Switching user management solution

2025-02-02 20:37:05 -07:00 · 2025-02-02 20:37:05 -07:00 · c83cad2e88
commit c83cad2e88
parent 82dffd5b1d
17 changed files with 51 additions and 80 deletions
--- a/README.md
+++ b/README.md
@ -10,30 +10,6 @@ If the "base_core_hostname" variable is defined, it is recommended to set the an
 | ----------------------- | ------------------------------------------------------------- |
 | ansible_ssh_common_args | '-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' |
 ## Role Variables
 ### Core Variables
 |                   Variable                   |    Default    |   Choices   |                                    Comments                                     |
 | -------------------------------------------- | ------------- | ----------- | ------------------------------------------------------------------------------- |
 | base_core_cert_common_name                   | nodename      |             | Common name for created self-signed cert                                        |
 | base_core_firewall_configure                 | True          | True, False | Allows the firewall to be configured                                            |
 | base_core_hostname                           | ""            |             | Defines the computer hostname                                                   |
 | base_core_install_updates                    | True          | True, False | Install all available updates for the distro at runtime                         |
 | base_core_management_user                    | ansible_user  |             | Defines the account that ansible will use for management in the future          |
 | base_core_management_user_disable_password   | False         | True, False | When enabled the password for the management user account will be disabled      |
 | base_core_motd_banner                        | ""            |             | Banner to be added to MOTD if desired                                           |
 | base_core_motd_configure                     | True          | True, False | Allows the MOTD to be configured                                                |
 | base_core_root_ca_basename                   | ""            |             | Basename of the cert for local system reference                                 |
 | base_core_root_ca_convert                    | False         | True, False | Converts the defined certificate from DER to PEM type                           |
 | base_core_root_ca_url                        | ""            |             | URL of a Root CA to install                                                     |
 | base_core_secondary_user                     | ""            |             | Defines a secondary account that ansible configure for management in the future |
 | base_core_secondary_user_disable_password    | False         | True, False | When enabled the password for the secondary user account will be disabled       |
