On Fri, Mar 04, 2011 at 09:35:36AM +0000, toneeeda...@googlemail.com wrote:
> Hi Im running on centos 5.5, with the latest puppet from the epel repos. if
> i manually unlock the account i can login fine with ssh keys, so i was
> wondering if its to do with creating a user without a password?
Odd.
I'm trying it here with the following:
[root@centos:~]# cat /etc/redhat-release
CentOS release 5.5 (Final)
[root@centos:~]# cat user.pp
user{ "daisy":
ensure => present,
shell => "/bin/bash",
home => "/home/daisy",
managehome => true,
}
ssh_authorized_key{ "daisyskey":
ensure => present,
type => "ssh-dss",
key => "AAAbiglongkey",
user => "daisy",
}
[root@centos:~]# puppet apply user.pp
notice: /Stage[main]//User[daisy]/ensure: created
notice: /Stage[main]//Ssh_authorized_key[daisyskey]/ensure: created
notice: Finished catalog run in 0.38 seconds
[root@centos:~]# grep daisy /etc/shadow
daisy:!!:15023:0:99999:7:::
So that user is locked, and they now have a key.
Then, from my laptop:
[ben@Paresthesia:~]% ssh -i /Users/ben/.ssh/biglongkey daisy@centos.local
hostname \; id
centos.localdomain
uid=502(daisy) gid=502(daisy) groups=502(daisy)
context=user_u:system_r:unconfined_t
I've not [knowingly anyway] changed the PAM config on my centos machine and it
seems to work just dandily.
--
Ben Hughes || http://www.puppetlabs.com/
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
