This one time, at band camp, Luke Youngblood wrote:
>1.     Has anyone implemented an authorized_keys distribution system that
>uses editfiles rather than copy?

We used to, but it ended up being a pain.

>2.     Do you think it would be possible to build an authorized_keys file
>on the fly if you had each sysadmin's public key as a line in an editfiles
>statement?

Yes.

>3.     Taking this even further, could a sysadmin's public key
>automatically be copied from their home directory and updated on the master
>cfengine repository to be included in an editfiles statement.  (This last
>action would allow anyone to regenerate their ssh key using ssh-keygen and
>have cfengine automatically update all authorized_keys files on all servers
>they have access to)

if by "automatically" you mean "documented procedure for new staff member",
then yes :-)


_______________________________________________
Help-cfengine mailing list
Help-cfengine@gnu.org
http://lists.gnu.org/mailman/listinfo/help-cfengine

Reply via email to