 | base_core_ssh_permit_password_authentication | False         | True, False | Permits the use of passwords for ssh                                            |
 | base_core_ssh_permit_root_login              | False         | True, False | Permits the use of root logins for ssh                                          |
 | base_core_timezone                           | America/Boise |             | Defines the timezone to apply to the client                                     |
 | base_core_web_management                     | False         | True, False | Enables installation of the Cockpit web management package(s)                   |
 ## Example
 Execute playbook with needed variables
--- a/roles/base/defaults/main.yml
+++ b/roles/base/defaults/main.yml
@ -8,17 +8,13 @@
 # General
 # =======
-# User that should be configured for future management
+# Users that should be configured for future management
-base_core_management_user: "{{ ansible_user }}"
+base_users: []
-
+#- username: "{{ ansible_user }}"
-# Secondary user that may be configured for future management
+#  password: ""
-base_core_secondary_user: ""
+#  disable_password: false
-
+#  ssh_keys: []
-# If enabled, the password for the management user account will be disabled
+#  ssh_keys_force: false # setting ssh_keys_force to true will overwrite the authorized_keys file to only be the ssh keys provided
 base_core_management_user_disable_password: false
 # If enabled, the password for the secondary user account will be disabled
 base_core_secondary_user_disable_password: false
 # Install all available updates at runtime
 base_core_install_updates: true
--- a/roles/base/public_keys/ansible_awx
+++ b/roles/base/public_keys/ansible_awx
@ -1 +0,0 @@
 ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBACzgUaiXanC7LIMR2JHlNjqHdscstjUQ4ZMJOG9ndZY2Ml81g+KPSUQHsmEAO+24TBVc/EpmeU3iMX4BO6XhUEhRACIAfyxW0zZWBZlO46TWf+oMcH6CQNQHubEpxqGvZd8A0tNxI2npzOEW6b3mKDGd1Z60yBPjNr5KZWVcJePPMwjaw== ansible_awx
--- a/roles/base/public_keys/as-awx-workstation
+++ b/roles/base/public_keys/as-awx-workstation
@ -1 +0,0 @@
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEAccPXNMwyNb4UW2P3MyxRGH2xDrOHKOkW0/2DGuNJq as-awx-workstation
--- a/roles/base/public_keys/thale-bw-curve25519
+++ b/roles/base/public_keys/thale-bw-curve25519
@ -1 +0,0 @@
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJoxKs7UgLr/6zVzZLSbqMUfHtrAtg93qRwEEXFAMqfR thale-bw-curve25519
--- a/roles/base/public_keys/thale-bw-rsa
+++ b/roles/base/public_keys/thale-bw-rsa
@ -1 +0,0 @@
