This one time, at band camp, Luke Youngblood wrote: >1. Has anyone implemented an authorized_keys distribution system that >uses editfiles rather than copy?
We used to, but it ended up being a pain. >2. Do you think it would be possible to build an authorized_keys file >on the fly if you had each sysadmin's public key as a line in an editfiles >statement? Yes. >3. Taking this even further, could a sysadmin's public key >automatically be copied from their home directory and updated on the master >cfengine repository to be included in an editfiles statement. (This last >action would allow anyone to regenerate their ssh key using ssh-keygen and >have cfengine automatically update all authorized_keys files on all servers >they have access to) if by "automatically" you mean "documented procedure for new staff member", then yes :-) _______________________________________________ Help-cfengine mailing list Help-cfengine@gnu.org http://lists.gnu.org/mailman/listinfo/help-cfengine