Adding an Ansible Service Account User to vRealize Operations
Connect to the vRealize Operations appliance via the console. Out of the box on an 8.6.3 appliance, the /etc/ssh/sshd_conf file is set to PermitRootLogin yes (line 32, not commented out) and PermitRootLogin no (line 128, not commented out). Since the line disabling root login occurs further down, it will win and root will not be able to login to SSH.
Type the following command to add a service account user, create a password, and add to the wheel group (this is necessary for SSH authentication). I am using the account svc-ansible as the service account.
useradd svc-ansible passwd svc-ansible usermod -G wheel svc-ansible
This should prompt for a password and a confirmation.
Copy the SSH Public Key to vRealize Operations
On the vRealize Operations appliance, while still connected to the console, type the following to enable the SSH service (if needed).
systemctl start sshd.service
On the Ansible Controller node, log in as the Ansible account you will use to run Playbooks. Type the following command to copy the public key to vRealize Operations. If this is the first time connecting to the SSH host, it will likely present a test of authenticity. Ensure the fingerprint presented represents the SSH host before continuing in a production environment.
ssh-copy-id <user name>@<host name>
At this point, a separate account from which to run Ansible Playbooks utilizing SSH Public Key authentication has been setup on vRealize Operations.