tried elevating privileges on lookup tasks and cannot do it



On Fri, Jul 22, 2022 at 11:12 AM John Petro  wrote:

> I am sure you have mentioned this before, so forgive me if it's a repeat.
> I couldn't find the email in my inbox.  What is it you are trying to do
> again?
>
> On Fri, Jul 22, 2022 at 2:07 PM Tony Wong  wrote:
>
>>
>> trying to do this another way
>>
>> - name: copy id_rsa.pub to tmp for reading on localhost
>>   ansible.builtin.shell:
>> cmd: "{{ command2 }}"
>>   register: shell_output
>>   become: true
>>   delegate_to: localhost
>>
>>
>> where command2 is 'cp /home/rke/.ssh/id_rsa.pub /tmp'
>>
>> I am trying to run this only on the ansible controller (localhost)
>>
>> but it looks like its trying to run on remote nodes
>>
>>
>> fatal: [k8node02 -> localhost]: FAILED! => {"changed": false, "msg":
>> "Unsupported parameters for (command) module: cmd Supported parameters
>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>> fatal: [k8master -> localhost]: FAILED! => {"changed": false, "msg":
>> "Unsupported parameters for (command) module: cmd Supported parameters
>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>> fatal: [k8node01 -> localhost]: FAILED! => {"changed": false, "msg":
>> "Unsupported parameters for (command) module: cmd Supported parameters
>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>>
>>
>> any idea?
>> On Thursday, July 21, 2022 at 9:42:44 AM UTC-7 Tony Wong wrote:
>>
>>> do you mean something like this?
>>>
>>>
>>> ---
>>> # tasks file for createuser
>>> - include_vars:
>>>dir: vars
>>>
>>>
>>>
>>>
>>> *- name: Get id_rsa.pub from localhost  set_fact:auth_key: "{{
>>> lookup('file', '/home/rke/.ssh/id_rsa.pub')}}"  delegate_to: localhost*
>>>
>>> - name: create user rke
>>>   ansible.builtin.user:
>>> name: '{{ username }}'
>>> shell: '{{ shell }}'
>>> generate_ssh_key: yes
>>> create_home: yes
>>> groups: [ "{{ group1 }}", "{{ group2 }}" ]
>>> append: yes
>>> ssh_key_file: .ssh/id_rsa
>>>   become: true
>>>
>>> - name: Make sure we have a 'wheel' group
>>>   group:
>>> name: wheel
>>> state: present
>>>
>>> - name: Allow 'wheel' group to have passwordless sudo
>>>   lineinfile:
>>> dest: /etc/sudoers
>>> state: present
>>> regexp: '^%wheel'
>>> line: '%wheel ALL=(ALL) NOPASSWD: ALL'
>>> validate: 'visudo -cf %s'
>>>
>>>
>>> - name: Setup authkeys for user rke
>>>   become: true
>>>
>>>   authorized_key:
>>> user: '{{ username }}'
>>> state: present
>>> key: auth_key
>>>
>>>
>>>
>>> On Thu, Jul 21, 2022 at 7:48 AM Dick Visser  wrote:
>>>
 On Thu, 21 Jul 2022 at 16:32, Tony Wong  wrote:
 >
 > yes it does, but the user (ansible) i am running the playbook with
 even though it has sudo rights and in root group cant access that folder.


 Your authorized_keys task is run on the remote host, but using the
 lookup/file plugin in one of the arguments doesn't allow for privilege
 escalation locally.
 I think for fetching the materials, you should have an initial
 set_fact task with delegate_to=localhost and set become=true on that.

 (not verified)



 > i tried to copy the id_rsa.pub to /tmp and it works
 >
 > On Thu, Jul 21, 2022 at 7:10 AM John Petro 
 wrote:
 >>
 >> Does /home/rke/.ssh/id_pub.rsa exist on the host you are running the
 ansible playbook from?  Also, what happens if you try to do a ls on that
 directory as the user that is executing the ansible playbook, are you
 getting any errors?
 >>
 >> On Thu, Jul 21, 2022 at 9:09 AM Tony Wong  wrote:
 >>>
 >>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected
 paths (use -v to see paths)
 >>> fatal: [k8master]: FAILED! => {"msg": "An unhandled exception
 occurred while running the lookup plugin 'file'. Error was a >>> 'ansible.errors.AnsibleError'>, original message: could not locate file in
 lookup: /home/rke/.ssh/id_pub.rsa"}
 >>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected
 paths (use -v to see paths)
 >>> fatal: [k8node01]: FAILED! => {"msg": "An unhandled exception
 occurred while running the lookup plugin 'file'. Error was a >>> 'ansible.errors.AnsibleError'>, original message: could not locate file in
 lookup: /home/rke/.ssh/id_pub.rsa"}
 >>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected
 paths (use -v to see paths)
 >>> fat

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[John Petro]

I am sure you have mentioned this before, so forgive me if it's a repeat. I
couldn't find the email in my inbox.  What is it you are trying to do
again?

On Fri, Jul 22, 2022 at 2:07 PM Tony Wong  wrote:

>
> trying to do this another way
>
> - name: copy id_rsa.pub to tmp for reading on localhost
>   ansible.builtin.shell:
> cmd: "{{ command2 }}"
>   register: shell_output
>   become: true
>   delegate_to: localhost
>
>
> where command2 is 'cp /home/rke/.ssh/id_rsa.pub /tmp'
>
> I am trying to run this only on the ansible controller (localhost)
>
> but it looks like its trying to run on remote nodes
>
>
> fatal: [k8node02 -> localhost]: FAILED! => {"changed": false, "msg":
> "Unsupported parameters for (command) module: cmd Supported parameters
> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
> fatal: [k8master -> localhost]: FAILED! => {"changed": false, "msg":
> "Unsupported parameters for (command) module: cmd Supported parameters
> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
> fatal: [k8node01 -> localhost]: FAILED! => {"changed": false, "msg":
> "Unsupported parameters for (command) module: cmd Supported parameters
> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>
>
> any idea?
> On Thursday, July 21, 2022 at 9:42:44 AM UTC-7 Tony Wong wrote:
>
>> do you mean something like this?
>>
>>
>> ---
>> # tasks file for createuser
>> - include_vars:
>>dir: vars
>>
>>
>>
>>
>> *- name: Get id_rsa.pub from localhost  set_fact:auth_key: "{{
>> lookup('file', '/home/rke/.ssh/id_rsa.pub')}}"  delegate_to: localhost*
>>
>> - name: create user rke
>>   ansible.builtin.user:
>> name: '{{ username }}'
>> shell: '{{ shell }}'
>> generate_ssh_key: yes
>> create_home: yes
>> groups: [ "{{ group1 }}", "{{ group2 }}" ]
>> append: yes
>> ssh_key_file: .ssh/id_rsa
>>   become: true
>>
>> - name: Make sure we have a 'wheel' group
>>   group:
>> name: wheel
>> state: present
>>
>> - name: Allow 'wheel' group to have passwordless sudo
>>   lineinfile:
>> dest: /etc/sudoers
>> state: present
>> regexp: '^%wheel'
>> line: '%wheel ALL=(ALL) NOPASSWD: ALL'
>> validate: 'visudo -cf %s'
>>
>>
>> - name: Setup authkeys for user rke
>>   become: true
>>
>>   authorized_key:
>> user: '{{ username }}'
>> state: present
>> key: auth_key
>>
>>
>>
>> On Thu, Jul 21, 2022 at 7:48 AM Dick Visser  wrote:
>>
>>> On Thu, 21 Jul 2022 at 16:32, Tony Wong  wrote:
>>> >
>>> > yes it does, but the user (ansible) i am running the playbook with
>>> even though it has sudo rights and in root group cant access that folder.
>>>
>>>
>>> Your authorized_keys task is run on the remote host, but using the
>>> lookup/file plugin in one of the arguments doesn't allow for privilege
>>> escalation locally.
>>> I think for fetching the materials, you should have an initial
>>> set_fact task with delegate_to=localhost and set become=true on that.
>>>
>>> (not verified)
>>>
>>>
>>>
>>> > i tried to copy the id_rsa.pub to /tmp and it works
>>> >
>>> > On Thu, Jul 21, 2022 at 7:10 AM John Petro 
>>> wrote:
>>> >>
>>> >> Does /home/rke/.ssh/id_pub.rsa exist on the host you are running the
>>> ansible playbook from?  Also, what happens if you try to do a ls on that
>>> directory as the user that is executing the ansible playbook, are you
>>> getting any errors?
>>> >>
>>> >> On Thu, Jul 21, 2022 at 9:09 AM Tony Wong  wrote:
>>> >>>
>>> >>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected
>>> paths (use -v to see paths)
>>> >>> fatal: [k8master]: FAILED! => {"msg": "An unhandled exception
>>> occurred while running the lookup plugin 'file'. Error was a >> 'ansible.errors.AnsibleError'>, original message: could not locate file in
>>> lookup: /home/rke/.ssh/id_pub.rsa"}
>>> >>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected
>>> paths (use -v to see paths)
>>> >>> fatal: [k8node01]: FAILED! => {"msg": "An unhandled exception
>>> occurred while running the lookup plugin 'file'. Error was a >> 'ansible.errors.AnsibleError'>, original message: could not locate file in
>>> lookup: /home/rke/.ssh/id_pub.rsa"}
>>> >>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected
>>> paths (use -v to see paths)
>>> >>> fatal: [k8node02]: FAILED! => {"msg": "An unhandled exception
>>> occurred while running the lookup plugin 'file'. Error was a >> 'ansible.errors.AnsibleError'>, original message: could not locate file in
>>> lookup: /home/rke/.ssh/id_pub.rsa"}
>>> >>>
>>> >>> On Thu, Jul 21, 2022 at 5:32 AM Tony Wong  wrote:
>>> 
>>>  how do i access to lookup the id_rsa.pub file? The user running
>>> ansible playbook has sudo rights on the controller
>>> 
>>>  On Wed, Jul 20, 2022 at

