On Friday, August 31, 2012 8:38:03 AM UTC-5, Sandra Schlichting wrote: > > Err, no. In a well-maintained environment, it should never be necessary >> to manually approve a host key. >> > > I would prefer that too. > > >> Usually you should always distribute all host keys to all clients with >> one of the common @@ssh_key Export/Collect patterns. That is totally >> unrelated to authentication though. >> > > Can it be done without introducing a database? > > I would really like not introduce a database to my puppet master. > > It depends a bit on how you define "database". Certainly you need some kind of data store on the master in which to record the keys you want to distribute. To use exported resources for the job, that data store must be managed by a relational DBMS. If you're willing to put a fair amount of effort into it, however, then you could likely work up something that recorded keys in an hiera-accessible data file, or even in a Puppet manifest file. The Puppet code for * distributing* the keys in this case wouldn't need to be much more complicated, but you'd have that whole custom <something> for managing the keys. John
-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/R3tpZe_ivpYJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
