I've gotten Puppet to distribute server A's public SSH key on some of the
nodes in the network. For password-less login to work, the nodes' host key
must be saved on server A.
Is there a security reason for not automating this process (if possible),
i.e. automating the process of retreiving the nodes' host key and importing
them into server A's know hosts file? And is there a way to get puppet to do
this using the built in types of version 0.24.4 (I know there is a sshkey
type, but I'm not quite sure how this works)?
Regards,
Kenneth Holter
On 9/11/08, Francois Deppierraz <[EMAIL PROTECTED]> wrote:
>
>
> Kenneth Holter wrote:
>
> > But does this resource type manage the distribution of SSH public keys
> > for setup of password-less login? If so, could you please provide a
> > sample code for distributing the SSH public key for a server A?
>
> No, the sshkey type only manages host key (ie. /etc/ssh/ssh_known_hosts).
>
> You can use ssh_authorized_key available since puppet 0.24.5 to do what
> you want.
>
> Example:
>
> ssh_authorized_key{"[EMAIL PROTECTED] on root":
> ensure => present,
> type => "rsa",
> key => "AAAAA.......",
> user => "root",
> }
>
> By the way, you still need a way to generate the SSH key private key
> beforehand.
>
> François
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
