On Thu, 2012-08-30 at 09:42 -0400, Eric Shamow wrote: > On Thursday, August 30, 2012 at 9:41 AM, Sandra Schlichting wrote: > > > Hi, > > > > I would like to write a class that can copy /root/.ssh/id_dsa from node A > > to node B. > > > > > > The puppet master can login to node B without passphrase and append a key > > > > cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys' > > > > So the question is how to copy /root/.ssh/id_dsa.pub from node A to the > > puppet master and then push it to node B?
> On the run so no time to write up a quick example - but take a look at > exported resources. There's a design patterns page -- > > http://docs.puppetlabs.com/guides/exported_resources.html > > These are designed to do what you're looking for. Exported resources can do most of what you want, but there's still one key problem that they don't solve: Getting the ssh public key (/root/.ssh/id_rsa.pub or whatever) from the node to the puppet master. The only solution that I've seen for this so far is to write a custom fact which would read the key from root/.ssh/id_rsa.pub and store it in a variable like $root_ssh_id_rsa_pub or something - but that requires that you run puppet twice! First to generate the key, then second to read the key from the fact and publish the exported resource. Does anyone have any better ideas? I currently have a really nasty hack with a generator script that runs on the puppet master, which works, but is a bit fragile - and will fail if I ever want to scale to multiple puppet masters. It looks like this: https://gist.github.com/3531206 -- Calvin Walton <calvin.wal...@kepstin.ca> -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
