Ansible User

I use Ansible to manage my home network. It helps automate repetitive computer tasks, making it easier to repeat the process of setting up and managing computers.

I like to create a specific ansible user on the remote host computer so that Ansible can do its thing. Additionally, Ansible requires ssh access to the computer, and since Ansible will not work without a remote user, it is a manual task I find myself doing a bit.

The process includes creating a remote user, copying the ansible public SSH key to the remote machine, and update ~./ssh/config to alias the Ansible user for easier login.

1. Create Remote User

First, we need to create the Ansible user on the remote machine by SSH’ing into the remote machine with an existing user, adding the ansible user, and exiting from the SSH session.

ssh <existing_user>@<computer>

sudo adduser ansible

exit

2. Copy SSH Public Keys

Next, we need to copy the ansible SSH public key into the authorized_keys of the remote computer to allow passwordless login with the SSH private/public keys. We can do this by utilising the ssh-copy-id command and ensuring the file permissions are set correctly on the remote computer.

ssh-copy-id -p 2222 -f -i ~/.ssh/ansible.pub ansible@<computer>

ssh -p 2222 -i ~/.ssh/ansible.pub ansible@<computer> "chmod 700 .ssh; chmod 640 .ssh/authorized_keys"

3. Alias Ansible in SSH Config

The final step is to update .shh/config to alias the ansible user and remote computer in the SSH config file so we do not need to use the port and identity flags when SSH’ing in.

#-- ~./ssh/config

... existing code ...

Host <computer>
 HostName <computer>
 IdentityFile ~/.ssh/ansible
 User ansible
 Port 2222

... existing code ...

4.Login Test

Now we should be able to test the setup by logging into the remote machine using a passwordless ssh connection.

ssh ansible@<computer>