|
|
|
|
@ -31,8 +31,8 @@
|
|
|
|
|
createhome: yes
|
|
|
|
|
generate_ssh_key: yes
|
|
|
|
|
shell: /bin/false
|
|
|
|
|
ssh_key_type: rsa
|
|
|
|
|
ssh_key_bits: 2048
|
|
|
|
|
ssh_key_type: ecdsa
|
|
|
|
|
ssh_key_bits: 256
|
|
|
|
|
ssh_key_comment: '{{ item }}@{{ IP_subject_alt_name }}'
|
|
|
|
|
ssh_key_passphrase: "{{ easyrsa_p12_export_password }}"
|
|
|
|
|
state: present
|
|
|
|
|
@ -41,7 +41,7 @@
|
|
|
|
|
|
|
|
|
|
- name: The authorized keys file created
|
|
|
|
|
file:
|
|
|
|
|
src: '/var/jail/{{ item }}/.ssh/id_rsa.pub'
|
|
|
|
|
src: '/var/jail/{{ item }}/.ssh/id_ecdsa.pub'
|
|
|
|
|
dest: '/var/jail/{{ item }}/.ssh/authorized_keys'
|
|
|
|
|
owner: "{{ item }}"
|
|
|
|
|
group: "{{ item }}"
|
|
|
|
|
@ -57,7 +57,7 @@
|
|
|
|
|
template: src=known_hosts.j2 dest=/root/.ssh/{{ IP_subject_alt_name }}_known_hosts
|
|
|
|
|
|
|
|
|
|
- name: Fetch users SSH private keys
|
|
|
|
|
fetch: src='/var/jail/{{ item }}/.ssh/id_rsa' dest=configs/{{ IP_subject_alt_name }}/{{ IP_subject_alt_name }}_{{ item }}.ssh.pem flat=yes
|
|
|
|
|
fetch: src='/var/jail/{{ item }}/.ssh/id_ecdsa' dest=configs/{{ IP_subject_alt_name }}/{{ IP_subject_alt_name }}_{{ item }}.ssh.pem flat=yes
|
|
|
|
|
with_items: "{{ users }}"
|
|
|
|
|
|
|
|
|
|
- name: Change mode for SSH private keys
|
|
|
|
|
|
Jack Ivanov
7 years ago