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Tony Wong]

trying to do this another way

- name: copy id_rsa.pub to tmp for reading on localhost
  ansible.builtin.shell:
cmd: "{{ command2 }}"
  register: shell_output
  become: true
  delegate_to: localhost


where command2 is 'cp /home/rke/.ssh/id_rsa.pub /tmp'

I am trying to run this only on the ansible controller (localhost)

but it looks like its trying to run on remote nodes


fatal: [k8node02 -> localhost]: FAILED! => {"changed": false, "msg": 
"Unsupported parameters for (command) module: cmd Supported parameters 
include: _raw_params, _uses_shell, argv, chdir, creates, executable, 
removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
fatal: [k8master -> localhost]: FAILED! => {"changed": false, "msg": 
"Unsupported parameters for (command) module: cmd Supported parameters 
include: _raw_params, _uses_shell, argv, chdir, creates, executable, 
removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
fatal: [k8node01 -> localhost]: FAILED! => {"changed": false, "msg": 
"Unsupported parameters for (command) module: cmd Supported parameters 
include: _raw_params, _uses_shell, argv, chdir, creates, executable, 
removes, stdin, stdin_add_newline, strip_empty_ends, warn"}


any idea?
On Thursday, July 21, 2022 at 9:42:44 AM UTC-7 Tony Wong wrote:

> do you mean something like this?
>
>
> ---
> # tasks file for createuser
> - include_vars:
>dir: vars
>
>
>
>
> *- name: Get id_rsa.pub from localhost  set_fact:auth_key: "{{ 
> lookup('file', '/home/rke/.ssh/id_rsa.pub')}}"  delegate_to: localhost*
>
> - name: create user rke
>   ansible.builtin.user:
> name: '{{ username }}'
> shell: '{{ shell }}'
> generate_ssh_key: yes
> create_home: yes
> groups: [ "{{ group1 }}", "{{ group2 }}" ]
> append: yes  
> ssh_key_file: .ssh/id_rsa
>   become: true
>
> - name: Make sure we have a 'wheel' group
>   group:
> name: wheel
> state: present
>
> - name: Allow 'wheel' group to have passwordless sudo
>   lineinfile:
> dest: /etc/sudoers
> state: present
> regexp: '^%wheel'
> line: '%wheel ALL=(ALL) NOPASSWD: ALL'
> validate: 'visudo -cf %s'
>
>
> - name: Setup authkeys for user rke
>   become: true
>
>   authorized_key:
> user: '{{ username }}'
> state: present
> key: auth_key
>
>
>
> On Thu, Jul 21, 2022 at 7:48 AM Dick Visser  wrote:
>
>> On Thu, 21 Jul 2022 at 16:32, Tony Wong  wrote:
>> >
>> > yes it does, but the user (ansible) i am running the playbook with even 
>> though it has sudo rights and in root group cant access that folder.
>>
>>
>> Your authorized_keys task is run on the remote host, but using the
>> lookup/file plugin in one of the arguments doesn't allow for privilege
>> escalation locally.
>> I think for fetching the materials, you should have an initial
>> set_fact task with delegate_to=localhost and set become=true on that.
>>
>> (not verified)
>>
>>
>>
>> > i tried to copy the id_rsa.pub to /tmp and it works
>> >
>> > On Thu, Jul 21, 2022 at 7:10 AM John Petro  
>> wrote:
>> >>
>> >> Does /home/rke/.ssh/id_pub.rsa exist on the host you are running the 
>> ansible playbook from?  Also, what happens if you try to do a ls on that 
>> directory as the user that is executing the ansible playbook, are you 
>> getting any errors?
>> >>
>> >> On Thu, Jul 21, 2022 at 9:09 AM Tony Wong  wrote:
>> >>>
>> >>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected 
>> paths (use -v to see paths)
>> >>> fatal: [k8master]: FAILED! => {"msg": "An unhandled exception 
>> occurred while running the lookup plugin 'file'. Error was a > 'ansible.errors.AnsibleError'>, original message: could not locate file in 
>> lookup: /home/rke/.ssh/id_pub.rsa"}
>> >>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected 
>> paths (use -v to see paths)
>> >>> fatal: [k8node01]: FAILED! => {"msg": "An unhandled exception 
>> occurred while running the lookup plugin 'file'. Error was a > 'ansible.errors.AnsibleError'>, original message: could not locate file in 
>> lookup: /home/rke/.ssh/id_pub.rsa"}
>> >>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected 
>> paths (use -v to see paths)
>> >>> fatal: [k8node02]: FAILED! => {"msg": "An unhandled exception 
>> occurred while running the lookup plugin 'file'. Error was a > 'ansible.errors.AnsibleError'>, original message: could not locate file in 
>> lookup: /home/rke/.ssh/id_pub.rsa"}
>> >>>
>> >>> On Thu, Jul 21, 2022 at 5:32 AM Tony Wong  wrote:
>> 
>>  how do i access to lookup the id_rsa.pub file? The user running 
>> ansible playbook has sudo rights on the controller
>> 
>>  On Wed, Jul 20, 2022 at 4:31 PM Todd Lewis  wrote:
>> >
>> > It would have root access — on the target machine, but not on the 
>> Ansible controller.
>> >
>> > On Wednesday, July 20, 2022 at 6:24:24 PM UTC-4 tdub...@gmail.com 
>> wrote:
>> >>
>> >> But I used become: in my main.yml
>> >>
>> >> Would that have root access?
>> 

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Tony Wong]

do you mean something like this?


---
# tasks file for createuser
- include_vars:
   dir: vars




*- name: Get id_rsa.pub from localhost  set_fact:auth_key: "{{
lookup('file', '/home/rke/.ssh/id_rsa.pub')}}"  delegate_to: localhost*

- name: create user rke
  ansible.builtin.user:
name: '{{ username }}'
shell: '{{ shell }}'
generate_ssh_key: yes
create_home: yes
groups: [ "{{ group1 }}", "{{ group2 }}" ]
append: yes
ssh_key_file: .ssh/id_rsa
  become: true

- name: Make sure we have a 'wheel' group
  group:
name: wheel
state: present

- name: Allow 'wheel' group to have passwordless sudo
  lineinfile:
dest: /etc/sudoers
state: present
regexp: '^%wheel'
line: '%wheel ALL=(ALL) NOPASSWD: ALL'
validate: 'visudo -cf %s'

- name: Setup authkeys for user rke
  become: true
  authorized_key:
user: '{{ username }}'
state: present
key: auth_key



On Thu, Jul 21, 2022 at 7:48 AM Dick Visser  wrote:

