community.general.ssh_config module – Manage SSH config for user

Note

This module is part of the community.general collection (version 5.4.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install community.general.

To use it in a playbook, specify: community.general.ssh_config.

New in version 2.0.0: of community.general

Synopsis

  • Configures SSH hosts with special IdentityFiles and hostnames.

Requirements

The below requirements are needed on the host that executes this module.

  • StormSSH

Parameters

Parameter

Comments

forward_agent

boolean

added in 4.0.0 of community.general

Sets the ForwardAgent option.

Choices:

  • no

  • yes

group

string

Which group this configuration file belongs to.

If none given, user is used.

host

string / required

The endpoint this configuration is valid for.

Can be an actual address on the internet or an alias that will connect to the value of hostname.

hostname

string

The actual host to connect to when connecting to the host defined.

identity_file

path

The path to an identity file (SSH private key) that will be used when connecting to this host.

File need to exist and have mode 0600 to be valid.

port

string

The actual port to connect to when connecting to the host defined.

proxycommand

string

Sets the ProxyCommand option.

remote_user

string

Specifies the user to log in as.

ssh_config_file

path

SSH config file.

If user and this option are not specified, /etc/ssh/ssh_config is used.

Mutually exclusive with user.

state

string

Whether a host entry should exist or not.

Choices:

  • present ← (default)

  • absent

strict_host_key_checking

string

Whether to strictly check the host key when doing connections to the remote host.

Choices:

  • yes

  • no

  • ask

user

string

Which user account this configuration file belongs to.

If none given and ssh_config_file is not specified, /etc/ssh/ssh_config is used.

If a user is given, ~/.ssh/config is used.

Mutually exclusive with ssh_config_file.

user_known_hosts_file

string

Sets the user known hosts file option.

Notes

Note

  • Supports check mode.

Examples

- name: Add a host in the configuration
  community.general.ssh_config:
    user: akasurde
    host: "example.com"
    hostname: "github.com"
    identity_file: "/home/akasurde/.ssh/id_rsa"
    port: '2223'
    state: present

- name: Delete a host from the configuration
  community.general.ssh_config:
    ssh_config_file: "{{ ssh_config_test }}"
    host: "example.com"
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

hosts_added

list / elements=string

A list of host added.

Returned: success

Sample: [“example.com”]

hosts_change_diff

list / elements=string

A list of host diff changes.

Returned: on change

Sample: [{“example.com”: {“new”: {“hostname”: “github.com”, “identityfile”: [“/tmp/test_ssh_config/fake_id_rsa”], “port”: “2224”}, “old”: {“hostname”: “github.com”, “identityfile”: [“/tmp/test_ssh_config/fake_id_rsa”], “port”: “2224”}}}]

hosts_changed

list / elements=string

A list of host changed.

Returned: success

Sample: [“example.com”]

hosts_removed

list / elements=string

A list of host removed.

Returned: success

Sample: [“example.com”]

Authors

  • Björn Andersson (@gaqzi)

  • Abhijeet Kasurde (@Akasurde)