 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCt6oTKMmZBQB9tS4ucEHZsDEZnBvcQiFeqfW31UjSbMRzKMqQwhOxqM6ezBvIJwlbAsR8p6tpGtl7lVOoOpQtUYBN8sPHHIr4hsOgaUhG3J5YeUHkg9u6GJ+QYyve6TXxXQdQozkov4OhCwMqtruMZCKZXxAxu5qzUO5uexz9l6EiMXyonggtiaWFKBtyyRkr7pgUeYjGE+xeNTzhlMWqM6jX10EhHwjbYZ8KXZCm0+eue/b3gNqgfP155S9o+a+6bCECPmYQQy8mkTjVFefiEROS7F7t+ZOgI/KhmebWEHIeGPs5BRKwsu21jHVvfIrZKlb2byItIhyawHesQcOpUhGWfWsXkqZ/4IPqpguxo2zsdyVhkOkuHCztpDUAd6TZawejskgdpgacwWG9kamsXJwSS9+ukv/nQwZVkc8xrGvwS1ftUDj6oWE50PIfGU4GxxiIG3pe1eFiiqAG2GFkc783bo6sXBfHpZQnfNoJnYxhSy2o0STACwQ4poCte0HVipb1RQHGf3jKpyKjtdtaHtZYyu05A6iZ/1gLlousrk3dn/l0f1Bq25cfevwqqpeN/kT/xz8JgIJZgU8i5MFm3KyUBXxhaSGi4xCf5zhIviLV5ysPJgKZiECgVxCDYm6GJP35dDKTCGsmz59it7D9jJUh76JLiq+/pWs6RQyanAQ== thale-bw-rsa
--- a/roles/base/public_keys/thale-desktop-curve25519
+++ b/roles/base/public_keys/thale-desktop-curve25519
@ -1 +0,0 @@
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFXJshwwSz1rf7wJw5trBwBkNdWrLWffAxUlbW1JSkdt thale-desktop-curve25519
--- a/roles/base/public_keys/thale-desktop-rsa
+++ b/roles/base/public_keys/thale-desktop-rsa
@ -1 +0,0 @@
 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDTdOj42XVn1DPRGsUEVyEoMGKG7dn3DbwqMokzj8SrPpD5EirOmPGTGY6ePGu4keKnBpKPGpW7rYw76CD+7g8fg9/I3rBuVcNOexarlMFfDzGhns+DUFq2ruNTyRfdLWUSHNzSV+8u7Z5g23d54gWsgqagPYtK07gg7aPN/QsnEEJnJZUykc3Zy5NUI9+sDhG3gH5JEgJPcnO1Z1Gxm3mkXHyn32Rx7tydNn2Y+zRnga1//6INtf06FuIBjjrENMDThw3x82Knbugt7m2fs6J0Ktk0+LQQmLyAT7+RqCeetjFcsBYXemPs8chxCC6U8QSaUZVH0cDwFWdBFpyLAfy2Ux9ym0D4dyktui3C9ImRtGtor2dzVFR3gWDSd73L8oQ4kHU0mjJSWtQlH7PVNRIZUm2Z9eOXd59HDtE/rLhF2jCGeVEBenogLt69Neeo/0GV7GCxNwL19GUzFjw3pgowuQPXmqVczKS8Na1AUNZI850GM6GxKemR/SxRmEM2vgmm6qbamazOnsMmQfxh35VT+vjCxtx2o3Lr60+mqHNWvcnAF0hP8NH8FIySI7y1ZkPPFy4kUtbPAtPimgCRma2uXXhB6YpSF9oaHLiD1KbcTRrlFZFS4yfSVsNo302PvpoZ4E8bXAUHo8CBwLANSusTL3wnotOeaZ2H/4jX1sl55Q== thale-desktop-rsa
--- a/roles/base/public_keys/thale-laptop-curve25519
+++ b/roles/base/public_keys/thale-laptop-curve25519
@ -1 +0,0 @@
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAVLEQhiLGQa72Byq8MApoyvltFodOF/lCen7TBNsdAc thale-laptop-curve25519
--- a/roles/base/public_keys/thale-laptop-rsa
+++ b/roles/base/public_keys/thale-laptop-rsa
@ -1 +0,0 @@
 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCQArz4zOe9fGbIfvCdkMFr3W34r1dJFWcpgojGUGVRrlKkFPqvSvtEJEZHtha5EO4TVeoQRE+HiRs582eV9XROYaZTHGVvmzXVOH/l8nCZwEfMsmfRMa0xEd8Uk+7OCWWd0T9e6HrTMve46V2h1iuYs1OZTNV3N0yupCadX1pR6mFqa2wy9MqZlBXa5+3c4HYVe0s3ZomKhg4384oCQ7Vhke4wxxYopgUP1kMJSNtuQ9tS695Z26QnSAtvaO6caO/RUN2bpeWU+utAu2I54p536il8webo/nTugh3PM769ZXLp6zBf9BsNNC5fSMpjA7O2coX9muphQSWRf9QmD+wY/0ymbIb1n/dTnLtwm0tzmBToCABfJF6lyczgL679D750PHnEbwFmjjyGDI1zCZNSqajPJ7tbTW+dRe20TV55DqshOqM2AnlyIn+7RrG84/ovuKdNXOKzuNnnEvhmy048gEWHi3RQP6kzSZevhhECRYhY6rabx8kQyvYx3AoQGFWY9yAvkMi95x7OyhT8aaGdhgydbAEVjJJEA+iiG8sXkDBslJ9/GE0fBKdgW9SR1XwT/IPUUiS/nf5w9SqQeCoWCdOIY4r54h8UBGPG3kWndMIoWS0ptSxBixFu3kkE44H8c6wjo7uHMFVNyRaBb80NpZf89lgavnT2cXbKSqKEw== thale-laptop-rsa
--- a/roles/base/public_keys/thale-phone-curve25519
+++ b/roles/base/public_keys/thale-phone-curve25519
@ -1 +0,0 @@
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICgqeosFeqdDoLZ2rRaFrtXlhS3qLC6/1z2lqrtlFk27 thale-phone-curve25519
--- a/roles/base/public_keys/thale-phone-rsa
+++ b/roles/base/public_keys/thale-phone-rsa
