我正在考虑对.ssh/authorized_keys.
我有我的 ansible 脚本,它非常适合在我的服务器上创建我的用户,我只想修改 的权限/home/user,/home/user/.ssh最后/home/user.ssh/authorized_keys因为默认情况下它们不正确。我找不到问题出在哪里。
---
- hosts: all
become: true
tasks:
- name: Creation groupe dev
group:
name: dev
state: present
- name: Creation des utilisateurs
user:
name: "{{ item.path }}"
group: dev
state: present
password: "{{ lookup('password', '/dev/null') |password_hash('sha512') }}"
update_password: on_create
with_filetree: xx_pub_keys/
- name: copie des clés SSH
authorized_key:
user: "{{ item.path }}"
key: "{{ lookup('file', 'xx_pub_keys/' + item.path ) }}"
state: present
with_filetree: xx_pub_keys/
- name: droits repertoires
command:
chmod go-w /home/{{ user.path }} && \
chmod 700 /home/{{ user.path }} && \
chmod 644 /home/{{ user.path }}/.ssh/authorized_keys
- name: "Suppression des users eventuels"
user:
name: "{{ item.path }}"
state: absent
remove: true
with_filetree: xx_pub_remove/
- name: Allow admin users to sudo without a password
lineinfile:
dest: "/etc/sudoers"
state: "present"
regexp: "^%admin"
line: "%admin ALL=(ALL) NOPASSWD: ALL"
- name: restart sshd
service: name=ssh state=restarted ...
所以我在“目录权限”部分尝试了user.path...的item.path简短项目with_items...我不知道...
简而言之,我赞成任何修正。
先感谢您