Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- This is the valid yaml for the article given here...
- https://www.howtoforge.com/tutorial/setup-new-user-and-ssh-key-authentication-using-ansible/
- Copy and paste everything between the cut lines, ready for Ansible usage.
- ---------8<---------8<---------8<---------8<---------8<---------8<---------8<---------8<---------8<---------
- ---
- -
- hosts: all
- vars:
- -
- provision_password: '$6$w9S3t7x1kRtmG0u$6nVU9KZsC12Q8DYI4FtgKPy.e/cq/jseB/.DViTO1SpUnoCy.dxcOf8hyfitGq5V0yhgXccxzlqm2o.I3SlDJ0'
- gather_facts: false
- remote_user: root
- tasks:
- -
- name: "Add a new user named provision"
- user: "name=provision password={{ provision_password }}"
- -
- copy:
- content: "provision ALL=(ALL) NOPASSWD: ALL"
- dest: /etc/sudoers.d/provision
- name: "Add provision user to the sudoers"
- -
- authorized_key: "user=provision key=\"{{ lookup('file', '/home/provision/.ssh/id_rsa.pub') }}\" state=present"
- name: "Deploy SSH Key"
- -
- lineinfile: "dest=/etc/ssh/sshd_config regexp='^PasswordAuthentication' line=\"PasswordAuthentication no\" state=present backup=yes"
- name: "Disable Password Authentication"
- notify:
- - "restart ssh"
- -
- lineinfile: "dest=/etc/ssh/sshd_config regexp='^PermitRootLogin' line=\"PermitRootLogin no\" state=present backup=yes"
- name: "Disable Root Login"
- notify:
- - "restart ssh"
- handlers:
- -
- name: "restart ssh"
- service: "name=sshd state=restarted"
- ---------8<---------8<---------8<---------8<---------8<---------8<---------8<---------8<---------8<---------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement