On Fri, Mar 04, 2011 at 09:35:36AM +0000, toneeeda...@googlemail.com wrote:
> Hi Im running on centos 5.5, with the latest puppet from the epel repos. if > i manually unlock the account i can login fine with ssh keys, so i was > wondering if its to do with creating a user without a password? Odd. I'm trying it here with the following: [root@centos:~]# cat /etc/redhat-release CentOS release 5.5 (Final) [root@centos:~]# cat user.pp user{ "daisy": ensure => present, shell => "/bin/bash", home => "/home/daisy", managehome => true, } ssh_authorized_key{ "daisyskey": ensure => present, type => "ssh-dss", key => "AAAbiglongkey", user => "daisy", } [root@centos:~]# puppet apply user.pp notice: /Stage[main]//User[daisy]/ensure: created notice: /Stage[main]//Ssh_authorized_key[daisyskey]/ensure: created notice: Finished catalog run in 0.38 seconds [root@centos:~]# grep daisy /etc/shadow daisy:!!:15023:0:99999:7::: So that user is locked, and they now have a key. Then, from my laptop: [ben@Paresthesia:~]% ssh -i /Users/ben/.ssh/biglongkey daisy@centos.local hostname \; id centos.localdomain uid=502(daisy) gid=502(daisy) groups=502(daisy) context=user_u:system_r:unconfined_t I've not [knowingly anyway] changed the PAM config on my centos machine and it seems to work just dandily. -- Ben Hughes || http://www.puppetlabs.com/ -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.