> On Thu, 21 Jul 2022 at 16:32, Tony Wong  wrote:
> >
> > yes it does, but the user (ansible) i am running the playbook with even
> though it has sudo rights and in root group cant access that folder.
>
>
> Your authorized_keys task is run on the remote host, but using the
> lookup/file plugin in one of the arguments doesn't allow for privilege
> escalation locally.
> I think for fetching the materials, you should have an initial
> set_fact task with delegate_to=localhost and set become=true on that.
>
> (not verified)
>
>
>
> > i tried to copy the id_rsa.pub to /tmp and it works
> >
> > On Thu, Jul 21, 2022 at 7:10 AM John Petro 
> wrote:
> >>
> >> Does /home/rke/.ssh/id_pub.rsa exist on the host you are running the
> ansible playbook from?  Also, what happens if you try to do a ls on that
> directory as the user that is executing the ansible playbook, are you
> getting any errors?
> >>
> >> On Thu, Jul 21, 2022 at 9:09 AM Tony Wong  wrote:
> >>>
> >>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected
> paths (use -v to see paths)
> >>> fatal: [k8master]: FAILED! => {"msg": "An unhandled exception occurred
> while running the lookup plugin 'file'. Error was a  'ansible.errors.AnsibleError'>, original message: could not locate file in
> lookup: /home/rke/.ssh/id_pub.rsa"}
> >>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected
> paths (use -v to see paths)
> >>> fatal: [k8node01]: FAILED! => {"msg": "An unhandled exception occurred
> while running the lookup plugin 'file'. Error was a  'ansible.errors.AnsibleError'>, original message: could not locate file in
> lookup: /home/rke/.ssh/id_pub.rsa"}
> >>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected
> paths (use -v to see paths)
> >>> fatal: [k8node02]: FAILED! => {"msg": "An unhandled exception occurred
> while running the lookup plugin 'file'. Error was a  'ansible.errors.AnsibleError'>, original message: could not locate file in
> lookup: /home/rke/.ssh/id_pub.rsa"}
> >>>
> >>> On Thu, Jul 21, 2022 at 5:32 AM Tony Wong  wrote:
> 
>  how do i access to lookup the id_rsa.pub file? The user running
> ansible playbook has sudo rights on the controller
> 
>  On Wed, Jul 20, 2022 at 4:31 PM Todd Lewis  wrote:
> >
> > It would have root access — on the target machine, but not on the
> Ansible controller.
> >
> > On Wednesday, July 20, 2022 at 6:24:24 PM UTC-4 tdub...@gmail.com
> wrote:
> >>
> >> But I used become: in my main.yml
> >>
> >> Would that have root access?
> >
> > --
> > You received this message because you are subscribed to a topic in
> the Google Groups "Ansible Project" group.
> > To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe.
> > To unsubscribe from this group and all its topics, send an email to
> ansible-project+unsubscr...@googlegroups.com.
> > To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/420506bd-39ce-4cc5-b6c5-58a65b3a3e3bn%40googlegroups.com
> .
> >>>
> >>> --
> >>> You received this message because you are subscribed to the Google
> Groups "Ansible Project" group.
> >>> To unsubscribe from this group and stop receiving emails from it, send
> an email to ansible-project+unsubscr...@googlegroups.com.
> >>> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CALmkhkohoHcMf3KBDbprOgPPZkyQTvALAyH%2Bov%2Bnr_OcCz1koA%40mail.gmail.com
> .
> >>
> >> --
> >> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> >> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe.
> >> To unsubscribe from this group and all its topics, send an email to
> ansible-project+unsubscr...@googlegroups.com.
> >> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CA

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Dick Visser]

On Thu, 21 Jul 2022 at 16:32, Tony Wong  wrote:
>
> yes it does, but the user (ansible) i am running the playbook with even 
> though it has sudo rights and in root group cant access that folder.


Your authorized_keys task is run on the remote host, but using the
lookup/file plugin in one of the arguments doesn't allow for privilege
escalation locally.
I think for fetching the materials, you should have an initial
set_fact task with delegate_to=localhost and set become=true on that.

(not verified)



> i tried to copy the id_rsa.pub to /tmp and it works
>
> On Thu, Jul 21, 2022 at 7:10 AM John Petro  wrote:
>>
>> Does /home/rke/.ssh/id_pub.rsa exist on the host you are running the ansible 
>> playbook from?  Also, what happens if you try to do a ls on that directory 
>> as the user that is executing the ansible playbook, are you getting any 
>> errors?
>>
>> On Thu, Jul 21, 2022 at 9:09 AM Tony Wong  wrote:
>>>
>>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths 
>>> (use -v to see paths)
>>> fatal: [k8master]: FAILED! => {"msg": "An unhandled exception occurred 
>>> while running the lookup plugin 'file'. Error was a >> 'ansible.errors.AnsibleError'>, original message: could not locate file in 
>>> lookup: /home/rke/.ssh/id_pub.rsa"}
>>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths 
>>> (use -v to see paths)
>>> fatal: [k8node01]: FAILED! => {"msg": "An unhandled exception occurred 
>>> while running the lookup plugin 'file'. Error was a >> 'ansible.errors.AnsibleError'>, original message: could not locate file in 
>>> lookup: /home/rke/.ssh/id_pub.rsa"}
>>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths 
>>> (use -v to see paths)
>>> fatal: [k8node02]: FAILED! => {"msg": "An unhandled exception occurred 
>>> while running the lookup plugin 'file'. Error was a >> 'ansible.errors.AnsibleError'>, original message: could not locate file in 
>>> lookup: /home/rke/.ssh/id_pub.rsa"}
>>>
>>> On Thu, Jul 21, 2022 at 5:32 AM Tony Wong  wrote:

 how do i access to lookup the id_rsa.pub file? The user running ansible 
 playbook has sudo rights on the controller

 On Wed, Jul 20, 2022 at 4:31 PM Todd Lewis  wrote:
>
> It would have root access — on the target machine, but not on the Ansible 
> controller.
>
> On Wednesday, July 20, 2022 at 6:24:24 PM UTC-4 tdub...@gmail.com wrote:
>>
>> But I used become: in my main.yml
>>
>> Would that have root access?
>
> --
> You received this message because you are subscribed to a topic in the 
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit 
> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to 
> ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/420506bd-39ce-4cc5-b6c5-58a65b3a3e3bn%40googlegroups.com.
>>>
>>> --
>>> You received this message because you are subscribed to the Google Groups 
>>> "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send an 
>>> email to ansible-project+unsubscr...@googlegroups.com.
>>> To view this discussion on the web visit 
>>> https://groups.google.com/d/msgid/ansible-project/CALmkhkohoHcMf3KBDbprOgPPZkyQTvALAyH%2Bov%2Bnr_OcCz1koA%40mail.gmail.com.
>>
>> --
>> You received this message because you are subscribed to a topic in the 
>> Google Groups "Ansible Project" group.
>> To unsubscribe from this topic, visit 
>> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe.
>> To unsubscribe from this group and all its topics, send an email to 
>> ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/CAPAjob8Kz3CmwXpnREAMYW_omF0J5HuEz5UtMACrSG7sMnSitw%40mail.gmail.com.
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/CALmkhkq3tKEwQ8nSBT4Nu1kwCp%2BZAYVrYvozUQ5MFLTMkL_yNQ%40mail.gmail.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAF8BbLZVQZ5qdJSLjnxHoTirc9rzPqtUuLHEd52Bg2tAYUEbeg%40mail.gmail.com.

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[John Petro]

Sounds like you have a local permissions issue.

