Adding option for secondary user to receive public keys
This commit is contained in:
parent
1cfe858e74
commit
c1656f82ec
3 changed files with 15 additions and 0 deletions
|
@ -29,6 +29,7 @@ If the "base_core_hostname" variable is defined, it is recommended to set the an
|
||||||
| base_core_root_ca_url | "" | | URL of a Root CA to install |
|
| base_core_root_ca_url | "" | | URL of a Root CA to install |
|
||||||
| base_core_ssh_permit_password_authentication | False | True, False | Permits the use of passwords for ssh |
|
| base_core_ssh_permit_password_authentication | False | True, False | Permits the use of passwords for ssh |
|
||||||
| base_core_ssh_permit_root_login | False | True, False | Permits the use of root logins for ssh |
|
| base_core_ssh_permit_root_login | False | True, False | Permits the use of root logins for ssh |
|
||||||
|
| base_core_ssh_public_keys_user | "" | | Added the public keys to an additional user if defined |
|
||||||
| base_core_timezone | America/Boise | | Defines the timezone to apply to the client |
|
| base_core_timezone | America/Boise | | Defines the timezone to apply to the client |
|
||||||
| base_core_web_management | False | True, False | Enables installation of the Cockpit web management package(s) |
|
| base_core_web_management | False | True, False | Enables installation of the Cockpit web management package(s) |
|
||||||
|
|
||||||
|
|
|
@ -53,6 +53,9 @@ base_core_root_ca_url: ""
|
||||||
# SSH
|
# SSH
|
||||||
# ===
|
# ===
|
||||||
|
|
||||||
|
# Added the public keys to an additional user if defined
|
||||||
|
base_core_ssh_public_keys_user: ""
|
||||||
|
|
||||||
# Allow ssh root login
|
# Allow ssh root login
|
||||||
base_core_ssh_permit_root_login: false
|
base_core_ssh_permit_root_login: false
|
||||||
|
|
||||||
|
|
|
@ -28,6 +28,17 @@
|
||||||
tags:
|
tags:
|
||||||
- authorized_key
|
- authorized_key
|
||||||
|
|
||||||
|
- name: Setup authorized keys for secondary user
|
||||||
|
authorized_key:
|
||||||
|
user: "{{ base_core_ssh_public_keys_user }}"
|
||||||
|
state: present
|
||||||
|
key: '{{ lookup("file", item) }}'
|
||||||
|
with_fileglob:
|
||||||
|
- "public_keys/*"
|
||||||
|
when: base_core_ssh_public_keys_user != ""
|
||||||
|
tags:
|
||||||
|
- authorized_key
|
||||||
|
|
||||||
- name: Configure SSH root login
|
- name: Configure SSH root login
|
||||||
lineinfile:
|
lineinfile:
|
||||||
path: /etc/ssh/sshd_config
|
path: /etc/ssh/sshd_config
|
||||||
|
|
Loading…
Reference in a new issue