How to configure Ansible for using TPM-based SSH keys via PKCS11Provider

In order to make use of TPM-based SSH keys in Ansible, you need to configure ansible_ssh_common_args in host_vars or group_vars to point to the PKCS11 provider library.

ansible_user: myuser
ansible_ssh_common_args: '-o PKCS11Provider=/usr/lib/x86_64-linux-gnu/libtpm2_pkcs11.so.1 -o PasswordAuthentication=no'

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow

Buy me a coffee