1 |
I am currently trying to slim down and minimize my own few machines. |
2 |
|
3 |
Way too much customer servers out there so I'd like to keep it simple in |
4 |
here at least. |
5 |
|
6 |
This lead me to configuring and provisioning my machines via ansible. |
7 |
|
8 |
The goals: |
9 |
|
10 |
* make sure that my user exists |
11 |
* roll out configs/dotfiles/git-repos/home-dir |
12 |
* maybe roll out some system-configs as well (systemd-units, timers) / |
13 |
... separate ansible-role, OT here |
14 |
|
15 |
etc |
16 |
|
17 |
I have set up and maintained quite a list of bash-aliases to access my |
18 |
customer-servers in daily work. |
19 |
|
20 |
Something like: |
21 |
|
22 |
alias abcd-server='ssh -p 51023 174.183.26.11' # demo only |
23 |
|
24 |
This is based on ssh-pubkey-authentication, sure. |
25 |
|
26 |
My questions: |
27 |
|
28 |
* if I have a user X on each machine, should each userX@machine have its |
29 |
own ssh-pubkey? Or is it OK to roll out the same ~/.ssh to all machines? |
30 |
|
31 |
* same q for ~/.gnupg ... |
32 |
|
33 |
I can deploy the pubkeys to the servers via ansible, sure. |
34 |
But I would like to keep it simple. stupid. |
35 |
|
36 |
;) |