--- # Create an user and add their SSH public keys - name: Create user {{ user.name }} with no password user: name: "{{ user.name }}" shell: /bin/bash # See https://unix.stackexchange.com/questions/193066/how-to-unlock-account-for-public-key-ssh-authorization-but-not-for-password-aut/193131#193131 password: '*' groups: - sudo append: yes state: present update_password: on_create - name: Add SSH public keys for user {{ user.name }} authorized_key: user: "{{ user.name }}" state: present # we can pass multiple SSH keys, but they must be separated by newlines key: "{{ user.ssh_keys | join('\n') }}" # remove obsolete keys exclusive: yes