ssh-key-exists
Example:
# Create an ssh key with empty password for the current user. - ssh-key-exists: path: /home/markus/.ssh/id_rsa
Description
Ensures an ssh key exists for a user.
If the ssh key already exists, the password argument is ignored.
Variables
| Name | Type | Default | Description |
|---|---|---|---|
|
integer | 4096 | The number of bits in the key to create. |
|
string | ed25519 | The type of key to create. |
|
string | -- | The password to unlock the key (only used if key doesn't exist already). |
|
string | ~/.ssh/id_ed25519 | The absolute path to the private ssh key. The key type token (e.g. rsa) will be added. The path to the public key will be infered (added '.pub'). |
|
string | -- | The name of the ssh key owner. |
Examples
Example 1
Create an ssh key with empty password for the current user.
Code
- ssh-key-exists: path: /home/markus/.ssh/id_rsa
Description
The path needs to be provided as absolute, relative paths won't work (yet).
Example 2
Create an ssh key for the 'admin' user (create user if necessary), use password: 'password123' to encrypt the key.
Code
- ssh-key-exists: path: /home/admin/.ssh/id_rsa user: admin password: password123
Code
doc: short_help: Ensures an ssh key exists for a user. help: | Ensures an ssh key exists for a user. If the ssh key already exists, the password argument is ignored. examples: - title: Create an ssh key with empty password for the current user. desc: | The path needs to be provided as absolute, relative paths won't work (yet). vars: path: /home/markus/.ssh/id_rsa - title: "Create an ssh key for the 'admin' user (create user if necessary), use\ \ password: 'password123' to encrypt the key." vars: path: /home/admin/.ssh/id_rsa user: admin password: password123 args: user: doc: short_help: The name of the ssh key owner. type: string required: false path: doc: short_help: The (absolute!) path (without key_type token) to the (private) ssh key. help: | The absolute path to the private ssh key. The key type token (e.g. rsa) will be added. The path to the public key will be infered (added '.pub'). type: string default: ~/.ssh/id_ed25519 required: true password: doc: short_help: The password to unlock the key (only used if key doesn't exist already). type: string required: false secret: true bits: doc: short_help: The number of bits in the key to create. type: integer default: 4096 cli: param_decls: - --bits - -b key_type: doc: short_help: The type of key to create. type: string allowed: - dsa - ecdsa - ed25519 - rsa default: ed25519 cli: param_decls: - --key-type - -t frecklets: - parent-folder-exists: path: '{{:: path ::}}' owner: '{{:: user ::}}' mode: '0700' - frecklet: name: ssh-key-exists.at.yml type: ansible-tasklist desc: short: 'create ssh key (if necessary): {{:: path ::}}' long: | Check if private key file '{{:: path ::}}' exists. If it does, do nothing. If it does not exist, execute command: ssh-keygen -q -t {{:: key_type ::}} -b {{:: bits ::}} -f {{:: path ::}} -C "" -N "{%:: if password ::%}<secret password>{%:: endif ::%}" This will create 2 files: - {{:: path ::}} (private key) - {{:: path ::}}.pub (public key) references: ssh-keygen man page: https://man.openbsd.org/ssh-keygen ssh primer: https://frkl.io/blog/ssh-primer/ vars: __path_to_ssh_key__: '{{:: path ::}}' __ssh_key_use_become__: '{{:: user | false_if_empty ::}}' __ssh_key_user__: '{{:: user ::}}' __key_type__: '{{:: key_type ::}}' __bits__: '{{:: bits ::}}' __key_password__: '{{:: password ::}}' # - frecklet: # name: shell # type: ansible-module # # # vars: # free_form: 'ssh-keygen -q -t {{:: key_type ::}} -b {{:: bits ::}} -f {{:: path ::}}{{:: key_type ::}} -C "" -N "{{:: password ::}}"' # creates: "{{:: path ::}}"
frecklecute ssh-key-exists --help Usage: frecklecute ssh-key-exists [OPTIONS] Ensures an ssh key exists for a user. If the ssh key already exists, the password argument is ignored. Options: -b, --bits BITS The number of bits in the key to create. -t, --key-type KEY_TYPE The type of key to create. --password PASSWORD The password to unlock the key (only used if key doesn't exist already). --path PATH The (absolute!) path (without key_type token) to the (private) ssh key. --user USER The name of the ssh key owner. --help Show this message and exit.
# -*- coding: utf-8 -*- # # module path: pycklets.ssh_key_exists.SshKeyExists # from dataclasses import dataclass from pyckles import AutoPycklet from typing import * # noqa @dataclass class SshKeyExists(AutoPycklet): """Ensures an ssh key exists for a user. If the ssh key already exists, the password argument is ignored. Args: bits: The number of bits in the key to create. key_type: The type of key to create. password: The password to unlock the key (only used if key doesn't exist already). path: The (absolute!) path (without key_type token) to the (private) ssh key. user: The name of the ssh key owner. """ FRECKLET_ID = "ssh-key-exists" bits: int = None key_type: str = None password: str = None path: str = None user: str = None def __post_init__(self): super(SshKeyExists, self).__init__(var_names=["bits", "key_type", "password", "path", "user"]) frecklet_class = SshKeyExists
# -*- coding: utf-8 -*- # # module path: pycklets.ssh_key_exists.SshKeyExists # from pyckles import AutoPycklet class SshKeyExists(AutoPycklet): """Ensures an ssh key exists for a user. If the ssh key already exists, the password argument is ignored. Args: bits: The number of bits in the key to create. key_type: The type of key to create. password: The password to unlock the key (only used if key doesn't exist already). path: The (absolute!) path (without key_type token) to the (private) ssh key. user: The name of the ssh key owner. """ FRECKLET_ID = "ssh-key-exists" def __init__(self, bits=4096, key_type="ed25519", password=None, path="~/.ssh/id_ed25519", user=None): super(SshKeyExists, self).__init__(var_names=["bits", "key_type", "password", "path", "user"]) self._bits = bits self._key_type = key_type self._password = password self._path = path self._user = user @property def bits(self): return self._bits @bits.setter def bits(self, bits): self._bits = bits @property def key_type(self): return self._key_type @key_type.setter def key_type(self, key_type): self._key_type = key_type @property def password(self): return self._password @password.setter def password(self, password): self._password = password @property def path(self): return self._path @path.setter def path(self, path): self._path = path @property def user(self): return self._user @user.setter def user(self, user): self._user = user frecklet_class = SshKeyExists