On Thu, Jul 21, 2022 at 10:32 AM Tony Wong  wrote:

> yes it does, but the user (ansible) i am running the playbook with even
> though it has sudo rights and in root group cant access that folder.
>
> i tried to copy the id_rsa.pub to /tmp and it works
>
> On Thu, Jul 21, 2022 at 7:10 AM John Petro  wrote:
>
>> Does /home/rke/.ssh/id_pub.rsa exist on the host you are running the
>> ansible playbook from?  Also, what happens if you try to do a ls on that
>> directory as the user that is executing the ansible playbook, are you
>> getting any errors?
>>
>> On Thu, Jul 21, 2022 at 9:09 AM Tony Wong  wrote:
>>
>>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths
>>> (use -v to see paths)
>>> fatal: [k8master]: FAILED! => {"msg": "An unhandled exception occurred
>>> while running the lookup plugin 'file'. Error was a >> 'ansible.errors.AnsibleError'>, original message: could not locate file in
>>> lookup: /home/rke/.ssh/id_pub.rsa"}
>>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths
>>> (use -v to see paths)
>>> fatal: [k8node01]: FAILED! => {"msg": "An unhandled exception occurred
>>> while running the lookup plugin 'file'. Error was a >> 'ansible.errors.AnsibleError'>, original message: could not locate file in
>>> lookup: /home/rke/.ssh/id_pub.rsa"}
>>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths
>>> (use -v to see paths)
>>> fatal: [k8node02]: FAILED! => {"msg": "An unhandled exception occurred
>>> while running the lookup plugin 'file'. Error was a >> 'ansible.errors.AnsibleError'>, original message: could not locate file in
>>> lookup: /home/rke/.ssh/id_pub.rsa"}
>>>
>>> On Thu, Jul 21, 2022 at 5:32 AM Tony Wong  wrote:
>>>
 how do i access to lookup the id_rsa.pub file? The user running ansible
 playbook has sudo rights on the controller

 On Wed, Jul 20, 2022 at 4:31 PM Todd Lewis  wrote:

> It would have root access — on the target machine, but not on the
> Ansible controller.
>
> On Wednesday, July 20, 2022 at 6:24:24 PM UTC-4 tdub...@gmail.com
> wrote:
>
>> But I used become: in my main.yml
>>
>> Would that have root access?
>>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe
> .
> To unsubscribe from this group and all its topics, send an email to
> ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/420506bd-39ce-4cc5-b6c5-58a65b3a3e3bn%40googlegroups.com
> 
> .
>
 --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-project+unsubscr...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/CALmkhkohoHcMf3KBDbprOgPPZkyQTvALAyH%2Bov%2Bnr_OcCz1koA%40mail.gmail.com
>>> 
>>> .
>>>
>> --
>> You received this message because you are subscribed to a topic in the
>> Google Groups "Ansible Project" group.
>> To unsubscribe from this topic, visit
>> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe
>> .
>> To unsubscribe from this group and all its topics, send an email to
>> ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAPAjob8Kz3CmwXpnREAMYW_omF0J5HuEz5UtMACrSG7sMnSitw%40mail.gmail.com
>> 
>> .
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CALmkhkq3tKEwQ8nSBT4Nu1kwCp%2BZAYVrYvozUQ5MFLTMkL_yNQ%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiv

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Tony Wong]

yes it does, but the user (ansible) i am running the playbook with even
though it has sudo rights and in root group cant access that folder.

i tried to copy the id_rsa.pub to /tmp and it works

On Thu, Jul 21, 2022 at 7:10 AM John Petro  wrote:

> Does /home/rke/.ssh/id_pub.rsa exist on the host you are running the
> ansible playbook from?  Also, what happens if you try to do a ls on that
> directory as the user that is executing the ansible playbook, are you
> getting any errors?
>
> On Thu, Jul 21, 2022 at 9:09 AM Tony Wong  wrote:
>
>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths
>> (use -v to see paths)
>> fatal: [k8master]: FAILED! => {"msg": "An unhandled exception occurred
>> while running the lookup plugin 'file'. Error was a > 'ansible.errors.AnsibleError'>, original message: could not locate file in
>> lookup: /home/rke/.ssh/id_pub.rsa"}
>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths
>> (use -v to see paths)
>> fatal: [k8node01]: FAILED! => {"msg": "An unhandled exception occurred
>> while running the lookup plugin 'file'. Error was a > 'ansible.errors.AnsibleError'>, original message: could not locate file in
>> lookup: /home/rke/.ssh/id_pub.rsa"}
>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths
>> (use -v to see paths)
>> fatal: [k8node02]: FAILED! => {"msg": "An unhandled exception occurred
>> while running the lookup plugin 'file'. Error was a > 'ansible.errors.AnsibleError'>, original message: could not locate file in
>> lookup: /home/rke/.ssh/id_pub.rsa"}
>>
>> On Thu, Jul 21, 2022 at 5:32 AM Tony Wong  wrote:
>>
>>> how do i access to lookup the id_rsa.pub file? The user running ansible
>>> playbook has sudo rights on the controller
>>>
>>> On Wed, Jul 20, 2022 at 4:31 PM Todd Lewis  wrote:
>>>
 It would have root access — on the target machine, but not on the
 Ansible controller.

 On Wednesday, July 20, 2022 at 6:24:24 PM UTC-4 tdub...@gmail.com
 wrote:

> But I used become: in my main.yml
>
> Would that have root access?
>
 --
 You received this message because you are subscribed to a topic in the
 Google Groups "Ansible Project" group.
 To unsubscribe from this topic, visit
 https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe
 .
 To unsubscribe from this group and all its topics, send an email to
 ansible-project+unsubscr...@googlegroups.com.
 To view this discussion on the web visit
 https://groups.google.com/d/msgid/ansible-project/420506bd-39ce-4cc5-b6c5-58a65b3a3e3bn%40googlegroups.com
 
 .

>>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CALmkhkohoHcMf3KBDbprOgPPZkyQTvALAyH%2Bov%2Bnr_OcCz1koA%40mail.gmail.com
>> 
>> .
>>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAPAjob8Kz3CmwXpnREAMYW_omF0J5HuEz5UtMACrSG7sMnSitw%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CALmkhkq3tKEwQ8nSBT4Nu1kwCp%2BZAYVrYvozUQ5MFLTMkL_yNQ%40mail.gmail.com.

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[John Petro]

Does /home/rke/.ssh/id_pub.rsa exist on the host you are running the
ansible playbook from?  Also, what happens if you try to do a ls on that
directory as the user that is executing the ansible playbook, are you
getting any errors?

On Thu, Jul 21, 2022 at 9:09 AM Tony Wong  wrote:

> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths
> (use -v to see paths)
> fatal: [k8master]: FAILED! => {"msg": "An unhandled exception occurred
> while running the lookup plugin 'file'. Error was a  'ansible.errors.AnsibleError'>, original message: could not locate file in
> lookup: /home/rke/.ssh/id_pub.rsa"}
> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths
> (use -v to see paths)
> fatal: [k8node01]: FAILED! => {"msg": "An unhandled exception occurred
> while running the lookup plugin 'file'. Error was a  'ansible.errors.AnsibleError'>, original message: could not locate file in
> lookup: /home/rke/.ssh/id_pub.rsa"}
> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths
> (use -v to see paths)
> fatal: [k8node02]: FAILED! => {"msg": "An unhandled exception occurred
> while running the lookup plugin 'file'. Error was a  'ansible.errors.AnsibleError'>, original message: could not locate file in
> lookup: /home/rke/.ssh/id_pub.rsa"}
>
> On Thu, Jul 21, 2022 at 5:32 AM Tony Wong  wrote:
>
>> how do i access to lookup the id_rsa.pub file? The user running ansible
>> playbook has sudo rights on the controller
>>
>> On Wed, Jul 20, 2022 at 4:31 PM Todd Lewis  wrote:
>>
>>> It would have root access — on the target machine, but not on the
>>> Ansible controller.
>>>
>>> On Wednesday, July 20, 2022 at 6:24:24 PM UTC-4 tdub...@gmail.com wrote:
>>>
 But I used become: in my main.yml

 Would that have root access?

>>> --
>>> You received this message because you are subscribed to a topic in the
>>> Google Groups "Ansible Project" group.
>>> To unsubscribe from this topic, visit
>>> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe
>>> .
>>> To unsubscribe from this group and all its topics, send an email to
>>> ansible-project+unsubscr...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/420506bd-39ce-4cc5-b6c5-58a65b3a3e3bn%40googlegroups.com
>>> 
>>> .
>>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CALmkhkohoHcMf3KBDbprOgPPZkyQTvALAyH%2Bov%2Bnr_OcCz1koA%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob8Kz3CmwXpnREAMYW_omF0J5HuEz5UtMACrSG7sMnSitw%40mail.gmail.com.

