Douglas Garstang wrote: >>> http://docs.reductivelabs.com/references/stable/type.html#sshkey > > WHat about known_hosts???
For /etc/ssh/ssh_known_hosts, using exported resources is quite handy: http://reductivelabs.com/trac/puppet/wiki/ExportedResources Something like: # Collect ssh keys and add them to /etc/ssh/ssh_known_hosts case $sshrsakey { '': { alert("No sshrsakey found for $fqdn") } default: { @@sshkey { $fqdn: alias => [$hostname, $ipaddress], key => $sshrsakey, type => rsa, } } } Sshkey <<||>> Note that until http://projects.reductivelabs.com/issues/2014 is fixed, you might also want to use a file resource to make the known hosts file readable by non-root users: file { "/etc/ssh/ssh_known_hosts": mode => 644, } -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ An optimist believes we live in the best of all possible worlds. A pessimist is sure of it!
pgpHAr1uqnLtI.pgp
Description: PGP signature
