Manage users, passwords, and ssh public keys
This project is for internal use. We do not accept Pull Requests and/or new issues.
Role will copy SSH keys and configure sudo to enable secure passwordless access for user which connects to remote host. It also unauthorizes SSH keys from "insecure_keys" directory. Role can reconfigure PAM to enable notifications about failed SSH logins and optionally send slack notifications.
Role is created for internal Sointeractive use. However after some tweaking it can be used on other systems.
Role stores public SSH keys for Sointeractive users. This approach isn't treated as a security breach until private keys are stored in secure places.
Use it in a playbook as follows:
- hosts: all
become: true
roles:
- SoInteractive.users
Have a look at the defaults/main.yml for role variables that can be overridden.