Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixed key permissions #332

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Fixed key permissions #332

wants to merge 1 commit into from

Conversation

jmtx1020
Copy link

@jmtx1020 jmtx1020 commented Feb 28, 2024
edited
Loading

Before this fix, we'd be copying the entire ssh_private_keys directory from the role root path into ~/.ssh with the user and group being set to root:root.

This was problematic as tools like git don't look recursively through the directory. The key files need to be at the root of ~/.ssh.

This sets the file permissions on the keys and user/group ownership before copying them into ~/.ssh(while preserving corrected permissions). Thus enabling us to pull roles from private repositories from our requirements.yaml.

With the below config:

provisioner:
  ssh_known_hosts: ["github.com"]
  name: ansible_playbook
  roles_path: .
  additional_ssh_private_keys:
  - "/Users/username/.ssh/id_ed25519"

Preview:

ubuntu@base-kitchen:~/.ssh$ ls -alh
total 20K
drwx------ 2 ubuntu ubuntu 4.0K Feb 28 02:46 .
drwxr-x--- 5 ubuntu ubuntu 4.0K Feb 28 02:46 ..
-rw------- 1 ubuntu ubuntu  381 Feb 28 02:46 authorized_keys
-rw------- 1 ubuntu ubuntu  411 Feb 28 02:46 id_ed25519
-rw-rw-r-- 1 ubuntu ubuntu  828 Feb 28 02:46 known_hosts

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@jmtx1020