Scenario:
Based on the [clients] section of the hosts
file do the following:
- Check if the SSH login of user "foo" fails and if yes
- Add SSH keys for user "foo" using authorized_key module
- Assuming that user "foo" already exists on remote machine and SSH public key has already been created on the local (ansible) host
I am aware of this solution using Ansible command line but I would like to be able to put this into a playbook. It's acceptable to make script interactive with user typing in password including sudo.
Right now I figured out how to do what I want using 3-rd party role GROG.authorized-key
but it still requires me to run playbook with -K switch. Is there something in Ansible (beside command line switches) that would only prompt for the password if it is needed?
- hosts: clients
vars:
authorized_key_list:
- name: pdo
authorized_keys:
- key: "{{ lookup('file', '/home/pdo/.ssh/id_rsa.pub') }}"
state: present
roles:
- { role: GROG.authorized-key }