0

I am trying to create rsa and copy to other remote machines so that test[0] is able to ssh into test[1] and test[2]

My inventory file

[ test ]
10.100.0.1
10.100.0.2
10.100.0.3

I want to create a rsa token on 10.100.0.1 as root user and copy the public key to /home/centos/.ssh/authorized_keys as root user to 10.100.0.2 and 10.100.0.3.

How can this be achieved using ansible. All the 3 instances are AWS -ec2 centos 7 machines. I want the code to be dynamic and not hard-coded ips.

I am unable to proceed further.

- name: Generate /etc/ssh RSA host key
  command: ssh-keygen -q -t rsa -f /root/.ssh/id_rsa -N ""
    args:
      creates: /root/.ssh/vid_rsa
    run_once: True
mdaniel
  • 31,240
  • 5
  • 55
  • 58
user6826691
  • 1,813
  • 9
  • 37
  • 74
  • 1
    Duplicate [Ansible authorized copy from remote source to remote destination](https://devops.stackexchange.com/questions/6789/ansible-authorized-copy-from-remote-source-to-remote-destination/) – Vladimir Botka Apr 09 '19 at 21:14

1 Answers1

1

You'll ideally want to separate out the "master" instance from the rest of them, since not all [test] machines are alike, but thankfully one can use the array notation to indicate the first machine.

Then, you'll just want to inject the public key as a "fact" into the first member of test, and retrieve that fact later across all members of test.

- hosts: test[0]
  tasks:
  - name: generate ssh key
    command: ssh-keygen etc etc
  - name: grab the public key
    command: cat /root/.ssh/id_rsa.pub
    register: the_pub_key

- hosts: test
  tasks:
  - name: install the public key
    authorized_key:
      key: '{{ hostvars[test0].the_pub_key }}'
      user: root  # or whatever
    vars:
      test0: '{{ groups.test[0] }}'

If you wish to omit the authorized_key on test[0] itself, you can use an appropriate when: clause to skip it.

Studying the source to kubespray will surface all kinds of tricks like this one.

mdaniel
  • 31,240
  • 5
  • 55
  • 58