RE: Collect public keys from all hosts?

Tue, 09 May 2006 14:23:04 -0700 

Hi,

        here we are using a litle script that use mqseries to send us back 
those keys (u can use email too)
then i had installed a complete host keys distribution based on editfiles. 
there's a directory
on our config server that contains a file by user, this file is a list of 
public keys
and they are appended to the authorized_keys


copy:
     any::
     $(master_data)             dest=$(datadir)
                                r=inf trustkey=true server=$(policyhost)
                                mode=400 type=checksum backup=false purge=true
directories:
        run1::
                        $(HOMEDIR)/bb/.ssh                      owner=bb       
mode=700
files:
          run1::
                        $(HOMEDIR)/bb/.ssh/authorized_keys              
owner=bb       mode=400  action=fixall
editfiles:
        run2::

        { $(HOMEDIR)/bb/.ssh/authorized_keys
        AutoCreate
        AppendIfNoSuchLinesFromFile     "$(datadir)/pubkeys/user1"
        AppendIfNoSuchLinesFromFile     "$(datadir)/pubkeys/user2"
        AppendIfNoSuchLinesFromFile     "$(datadir)/pubkeys/usr3"
        }



sa Banksys nv - Chaussee de Haecht 1442 Haachtsesteenweg - 1130 Brussels - 
Belgium
RPM-RPR Bruxelles-Brussel - TVA-BTW BE 0418.547.872
Bankrekening-Compte Bancaire-Bank Account 310-0269424-44
BIC BBRUBEBB - IBAN BE55 3100 2694 2444

"The information contained in this e-mail and any attachment thereto is 
confidential and may contain information which is protected by intellectual 
property rights.
This information is intended for the exclusive use of the recipient(s) named 
above.
This e-mail does not constitute any binding relationship or offer toward any of 
the addressees.
If you are not one of the addressees , one of their employees or a proxy holder 
entitled to hand over this message to the addressee(s), any use of the 
information contained herein (e.g. reproduction, divulgation, communication or 
distribution,...) is prohibited.
If you have received this message in error, please notify the sender and 
destroy it immediately after.
The integrity and security of this message cannot be guaranteed and it may be 
subject to data corruption, interception and unauthorized amendment, for which 
we accept no liability."


_______________________________________________
Help-cfengine mailing list
[email protected]
http://cfengine.org/mailman/listinfo/help-cfengine

Reply via email to