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Tony Wong]

[WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths
(use -v to see paths)
fatal: [k8master]: FAILED! => {"msg": "An unhandled exception occurred
while running the lookup plugin 'file'. Error was a , original message: could not locate file in
lookup: /home/rke/.ssh/id_pub.rsa"}
[WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths
(use -v to see paths)
fatal: [k8node01]: FAILED! => {"msg": "An unhandled exception occurred
while running the lookup plugin 'file'. Error was a , original message: could not locate file in
lookup: /home/rke/.ssh/id_pub.rsa"}
[WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths
(use -v to see paths)
fatal: [k8node02]: FAILED! => {"msg": "An unhandled exception occurred
while running the lookup plugin 'file'. Error was a , original message: could not locate file in
lookup: /home/rke/.ssh/id_pub.rsa"}

On Thu, Jul 21, 2022 at 5:32 AM Tony Wong  wrote:

> how do i access to lookup the id_rsa.pub file? The user running ansible
> playbook has sudo rights on the controller
>
> On Wed, Jul 20, 2022 at 4:31 PM Todd Lewis  wrote:
>
>> It would have root access — on the target machine, but not on the Ansible
>> controller.
>>
>> On Wednesday, July 20, 2022 at 6:24:24 PM UTC-4 tdub...@gmail.com wrote:
>>
>>> But I used become: in my main.yml
>>>
>>> Would that have root access?
>>>
>> --
>> You received this message because you are subscribed to a topic in the
>> Google Groups "Ansible Project" group.
>> To unsubscribe from this topic, visit
>> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe
>> .
>> To unsubscribe from this group and all its topics, send an email to
>> ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/420506bd-39ce-4cc5-b6c5-58a65b3a3e3bn%40googlegroups.com
>> 
>> .
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CALmkhkohoHcMf3KBDbprOgPPZkyQTvALAyH%2Bov%2Bnr_OcCz1koA%40mail.gmail.com.

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Tony Wong]

how do i access to lookup the id_rsa.pub file? The user running ansible
playbook has sudo rights on the controller

On Wed, Jul 20, 2022 at 4:31 PM Todd Lewis  wrote:

> It would have root access — on the target machine, but not on the Ansible
> controller.
>
> On Wednesday, July 20, 2022 at 6:24:24 PM UTC-4 tdub...@gmail.com wrote:
>
>> But I used become: in my main.yml
>>
>> Would that have root access?
>>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/420506bd-39ce-4cc5-b6c5-58a65b3a3e3bn%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CALmkhkrCnY_fMuL%3D9uxrbQTCW9JTtWrJfhnybMmk-O67megv7A%40mail.gmail.com.

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Tony Wong]

main.yml

---
- hosts: k8s
become: true
roles:
- rancherpocreplay

On Wed, Jul 20, 2022 at 4:35 PM David Logan  wrote:

> I didn't see the main.yml file and can't comment on your setup. Yes, root
> should have access however I'm not sure become would carry over all tasks.
> I thought it was task specific unless you set it in your group vars
>
> https://docs.ansible.com/ansible/latest/user_guide/become.html
>
> On Thu, 21 Jul 2022 at 07:54, Tony Wong  wrote:
>
>> But I used become: in my main.yml
>>
>> Would that have root access?
>>
>> On Wed, Jul 20, 2022 at 3:13 PM David Logan  wrote:
>>
>>> Usually the .ssh/authorized_key file has fairly specific permissions (rw
>>> user only) as does the .ssh directory. It may well be the ansible user
>>> cannot see the files in the .ssh directory as it may not have the correct
>>> permissions.
>>>
>>> On Thu, 21 Jul 2022 at 07:37, Tony Wong  wrote:
>>>
 now different error

 TASK [rancherpocreplay : Setup authkeys for user rke]
 **
 [WARNING]: Unable to find '/home/rke/.ssh/id_rsa.pub' in expected paths
 (use -v to see paths)
 fatal: [k8master]: FAILED! => {"msg": "An unhandled exception occurred
 while running the lookup plugin 'file'. Error was a >>> 'ansible.errors.AnsibleError'>, original message: could not locate file in
 lookup: /home/rke/.ssh/id_rsa.pub"}
 [WARNING]: Unable to find '/home/rke/.ssh/id_rsa.pub' in expected paths
 (use -v to see paths)
 fatal: [k8node01]: FAILED! => {"msg": "An unhandled exception occurred
 while running the lookup plugin 'file'. Error was a >>> 'ansible.errors.AnsibleError'>, original message: could not locate file in
 lookup: /home/rke/.ssh/id_rsa.pub"}
 [WARNING]: Unable to find '/home/rke/.ssh/id_rsa.pub' in expected paths
 (use -v to see paths)
 fatal: [k8node02]: FAILED! => {"msg": "An unhandled exception occurred
 while running the lookup plugin 'file'. Error was a >>> 'ansible.errors.AnsibleError'>, original message: could not locate file in
 lookup: /home/rke/.ssh/id_rsa.pub"}

 but /home/rke/.ssh/id_rsa.pub is there on the ansible host

 On Wed, Jul 20, 2022 at 2:50 PM Todd Lewis  wrote:

> Mustaches never nest.
>
> key: "{{ lookup('file', '/home/' ~ username ~ '/.ssh/id_rsa.pub') }}"
>
> On Wednesday, July 20, 2022 at 5:37:15 PM UTC-4 tdub...@gmail.com
> wrote:
>
>> tried this way and got same error
>>
>> - name: Setup authkeys for user rke
>>   authorized_key:
>> user: '{{ username }}'
>> state: present
>> key: "{{ lookup(‘file’, '/home/{{ username }}/.ssh/id_rsa.pub')
>> }}"
>>
>>
>>
>> On Wed, Jul 20, 2022 at 2:12 PM Tony Wong  wrote:
>>
>>> can i use jinja like this?
>>>
>>> - name: Setup authkeys for user rke
>>>   authorized_key:
>>> user: rke
>>> state: present
>>> key: “{{ lookup(‘file’, ‘{{ authorized_key }}’) }}”
>>>
>>>
>>>
>>> keep getting error
>>>
>>>
>>> Setup authkeys for user rke]
>>> ***
>>> fatal: [k8master]: FAILED! => {"msg": "template error while
>>> templating string: unexpected char '‘' at 11. String: “{{ lookup(‘file’,
>>> ‘{{ authorized_key }}’) }}”"}
>>> fatal: [k8node02]: FAILED! => {"msg": "template error while
>>> templating string: unexpected char '‘' at 11. String: “{{ lookup(‘file’,
>>> ‘{{ authorized_key }}’) }}”"}
>>> fatal: [k8node01]: FAILED! => {"msg": "template error while
>>> templating string: unexpected char '‘' at 11. String: “{{ lookup(‘file’,
>>> ‘{{ authorized_key }}’) }}”"}
>>>
>>>
>>>
>>> On Wed, Jul 20, 2022 at 10:31 AM boncalo mihai 
>>> wrote:
>>>
 Just did that, you use authorized_key module

 On Wed, Jul 20, 2022 at 4:24 PM Tony Wong 
 wrote:

> how do I lookup id_rsa.pub on a host and then run ansible playbook
> to copy it to their authorized_key file?
>
>
> --
> You received this message because you are subscribed to the Google
> Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it,
> send an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/2994746b-812f-4038-ad58-27d5b0c47been%40googlegroups.com
> 
> .
>
 --
 You received this message because you are subscribed to a topic in
 the Google Groups "Ansible Project" group.
 To unsubscribe from this topic, visit
 https://groups.google.com/d/to

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[David Logan]

I didn't see the main.yml file and can't comment on your setup. Yes, root
should have access however I'm not sure become would carry over all tasks.
I thought it was task specific unless you set it in your group vars

https://docs.ansible.com/ansible/latest/user_guide/become.html

On Thu, 21 Jul 2022 at 07:54, Tony Wong  wrote:

> But I used become: in my main.yml
>
> Would that have root access?
>
> On Wed, Jul 20, 2022 at 3:13 PM David Logan  wrote:
>
>> Usually the .ssh/authorized_key file has fairly specific permissions (rw
>> user only) as does the .ssh directory. It may well be the ansible user
>> cannot see the files in the .ssh directory as it may not have the correct
>> permissions.
>>
>> On Thu, 21 Jul 2022 at 07:37, Tony Wong  wrote:
>>
>>> now different error
>>>
>>> TASK [rancherpocreplay : Setup authkeys for user rke]
>>> **
>>> [WARNING]: Unable to find '/home/rke/.ssh/id_rsa.pub' in expected paths
>>> (use -v to see paths)
>>> fatal: [k8master]: FAILED! => {"msg": "An unhandled exception occurred
>>> while running the lookup plugin 'file'. Error was a >> 'ansible.errors.AnsibleError'>, original message: could not locate file in
>>> lookup: /home/rke/.ssh/id_rsa.pub"}
>>> [WARNING]: Unable to find '/home/rke/.ssh/id_rsa.pub' in expected paths
>>> (use -v to see paths)
>>> fatal: [k8node01]: FAILED! => {"msg": "An unhandled exception occurred
>>> while running the lookup plugin 'file'. Error was a >> 'ansible.errors.AnsibleError'>, original message: could not locate file in
>>> lookup: /home/rke/.ssh/id_rsa.pub"}
>>> [WARNING]: Unable to find '/home/rke/.ssh/id_rsa.pub' in expected paths
>>> (use -v to see paths)
>>> fatal: [k8node02]: FAILED! => {"msg": "An unhandled exception occurred
>>> while running the lookup plugin 'file'. Error was a >> 'ansible.errors.AnsibleError'>, original message: could not locate file in
>>> lookup: /home/rke/.ssh/id_rsa.pub"}
>>>
>>> but /home/rke/.ssh/id_rsa.pub is there on the ansible host
>>>
>>> On Wed, Jul 20, 2022 at 2:50 PM Todd Lewis  wrote:
>>>
 Mustaches never nest.

