|Lilian Roller 07b286acf1 test parameter for logs||4 days ago|
|.github||3 weeks ago|
|defaults||4 days ago|
|tasks||4 days ago|
|templates||4 months ago|
|vars||4 days ago|
|LICENSE||5 months ago|
|README.md||4 days ago|
Ansible Rolle to manage and deploy ssh keys of admin and non-admin users
It is highly recomended to use this role together with a role to manage users and to manage the sshd configuration.
The following roles are tested in combination and work well - at least for the user DO1JLR:
Protipp: Deploy the manage_users role *before* deploying the ssh keys. If the user does not exist it is hard to add a ssh key for him!
A list of
ssh keys allowed to log in as
A list of usernames that will be created on this host, if they don’t exisit
A dict of user names mapping to lists of
allowed to log in to the given user account.
A directory path where the public key files can be found by ansible.
For aditional variables please have a look into
This role assumes that the public parts of all required
can be found within the directory
ssh_public_key_store. The file
names must follow the convention:
username_idalg.pub are are matched
Alice and Bob may log in and are allowed to become
root with the
sudo command on this host:
admins: - alice - bob
Alice, Bob and Eve may log in to ther own user accounts via ssh:
users: alice: - alice eve: - eve@device1 - eve@device2
Eve can do so with two different
ssh keys. Alice only with his only SSH Key.
files/ssh_public_keys/ contains the following files:
alice_id25519.pub bob_id25519.pub eve@device1_id25519.pub eve@device2_id25519.pub
Alice, Bob and Eve want to be users on this host:
accounts: - alice - bob - eve
ssh-keygen -t ed25519