@ -1 +0,0 @@
 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDmtVMgc09oGNwExmhUDf5Qf49LVR5x3ynaWqVETnn5SYIvLkY/Uo1OSA/wxR7afn+dnUwEEp4QT1LCO08enINLa/+SFxkceESxuRWcWqUrlZNLsocF2uWDqWAUQUVlB/o3iO8z8v8bHPTt0XjEyfQz1EFzGmRF7iUMEKKnSSyX7yiP7EAsQgs8pb8mvVtQCj+0zDjbfjmiE8pF9P4nNzsSi2rVduXLLDvH9AvNmW/EiIxDyb8LzMxCMdIK/OYugXFRYfExQbWpYEORFRMphRq8MPgCon7kW2DmyIMNBiHXSyapDFy0m3U3+iqy0d1A6bKQxNKKQP2FG91sTCwtcuhYxZ3Ak6Ee3PE1kRKAmVI3FCGcfQUp8Y8wYqMwHHuXnJQGBsqppCCtuQjCiszyburXE5mvps++61PdMtWfgSCrZOTx+yJCaabIzwBCwKuzZUGiZwfkYbSniPRq/j//SEQxOOd3pjWHSnimg+maTrzXOWEt+D4CzYZzS2izBxECPPxgnuaOP14/GIDHOhqJvD0mR6bfidBVpsYGELRbUs9HG2SDFmmNZij3l3dt4b3nW++V5aUypc94PIB3utDgUbhXOLePf9l3p+ShWe0OWw5aEen8ow18F9pVx/Lfru3vr8YUWJp6zqZO09pUWiinC9xEXwwz0olzRfqZ5e4Eec+CjQ== thale-phone-rsa
--- a/roles/base/public_keys/thale-work-curve25519
+++ b/roles/base/public_keys/thale-work-curve25519
@ -1 +0,0 @@
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIACL4TqzQo8qFu5V5LB+PxQG2MHFAGXJrquf2SpuZpzA thale-work-curve25519
--- a/roles/base/public_keys/thale-work-rsa
+++ b/roles/base/public_keys/thale-work-rsa
@ -1 +0,0 @@
 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCVb3OxjvY9QAPUgrxc9X6h1KpCyyefh8SgBSARJZRwKTHL/HkzL05/5iCX0eeDe7cTsvU9O3lKTKKDh+6ZbJTEuiKlp7XPIGuXL6VCNTkz6yMHy0zQhKW/0VnvIZjHt7Y+evh8wa5SHpZz2ka80pohG9zea4ylqMjfWnxAwbNBwen/o/Owss94tQH1aJIpA8BNwPSqTCDqgcVX8w4d9D3ERMrmp1DaZVU6NlFJ5Pk4acZ9piIOI42Dwb9pqAiOVzQceIEG2RRKyAahNB1iRX9q+jHxAnhh1hv/tKs/i3J5gzlN83WVJLNL70RpMyMI2Tp8Gr3mJkU56/RJkN6OHPOIO066I9psTzTBHMFDjUAvl30STPdsHsX1Ejel3KWVbpkzxiFvVbQfI3/f5g008PvGgRX0/x4UOrNSp8hPCxd//GmoAuxFcJqCN9vrJxL9xiG6JWNe7LDokTeQu+F/M8eXj6wcBs9Jnu4Fmpmx5UROmU/T2+manQnySC34a7AnzzXueH/ysA7iteE6abIMnUJ9zmRZZk624MJzerrbFIf1qHrQWZ8fJ3BPZ9UXNJL945suny0aHnHIMJT/ojPfdJDc62rKxYP7WFeDRM5kOjdnOIZpAaBEcWeykWL5gV8pl+7m3EEDHHbUizrthFlOMgdScPMrkm+jGjDsvzEKKEttw== thale-work-rsa
--- a/roles/base/tasks/core.yml
+++ b/roles/base/tasks/core.yml
@ -27,6 +27,17 @@
    pool: '^(Red Hat Enterprise Server|Red Hat Virtualization)$'
  when: ansible_distribution == 'RedHat' and (base_redhat_subscription_org_id != "" and base_redhat_subscription_activationkey != "")
 - name: "*** Users Configuration ***"
  include_tasks:
    file: core_users.yml
    apply:
      tags: users
  loop: "{{ base_users }}"
  loop_control:
    loop_var: user
  tags:
  - users
 - name: "*** MOTD Configuration ***"
  include_tasks: 
    file: core_motd.yml
@ -77,15 +88,3 @@
  when: base_core_web_management == true
  tags:
  - web_management
 - name: Disable password for management account
  user:
    name: "{{ base_core_management_user }}"
    password_lock: yes
  when: base_core_management_user_disable_password == true
 - name: Disable password for secondary management account
  user:
    name: "{{ base_core_secondary_user }}"
    password_lock: yes
  when: base_core_secondary_user != "" and base_core_secondary_user_disable_password == true