 key: "{{ lookup('file', '/home/' ~ username ~ '/.ssh/id_rsa.pub') }}"

 On Wednesday, July 20, 2022 at 5:37:15 PM UTC-4 tdub...@gmail.com
 wrote:

> tried this way and got same error
>
> - name: Setup authkeys for user rke
>   authorized_key:
> user: '{{ username }}'
> state: present
> key: "{{ lookup(‘file’, '/home/{{ username }}/.ssh/id_rsa.pub') }}"
>
>
>
> On Wed, Jul 20, 2022 at 2:12 PM Tony Wong  wrote:
>
>> can i use jinja like this?
>>
>> - name: Setup authkeys for user rke
>>   authorized_key:
>> user: rke
>> state: present
>> key: “{{ lookup(‘file’, ‘{{ authorized_key }}’) }}”
>>
>>
>>
>> keep getting error
>>
>>
>> Setup authkeys for user rke]
>> ***
>> fatal: [k8master]: FAILED! => {"msg": "template error while
>> templating string: unexpected char '‘' at 11. String: “{{ lookup(‘file’,
>> ‘{{ authorized_key }}’) }}”"}
>> fatal: [k8node02]: FAILED! => {"msg": "template error while
>> templating string: unexpected char '‘' at 11. String: “{{ lookup(‘file’,
>> ‘{{ authorized_key }}’) }}”"}
>> fatal: [k8node01]: FAILED! => {"msg": "template error while
>> templating string: unexpected char '‘' at 11. String: “{{ lookup(‘file’,
>> ‘{{ authorized_key }}’) }}”"}
>>
>>
>>
>> On Wed, Jul 20, 2022 at 10:31 AM boncalo mihai 
>> wrote:
>>
>>> Just did that, you use authorized_key module
>>>
>>> On Wed, Jul 20, 2022 at 4:24 PM Tony Wong  wrote:
>>>
 how do I lookup id_rsa.pub on a host and then run ansible playbook
 to copy it to their authorized_key file?


 --
 You received this message because you are subscribed to the Google
 Groups "Ansible Project" group.
 To unsubscribe from this group and stop receiving emails from it,
 send an email to ansible-proje...@googlegroups.com.
 To view this discussion on the web visit
 https://groups.google.com/d/msgid/ansible-project/2994746b-812f-4038-ad58-27d5b0c47been%40googlegroups.com
 
 .

>>> --
>>> You received this message because you are subscribed to a topic in
>>> the Google Groups "Ansible Project" group.
>>> To unsubscribe from this topic, visit
>>> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe
>>> .
>>> To unsubscribe from this group and all its topics, send an email to
>>> ansible-proje...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msg

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Todd Lewis]

It would have root access — on the target machine, but not on the Ansible 
controller.

On Wednesday, July 20, 2022 at 6:24:24 PM UTC-4 tdub...@gmail.com wrote:

> But I used become: in my main.yml
>
> Would that have root access?
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/420506bd-39ce-4cc5-b6c5-58a65b3a3e3bn%40googlegroups.com.

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Tony Wong]

But I used become: in my main.yml

Would that have root access?

On Wed, Jul 20, 2022 at 3:13 PM David Logan  wrote:

> Usually the .ssh/authorized_key file has fairly specific permissions (rw
> user only) as does the .ssh directory. It may well be the ansible user
> cannot see the files in the .ssh directory as it may not have the correct
> permissions.
>
> On Thu, 21 Jul 2022 at 07:37, Tony Wong  wrote:
>
>> now different error
>>
>> TASK [rancherpocreplay : Setup authkeys for user rke]
>> **
>> [WARNING]: Unable to find '/home/rke/.ssh/id_rsa.pub' in expected paths
>> (use -v to see paths)
>> fatal: [k8master]: FAILED! => {"msg": "An unhandled exception occurred
>> while running the lookup plugin 'file'. Error was a > 'ansible.errors.AnsibleError'>, original message: could not locate file in
>> lookup: /home/rke/.ssh/id_rsa.pub"}
>> [WARNING]: Unable to find '/home/rke/.ssh/id_rsa.pub' in expected paths
>> (use -v to see paths)
>> fatal: [k8node01]: FAILED! => {"msg": "An unhandled exception occurred
>> while running the lookup plugin 'file'. Error was a > 'ansible.errors.AnsibleError'>, original message: could not locate file in
>> lookup: /home/rke/.ssh/id_rsa.pub"}
>> [WARNING]: Unable to find '/home/rke/.ssh/id_rsa.pub' in expected paths
>> (use -v to see paths)
>> fatal: [k8node02]: FAILED! => {"msg": "An unhandled exception occurred
>> while running the lookup plugin 'file'. Error was a > 'ansible.errors.AnsibleError'>, original message: could not locate file in
>> lookup: /home/rke/.ssh/id_rsa.pub"}
>>
>> but /home/rke/.ssh/id_rsa.pub is there on the ansible host
>>
>> On Wed, Jul 20, 2022 at 2:50 PM Todd Lewis  wrote:
>>
>>> Mustaches never nest.
>>>
>>> key: "{{ lookup('file', '/home/' ~ username ~ '/.ssh/id_rsa.pub') }}"
>>>
>>> On Wednesday, July 20, 2022 at 5:37:15 PM UTC-4 tdub...@gmail.com wrote:
>>>
 tried this way and got same error

 - name: Setup authkeys for user rke
   authorized_key:
 user: '{{ username }}'
 state: present
 key: "{{ lookup(‘file’, '/home/{{ username }}/.ssh/id_rsa.pub') }}"



 On Wed, Jul 20, 2022 at 2:12 PM Tony Wong  wrote:

> can i use jinja like this?
>
> - name: Setup authkeys for user rke
>   authorized_key:
> user: rke
> state: present
> key: “{{ lookup(‘file’, ‘{{ authorized_key }}’) }}”
>
>
>
> keep getting error
>
>
> Setup authkeys for user rke]
> ***
> fatal: [k8master]: FAILED! => {"msg": "template error while templating
> string: unexpected char '‘' at 11. String: “{{ lookup(‘file’, ‘{{
> authorized_key }}’) }}”"}
> fatal: [k8node02]: FAILED! => {"msg": "template error while templating
> string: unexpected char '‘' at 11. String: “{{ lookup(‘file’, ‘{{
> authorized_key }}’) }}”"}
> fatal: [k8node01]: FAILED! => {"msg": "template error while templating
> string: unexpected char '‘' at 11. String: “{{ lookup(‘file’, ‘{{
> authorized_key }}’) }}”"}
>
>
>
> On Wed, Jul 20, 2022 at 10:31 AM boncalo mihai 
> wrote:
>
>> Just did that, you use authorized_key module
>>
>> On Wed, Jul 20, 2022 at 4:24 PM Tony Wong  wrote:
>>
>>> how do I lookup id_rsa.pub on a host and then run ansible playbook
>>> to copy it to their authorized_key file?
>>>
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it,
>>> send an email to ansible-proje...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/2994746b-812f-4038-ad58-27d5b0c47been%40googlegroups.com
>>> 
>>> .
>>>
>> --
>> You received this message because you are subscribed to a topic in
>> the Google Groups "Ansible Project" group.
>> To unsubscribe from this topic, visit
>> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe
>> .
>> To unsubscribe from this group and all its topics, send an email to
>> ansible-proje...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAOK917Sv42GhE_GR3yo5vxSrYjB9bs-8bHsn9%2BA-4O5tcLNaDA%40mail.gmail.com
>> 
>> .
>>
> --
>>> You received this message because you are subscribed to a topic in the
>>> Google Groups "Ansible Project" group.
>>> To unsubscribe from this topic, visit
>>> https://gro

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[David Logan]

Usually the .ssh/authorized_key file has fairly specific permissions (rw
user only) as does the .ssh directory. It may well be the ansible user
cannot see the files in the .ssh directory as it may not have the correct
permissions.

