1

I have the following task in my ansible playbook that adds my ssh public key for a remote user pranjal that was already created by a previous task.

- authorized_key:
    user: pranjal
    key:  "{{ lookup('file', 'pranjal.pub') }}"

When I run the ansible playbook, it runs successfully. However when I try logging in to the server using: ssh pranjal@<server_ip>

I get a Permission denied (publickey) error.

To be sure I logged into server from another user and double checked that key listed in /home/pranjal/.ssh/authorized_keys matches with my local public key that I am using to login.

The issue that I am guessing here could be a permissions issue and I understood the solution from a related question.

But how do we change permissions of authorized_key from within the Ansible task itself? (So that I don't have to separately log into the instance to modify permissions of .ssh/authorized_keys)

Community
  • 1
  • 1
Pranjal Mittal
  • 10,772
  • 18
  • 74
  • 99

1 Answers1

2
- file: path=/home/pranjal/.ssh state=directory owner=pranjal mode=0700
- file: path=/home/pranjal/.ssh/authorized_keys state=file owner=pranjal mode=0600

You may also want to check/verify /etc/ssh/sshd_config has the following:

PubkeyAuthentication yes

You can debug further by ssh -vvv pranjal@<server_ip>

Jason Noble
  • 3,756
  • 19
  • 21
  • PubKeyAuthentication was already present. File permission changes was what I needed. It works now! Secondly I noticed that just running playbook again didn't register the new file tasks on the same instance, I created new instance and the file tasks worked on that. (Not sure why this happened) – Pranjal Mittal May 17 '16 at 23:48