New in version 2.8.
none
is returned for key_is_consistent
.select_crypto_backend
)The below requirements are needed on the host that executes this module.
Parameter | Choices/Defaults | Comments |
---|---|---|
passphrase
string
|
The passphrase for the private key.
|
|
path
path
/ required
|
Remote absolute path where the private key file is loaded from.
|
|
return_private_key_data
boolean
|
|
Whether to return private key data.
Only set this to
yes when you want private information about this key to leave the remote machine.WARNING: you have to make sure that private key data isn't accidentally logged!
|
select_crypto_backend
string
|
|
Determines which crypto backend to use.
The default choice is
auto , which tries to use cryptography if available, and falls back to pyopenssl .If set to
pyopenssl , will try to use the pyOpenSSL library.If set to
cryptography , will try to use the cryptography library. |
See also
- name: Generate an OpenSSL private key with the default values (4096 bits, RSA)
openssl_privatekey:
path: /etc/ssl/private/ansible.com.pem
- name: Get information on generated key
openssl_privatekey_info:
path: /etc/ssl/private/ansible.com.pem
register: result
- name: Dump information
debug:
var: result
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
can_load_key
boolean
|
always |
Whether the module was able to load the private key from disk
|
can_parse_key
boolean
|
always |
Whether the module was able to parse the private key
|
key_is_consistent
boolean
|
always |
Whether the key is consistent. Can also return
none next to yes and no , to indicate that consistency couldn't be checked.In case the check returns
no , the module will fail. |
private_data
dictionary
|
success and when return_private_key_data is set to yes |
Private key data. Depends on key type.
|
public_data
dictionary
|
success |
Public key data. Depends on key type.
|
public_key
string
|
success |
Private key's public key in PEM format
Sample:
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8A...
|
public_key_fingerprints
dictionary
|
success |
Fingerprints of private key's public key.
For every hash algorithm available, the fingerprint is computed.
Sample:
{'sha256': 'd4:b3:aa:6d:c8:04:ce:4e:ba:f6:29:4d:92:a3:94:b0:c2:ff:bd:bf:33:63:11:43:34:0f:51:b0:95:09:2f:63', 'sha512': 'f7:07:4a:f0:b0:f0:e6:8b:95:5f:f9:e6:61:0a:32:68:f1...
|
type
string
|
success |
The key's type.
One of
RSA , DSA , ECC , Ed25519 , X25519 , Ed448 , or X448 .Will start with
unknown if the key type cannot be determined.Sample:
RSA
|
Hint
If you notice any issues in this documentation you can edit this document to improve it.