On Thu, 21 Jul 2022 at 07:37, Tony Wong  wrote:

> now different error
>
> TASK [rancherpocreplay : Setup authkeys for user rke]
> **
> [WARNING]: Unable to find '/home/rke/.ssh/id_rsa.pub' in expected paths
> (use -v to see paths)
> fatal: [k8master]: FAILED! => {"msg": "An unhandled exception occurred
> while running the lookup plugin 'file'. Error was a  'ansible.errors.AnsibleError'>, original message: could not locate file in
> lookup: /home/rke/.ssh/id_rsa.pub"}
> [WARNING]: Unable to find '/home/rke/.ssh/id_rsa.pub' in expected paths
> (use -v to see paths)
> fatal: [k8node01]: FAILED! => {"msg": "An unhandled exception occurred
> while running the lookup plugin 'file'. Error was a  'ansible.errors.AnsibleError'>, original message: could not locate file in
> lookup: /home/rke/.ssh/id_rsa.pub"}
> [WARNING]: Unable to find '/home/rke/.ssh/id_rsa.pub' in expected paths
> (use -v to see paths)
> fatal: [k8node02]: FAILED! => {"msg": "An unhandled exception occurred
> while running the lookup plugin 'file'. Error was a  'ansible.errors.AnsibleError'>, original message: could not locate file in
> lookup: /home/rke/.ssh/id_rsa.pub"}
>
> but /home/rke/.ssh/id_rsa.pub is there on the ansible host
>
> On Wed, Jul 20, 2022 at 2:50 PM Todd Lewis  wrote:
>
>> Mustaches never nest.
>>
>> key: "{{ lookup('file', '/home/' ~ username ~ '/.ssh/id_rsa.pub') }}"
>>
>> On Wednesday, July 20, 2022 at 5:37:15 PM UTC-4 tdub...@gmail.com wrote:
>>
>>> tried this way and got same error
>>>
>>> - name: Setup authkeys for user rke
>>>   authorized_key:
>>> user: '{{ username }}'
>>> state: present
>>> key: "{{ lookup(‘file’, '/home/{{ username }}/.ssh/id_rsa.pub') }}"
>>>
>>>
>>>
>>> On Wed, Jul 20, 2022 at 2:12 PM Tony Wong  wrote:
>>>
 can i use jinja like this?

 - name: Setup authkeys for user rke
   authorized_key:
 user: rke
 state: present
 key: “{{ lookup(‘file’, ‘{{ authorized_key }}’) }}”



 keep getting error


 Setup authkeys for user rke] ***
 fatal: [k8master]: FAILED! => {"msg": "template error while templating
 string: unexpected char '‘' at 11. String: “{{ lookup(‘file’, ‘{{
 authorized_key }}’) }}”"}
 fatal: [k8node02]: FAILED! => {"msg": "template error while templating
 string: unexpected char '‘' at 11. String: “{{ lookup(‘file’, ‘{{
 authorized_key }}’) }}”"}
 fatal: [k8node01]: FAILED! => {"msg": "template error while templating
 string: unexpected char '‘' at 11. String: “{{ lookup(‘file’, ‘{{
 authorized_key }}’) }}”"}



 On Wed, Jul 20, 2022 at 10:31 AM boncalo mihai 
 wrote:

> Just did that, you use authorized_key module
>
> On Wed, Jul 20, 2022 at 4:24 PM Tony Wong  wrote:
>
>> how do I lookup id_rsa.pub on a host and then run ansible playbook to
>> copy it to their authorized_key file?
>>
>>
>> --
>> You received this message because you are subscribed to the Google
>> Groups "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it,
>> send an email to ansible-proje...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/2994746b-812f-4038-ad58-27d5b0c47been%40googlegroups.com
>> 
>> .
>>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe
> .
> To unsubscribe from this group and all its topics, send an email to
> ansible-proje...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAOK917Sv42GhE_GR3yo5vxSrYjB9bs-8bHsn9%2BA-4O5tcLNaDA%40mail.gmail.com
> 
> .
>
 --
>> You received this message because you are subscribed to a topic in the
>> Google Groups "Ansible Project" group.
>> To unsubscribe from this topic, visit
>> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe
>> .
>> To unsubscribe from this group and all its topics, send an email to
>> ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://gro

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Tony Wong]

now different error

TASK [rancherpocreplay : Setup authkeys for user rke]
**
[WARNING]: Unable to find '/home/rke/.ssh/id_rsa.pub' in expected paths
(use -v to see paths)
fatal: [k8master]: FAILED! => {"msg": "An unhandled exception occurred
while running the lookup plugin 'file'. Error was a , original message: could not locate file in
lookup: /home/rke/.ssh/id_rsa.pub"}
[WARNING]: Unable to find '/home/rke/.ssh/id_rsa.pub' in expected paths
(use -v to see paths)
fatal: [k8node01]: FAILED! => {"msg": "An unhandled exception occurred
while running the lookup plugin 'file'. Error was a , original message: could not locate file in
lookup: /home/rke/.ssh/id_rsa.pub"}
[WARNING]: Unable to find '/home/rke/.ssh/id_rsa.pub' in expected paths
(use -v to see paths)
fatal: [k8node02]: FAILED! => {"msg": "An unhandled exception occurred
while running the lookup plugin 'file'. Error was a , original message: could not locate file in
lookup: /home/rke/.ssh/id_rsa.pub"}

but /home/rke/.ssh/id_rsa.pub is there on the ansible host

On Wed, Jul 20, 2022 at 2:50 PM Todd Lewis  wrote:

> Mustaches never nest.
>
> key: "{{ lookup('file', '/home/' ~ username ~ '/.ssh/id_rsa.pub') }}"
>
> On Wednesday, July 20, 2022 at 5:37:15 PM UTC-4 tdub...@gmail.com wrote:
>
>> tried this way and got same error
>>
>> - name: Setup authkeys for user rke
>>   authorized_key:
>> user: '{{ username }}'
>> state: present
>> key: "{{ lookup(‘file’, '/home/{{ username }}/.ssh/id_rsa.pub') }}"
>>
>>
>>
>> On Wed, Jul 20, 2022 at 2:12 PM Tony Wong  wrote:
>>
>>> can i use jinja like this?
>>>
>>> - name: Setup authkeys for user rke
>>>   authorized_key:
>>> user: rke
>>> state: present
>>> key: “{{ lookup(‘file’, ‘{{ authorized_key }}’) }}”
>>>
>>>
>>>
>>> keep getting error
>>>
>>>
>>> Setup authkeys for user rke] ***
>>> fatal: [k8master]: FAILED! => {"msg": "template error while templating
>>> string: unexpected char '‘' at 11. String: “{{ lookup(‘file’, ‘{{
>>> authorized_key }}’) }}”"}
>>> fatal: [k8node02]: FAILED! => {"msg": "template error while templating
>>> string: unexpected char '‘' at 11. String: “{{ lookup(‘file’, ‘{{
>>> authorized_key }}’) }}”"}
>>> fatal: [k8node01]: FAILED! => {"msg": "template error while templating
>>> string: unexpected char '‘' at 11. String: “{{ lookup(‘file’, ‘{{
>>> authorized_key }}’) }}”"}
>>>
>>>
>>>
>>> On Wed, Jul 20, 2022 at 10:31 AM boncalo mihai 
>>> wrote:
>>>
 Just did that, you use authorized_key module

 On Wed, Jul 20, 2022 at 4:24 PM Tony Wong  wrote:

> how do I lookup id_rsa.pub on a host and then run ansible playbook to
> copy it to their authorized_key file?
>
>
> --
> You received this message because you are subscribed to the Google
> Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/2994746b-812f-4038-ad58-27d5b0c47been%40googlegroups.com
> 
> .
>
 --
 You received this message because you are subscribed to a topic in the
 Google Groups "Ansible Project" group.
 To unsubscribe from this topic, visit
 https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe
 .
 To unsubscribe from this group and all its topics, send an email to
 ansible-proje...@googlegroups.com.
 To view this discussion on the web visit
 https://groups.google.com/d/msgid/ansible-project/CAOK917Sv42GhE_GR3yo5vxSrYjB9bs-8bHsn9%2BA-4O5tcLNaDA%40mail.gmail.com
 
 .

