authorized_key - Adds or removes an SSH authorized key

Author:Brad Olson

Synopsis

Adds or removes authorized keys for particular user accounts

Options

parameter required default choices comments
key yes
    The SSH public key, as a string
    key_options no
      A string of ssh key options to be prepended to the key in the authorized_keys file (added in Ansible 1.4)
      manage_dir no yes
      • yes
      • no
      Whether this module should manage the directory of the authorized key file. If set, the module will create the directory, as well as set the owner and permissions of an existing directory. Be sure to set manage_dir=no if you are using an alternate directory for authorized_keys, as set with path, since you could lock yourself out of SSH access. See the example below. (added in Ansible 1.2)
      path no (homedir)+/.ssh/authorized_keys
        Alternate path to the authorized_keys file (added in Ansible 1.2)
        state no present
        • present
        • absent
        Whether the given key (with the given key_options) should or should not be in the file
        user yes
          The username on the remote host whose authorized_keys file will be modified

          Examples


          # Example using key data from a local file on the management machine
          - authorized_key: user=charlie key="{{ lookup('file', '/home/charlie/.ssh/id_rsa.pub') }}"
          
          # Using alternate directory locations:
          - authorized_key: user=charlie
                            key="{{ lookup('file', '/home/charlie/.ssh/id_rsa.pub') }}"
                            path='/etc/ssh/authorized_keys/charlie'
                            manage_dir=no
          
          # Using with_file
          - name: Set up authorized_keys for the deploy user
            authorized_key: user=deploy
                            key="{{ item }}"
            with_file:
              - public_keys/doe-jane
              - public_keys/doe-john
          
          # Using key_options:
          - authorized_key: user=charlie
                            key="{{ lookup('file', '/home/charlie/.ssh/id_rsa.pub') }}"
                            key_options='no-port-forwarding,host="10.0.1.1"'