--- a/roles/base/tasks/core_ssh.yml
+++ b/roles/base/tasks/core_ssh.yml
@ -18,27 +18,6 @@
  tags:
  - issue
 - name: Setup authorized keys
  authorized_key:
    user: "{{ base_core_management_user }}"
    state: present
    key: '{{ lookup("file", item) }}'
  with_fileglob:
    - "public_keys/*"
  tags:
  - authorized_key
 - name: Setup authorized keys for secondary user
  authorized_key:
    user: "{{ base_core_secondary_user }}"
    state: present
    key: '{{ lookup("file", item) }}'
  with_fileglob:
    - "public_keys/*"
  when: base_core_secondary_user != ""
  tags:
  - authorized_key
 - name: Configure SSH root login
  lineinfile:
    path: /etc/ssh/sshd_config
--- a/roles/base/tasks/core_users.yml
+++ b/roles/base/tasks/core_users.yml
@ -0,0 +1,33 @@
 ---
 # file: roles/base/tasks/core_users.yml
 - name: "{{ user.username }} user setup"
  user:
    name: "{{ user.username }}"
    password_lock: "{{ user.disable_password | default(false) }}"
 - name: "Configure {{ user.username }} password"
  user:
    name: "{{ user.username }}"
    password: "{{ user.password | default('*') }}"
  when: user.password is defined
 - name: "Setup {{ user.username }} authorized keys"
  authorized_key:
    user: "{{ user.username }}"
    state: present
    key: "{{ user.ssh_keys | join('\n') }}"
    exclusive: "{{ user.ssh_keys_force | default('false') }}"
  tags:
  - authorized_key
  when: ( user.ssh_keys is defined ) and ( user.ssh_keys is not url )
 - name: "Setup {{ user.username }} authorized keys from url"
  authorized_key:
    user: "{{ user.username }}"
    state: present
    key: "{{ user.ssh_keys }}"
    exclusive: "{{ user.ssh_keys_force | default('false') }}"
  tags:
  - authorized_key
  when: ( user.ssh_keys is defined ) and ( user.ssh_keys is url )
		`@ -1 +0,0 @@`
			`ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBACzgUaiXanC7LIMR2JHlNjqHdscstjUQ4ZMJOG9ndZY2Ml81g+KPSUQHsmEAO+24TBVc/EpmeU3iMX4BO6XhUEhRACIAfyxW0zZWBZlO46TWf+oMcH6CQNQHubEpxqGvZd8A0tNxI2npzOEW6b3mKDGd1Z60yBPjNr5KZWVcJePPMwjaw== ansible_awx`
		`@ -1 +0,0 @@`
			`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEAccPXNMwyNb4UW2P3MyxRGH2xDrOHKOkW0/2DGuNJq as-awx-workstation`
		`@ -1 +0,0 @@`
			`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJoxKs7UgLr/6zVzZLSbqMUfHtrAtg93qRwEEXFAMqfR thale-bw-curve25519`
		`@ -1 +0,0 @@`
			ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCt6oTKMmZBQB9tS4ucEHZsDEZnBvcQiFeqfW31UjSbMRzKMqQwhOxqM6ezBvIJwlbAsR8p6tpGtl7lVOoOpQtUYBN8sPHHIr4hsOgaUhG3J5YeUHkg9u6GJ+QYyve6TXxXQdQozkov4OhCwMqtruMZCKZXxAxu5qzUO5uexz9l6EiMXyonggtiaWFKBtyyRkr7pgUeYjGE+xeNTzhlMWqM6jX10EhHwjbYZ8KXZCm0+eue/b3gNqgfP155S9o+a+6bCECPmYQQy8mkTjVFefiEROS7F7t+ZOgI/KhmebWEHIeGPs5BRKwsu21jHVvfIrZKlb2byItIhyawHesQcOpUhGWfWsXkqZ/4IPqpguxo2zsdyVhkOkuHCztpDUAd6TZawejskgdpgacwWG9kamsXJwSS9+ukv/nQwZVkc8xrGvwS1ftUDj6oWE50PIfGU4GxxiIG3pe1eFiiqAG2GFkc783bo6sXBfHpZQnfNoJnYxhSy2o0STACwQ4poCte0HVipb1RQHGf3jKpyKjtdtaHtZYyu05A6iZ/1gLlousrk3dn/l0f1Bq25cfevwqqpeN/kT/xz8JgIJZgU8i5MFm3KyUBXxhaSGi4xCf5zhIviLV5ysPJgKZiECgVxCDYm6GJP35dDKTCGsmz59it7D9jJUh76JLiq+/pWs6RQyanAQ== thale-bw-rsa
		`@ -1 +0,0 @@`
			`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFXJshwwSz1rf7wJw5trBwBkNdWrLWffAxUlbW1JSkdt thale-desktop-curve25519`
		`@ -1 +0,0 @@`
			ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDTdOj42XVn1DPRGsUEVyEoMGKG7dn3DbwqMokzj8SrPpD5EirOmPGTGY6ePGu4keKnBpKPGpW7rYw76CD+7g8fg9/I3rBuVcNOexarlMFfDzGhns+DUFq2ruNTyRfdLWUSHNzSV+8u7Z5g23d54gWsgqagPYtK07gg7aPN/QsnEEJnJZUykc3Zy5NUI9+sDhG3gH5JEgJPcnO1Z1Gxm3mkXHyn32Rx7tydNn2Y+zRnga1//6INtf06FuIBjjrENMDThw3x82Knbugt7m2fs6J0Ktk0+LQQmLyAT7+RqCeetjFcsBYXemPs8chxCC6U8QSaUZVH0cDwFWdBFpyLAfy2Ux9ym0D4dyktui3C9ImRtGtor2dzVFR3gWDSd73L8oQ4kHU0mjJSWtQlH7PVNRIZUm2Z9eOXd59HDtE/rLhF2jCGeVEBenogLt69Neeo/0GV7GCxNwL19GUzFjw3pgowuQPXmqVczKS8Na1AUNZI850GM6GxKemR/SxRmEM2vgmm6qbamazOnsMmQfxh35VT+vjCxtx2o3Lr60+mqHNWvcnAF0hP8NH8FIySI7y1ZkPPFy4kUtbPAtPimgCRma2uXXhB6YpSF9oaHLiD1KbcTRrlFZFS4yfSVsNo302PvpoZ4E8bXAUHo8CBwLANSusTL3wnotOeaZ2H/4jX1sl55Q== thale-desktop-rsa
		`@ -1 +0,0 @@`
			`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAVLEQhiLGQa72Byq8MApoyvltFodOF/lCen7TBNsdAc thale-laptop-curve25519`
		`@ -1 +0,0 @@`
			ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCQArz4zOe9fGbIfvCdkMFr3W34r1dJFWcpgojGUGVRrlKkFPqvSvtEJEZHtha5EO4TVeoQRE+HiRs582eV9XROYaZTHGVvmzXVOH/l8nCZwEfMsmfRMa0xEd8Uk+7OCWWd0T9e6HrTMve46V2h1iuYs1OZTNV3N0yupCadX1pR6mFqa2wy9MqZlBXa5+3c4HYVe0s3ZomKhg4384oCQ7Vhke4wxxYopgUP1kMJSNtuQ9tS695Z26QnSAtvaO6caO/RUN2bpeWU+utAu2I54p536il8webo/nTugh3PM769ZXLp6zBf9BsNNC5fSMpjA7O2coX9muphQSWRf9QmD+wY/0ymbIb1n/dTnLtwm0tzmBToCABfJF6lyczgL679D750PHnEbwFmjjyGDI1zCZNSqajPJ7tbTW+dRe20TV55DqshOqM2AnlyIn+7RrG84/ovuKdNXOKzuNnnEvhmy048gEWHi3RQP6kzSZevhhECRYhY6rabx8kQyvYx3AoQGFWY9yAvkMi95x7OyhT8aaGdhgydbAEVjJJEA+iiG8sXkDBslJ9/GE0fBKdgW9SR1XwT/IPUUiS/nf5w9SqQeCoWCdOIY4r54h8UBGPG3kWndMIoWS0ptSxBixFu3kkE44H8c6wjo7uHMFVNyRaBb80NpZf89lgavnT2cXbKSqKEw== thale-laptop-rsa
		`@ -1 +0,0 @@`
			`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICgqeosFeqdDoLZ2rRaFrtXlhS3qLC6/1z2lqrtlFk27 thale-phone-curve25519`
		`@ -1 +0,0 @@`
			ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDmtVMgc09oGNwExmhUDf5Qf49LVR5x3ynaWqVETnn5SYIvLkY/Uo1OSA/wxR7afn+dnUwEEp4QT1LCO08enINLa/+SFxkceESxuRWcWqUrlZNLsocF2uWDqWAUQUVlB/o3iO8z8v8bHPTt0XjEyfQz1EFzGmRF7iUMEKKnSSyX7yiP7EAsQgs8pb8mvVtQCj+0zDjbfjmiE8pF9P4nNzsSi2rVduXLLDvH9AvNmW/EiIxDyb8LzMxCMdIK/OYugXFRYfExQbWpYEORFRMphRq8MPgCon7kW2DmyIMNBiHXSyapDFy0m3U3+iqy0d1A6bKQxNKKQP2FG91sTCwtcuhYxZ3Ak6Ee3PE1kRKAmVI3FCGcfQUp8Y8wYqMwHHuXnJQGBsqppCCtuQjCiszyburXE5mvps++61PdMtWfgSCrZOTx+yJCaabIzwBCwKuzZUGiZwfkYbSniPRq/j//SEQxOOd3pjWHSnimg+maTrzXOWEt+D4CzYZzS2izBxECPPxgnuaOP14/GIDHOhqJvD0mR6bfidBVpsYGELRbUs9HG2SDFmmNZij3l3dt4b3nW++V5aUypc94PIB3utDgUbhXOLePf9l3p+ShWe0OWw5aEen8ow18F9pVx/Lfru3vr8YUWJp6zqZO09pUWiinC9xEXwwz0olzRfqZ5e4Eec+CjQ== thale-phone-rsa