>>> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/ae4c2b44-f45e-4be7-b196-1c6b17903aaen%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Todd Lewis]

Mustaches never nest.

key: "{{ lookup('file', '/home/' ~ username ~ '/.ssh/id_rsa.pub') }}"

On Wednesday, July 20, 2022 at 5:37:15 PM UTC-4 tdub...@gmail.com wrote:

> tried this way and got same error
>
> - name: Setup authkeys for user rke
>   authorized_key:
> user: '{{ username }}'
> state: present
> key: "{{ lookup(‘file’, '/home/{{ username }}/.ssh/id_rsa.pub') }}"
>
>
>
> On Wed, Jul 20, 2022 at 2:12 PM Tony Wong  wrote:
>
>> can i use jinja like this?
>>
>> - name: Setup authkeys for user rke
>>   authorized_key:
>> user: rke
>> state: present
>> key: “{{ lookup(‘file’, ‘{{ authorized_key }}’) }}”
>>
>>
>>
>> keep getting error 
>>
>>
>> Setup authkeys for user rke] ***
>> fatal: [k8master]: FAILED! => {"msg": "template error while templating 
>> string: unexpected char '‘' at 11. String: “{{ lookup(‘file’, ‘{{ 
>> authorized_key }}’) }}”"}
>> fatal: [k8node02]: FAILED! => {"msg": "template error while templating 
>> string: unexpected char '‘' at 11. String: “{{ lookup(‘file’, ‘{{ 
>> authorized_key }}’) }}”"}
>> fatal: [k8node01]: FAILED! => {"msg": "template error while templating 
>> string: unexpected char '‘' at 11. String: “{{ lookup(‘file’, ‘{{ 
>> authorized_key }}’) }}”"}
>>
>>
>>
>> On Wed, Jul 20, 2022 at 10:31 AM boncalo mihai  wrote:
>>
>>> Just did that, you use authorized_key module 
>>>
>>> On Wed, Jul 20, 2022 at 4:24 PM Tony Wong  wrote:
>>>
 how do I lookup id_rsa.pub on a host and then run ansible playbook to 
 copy it to their authorized_key file?


 -- 
 You received this message because you are subscribed to the Google 
 Groups "Ansible Project" group.
 To unsubscribe from this group and stop receiving emails from it, send 
 an email to ansible-proje...@googlegroups.com.
 To view this discussion on the web visit 
 https://groups.google.com/d/msgid/ansible-project/2994746b-812f-4038-ad58-27d5b0c47been%40googlegroups.com
  
 
 .

>>> -- 
>>> You received this message because you are subscribed to a topic in the 
>>> Google Groups "Ansible Project" group.
>>> To unsubscribe from this topic, visit 
>>> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe
>>> .
>>> To unsubscribe from this group and all its topics, send an email to 
>>> ansible-proje...@googlegroups.com.
>>> To view this discussion on the web visit 
>>> https://groups.google.com/d/msgid/ansible-project/CAOK917Sv42GhE_GR3yo5vxSrYjB9bs-8bHsn9%2BA-4O5tcLNaDA%40mail.gmail.com
>>>  
>>> 
>>> .
>>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/ae4c2b44-f45e-4be7-b196-1c6b17903aaen%40googlegroups.com.

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Tony Wong]

tried this way and got same error

- name: Setup authkeys for user rke
  authorized_key:
user: '{{ username }}'
state: present
key: "{{ lookup(‘file’, '/home/{{ username }}/.ssh/id_rsa.pub') }}"



On Wed, Jul 20, 2022 at 2:12 PM Tony Wong  wrote:

> can i use jinja like this?
>
> - name: Setup authkeys for user rke
>   authorized_key:
> user: rke
> state: present
> key: “{{ lookup(‘file’, ‘{{ authorized_key }}’) }}”
>
>
>
> keep getting error
>
>
> Setup authkeys for user rke] ***
> fatal: [k8master]: FAILED! => {"msg": "template error while templating
> string: unexpected char '‘' at 11. String: “{{ lookup(‘file’, ‘{{
> authorized_key }}’) }}”"}
> fatal: [k8node02]: FAILED! => {"msg": "template error while templating
> string: unexpected char '‘' at 11. String: “{{ lookup(‘file’, ‘{{
> authorized_key }}’) }}”"}
> fatal: [k8node01]: FAILED! => {"msg": "template error while templating
> string: unexpected char '‘' at 11. String: “{{ lookup(‘file’, ‘{{
> authorized_key }}’) }}”"}
>
>
>
> On Wed, Jul 20, 2022 at 10:31 AM boncalo mihai  wrote:
>
>> Just did that, you use authorized_key module
>>
>> On Wed, Jul 20, 2022 at 4:24 PM Tony Wong  wrote:
>>
>>> how do I lookup id_rsa.pub on a host and then run ansible playbook to
>>> copy it to their authorized_key file?
>>>
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-project+unsubscr...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/2994746b-812f-4038-ad58-27d5b0c47been%40googlegroups.com
>>> 
>>> .
>>>
>> --
>> You received this message because you are subscribed to a topic in the
>> Google Groups "Ansible Project" group.
>> To unsubscribe from this topic, visit
>> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe
>> .
>> To unsubscribe from this group and all its topics, send an email to
>> ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAOK917Sv42GhE_GR3yo5vxSrYjB9bs-8bHsn9%2BA-4O5tcLNaDA%40mail.gmail.com
>> 
>> .
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CALmkhkpW-8t71j%3DQ%2BWjMS60oyP%3D%3Dm%3DpR9b_%3Dx4pNekr2T86xew%40mail.gmail.com.

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Tony Wong]

can i use jinja like this?

- name: Setup authkeys for user rke
  authorized_key:
user: rke
state: present
key: “{{ lookup(‘file’, ‘{{ authorized_key }}’) }}”



keep getting error


Setup authkeys for user rke] ***
fatal: [k8master]: FAILED! => {"msg": "template error while templating
string: unexpected char '‘' at 11. String: “{{ lookup(‘file’, ‘{{
authorized_key }}’) }}”"}
fatal: [k8node02]: FAILED! => {"msg": "template error while templating
string: unexpected char '‘' at 11. String: “{{ lookup(‘file’, ‘{{
authorized_key }}’) }}”"}
fatal: [k8node01]: FAILED! => {"msg": "template error while templating
string: unexpected char '‘' at 11. String: “{{ lookup(‘file’, ‘{{
authorized_key }}’) }}”"}



On Wed, Jul 20, 2022 at 10:31 AM boncalo mihai  wrote:

> Just did that, you use authorized_key module
>
> On Wed, Jul 20, 2022 at 4:24 PM Tony Wong  wrote:
>
>> how do I lookup id_rsa.pub on a host and then run ansible playbook to
>> copy it to their authorized_key file?
>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/2994746b-812f-4038-ad58-27d5b0c47been%40googlegroups.com
>> 
>> .
>>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAOK917Sv42GhE_GR3yo5vxSrYjB9bs-8bHsn9%2BA-4O5tcLNaDA%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CALmkhkpe%2BMGNdAABrmCGGyVYhyiYZmgM8zR_R6Gn2iVGsHA8xA%40mail.gmail.com.

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[boncalo mihai]

Just did that, you use authorized_key module

On Wed, Jul 20, 2022 at 4:24 PM Tony Wong  wrote:

> how do I lookup id_rsa.pub on a host and then run ansible playbook to copy
> it to their authorized_key file?
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/2994746b-812f-4038-ad58-27d5b0c47been%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAOK917Sv42GhE_GR3yo5vxSrYjB9bs-8bHsn9%2BA-4O5tcLNaDA%40mail.gmail.com.

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Dick Visser]

1. 
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/file_lookup.html
2. 
https://docs.ansible.com/ansible/latest/collections/ansible/posix/authorized_key_module.html

On Wed, 20 Jul 2022 at 15:24, Tony Wong  wrote:
>
> how do I lookup id_rsa.pub on a host and then run ansible playbook to copy it 
> to their authorized_key file?
>
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/2994746b-812f-4038-ad58-27d5b0c47been%40googlegroups.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAF8BbLa4mk8Ukdg7EgCfMvBkfwwdbPbehFaafLS6ytc%2Btz_0zA%40mail.gmail.com.

[ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[Tony Wong]

how do I lookup id_rsa.pub on a host and then run ansible playbook to copy 
it to their authorized_key file?


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/2994746b-812f-4038-ad58-27d5b0c47been%40googlegroups.com.